EC-Council
312-50V9 · Question #413
312-50V9 Question #413: Real Exam Question with Answer & Explanation
The correct answer is D: Trap door. A secret entry point intentionally created during development and left in production software is called a trap door (backdoor), which bypasses normal authentication controls.
Question
If an e-commerce site was put into a live environment and the programmers failed to remove the secret entry point that was used during the application development, what is this secret entry point known as?
Options
- ASDLC process
- BHoney pot
- CSQL injection
- DTrap door
Explanation
A secret entry point intentionally created during development and left in production software is called a trap door (backdoor), which bypasses normal authentication controls.
Common mistakes.
- A. The SDLC (Software Development Life Cycle) is a project management and development methodology framework, not a type of entry point or vulnerability.
- B. A honeypot is a deliberately exposed decoy system used to detect or study attackers, not a developer-created hidden access mechanism.
- C. SQL injection is an attack technique that manipulates database queries through unsanitized input, not a secret entry point built into application code.
Concept tested. Trap door / backdoor vulnerability in software
Reference. https://csrc.nist.gov/glossary/term/trapdoor
Community Discussion
No community discussion yet for this question.