C2150-199 by IBM Actual Free Exam Questions And Answers

IBM Security AppScan Standard Edition Implementation v8.7 - C2150-199 Exam Practice Test

Question 1

What information is available when a vulnerability is discovered via traditional dynamic testing (i.e. not via Glassbox testing or JavaScript analysis)?

A. Line number of the affected code

B. Fix recommendation

C. Directory and file location of the affected code

D. Automatic code correction button

Discussion 0

Correct Answer: C Vote an answer

Question 2

A starting URL is http://test_domain1 .com. scan only links in and below this directory is enabled. Test_domain2.com is included in the additional servers and domains in this scan.
What would happen in this situation?

A. Test_domain1 .com will be scanned and test_domain2.com will be scanned only if test_domain1 .com contain links to test domain2.com.

B. Only test_domain2.com will be scanned, because Additional Servers and Domains setting takes precedence.

C. Test_domain1 .com and test_domain2.com will be scanned.

D. Only test_domain1 .com will be scanned, because Scan only links and below this directory takes precedence.

Discussion 0

Correct Answer: A Vote an answer

Question 3

Which type of attack relies on an authenticated user to click a malicious link to perform an unintended action on the target application?

A. Directory traversal

B. Cross-site scripting

C. SQL injection

D. Cross-site request forgery

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 4

What is the goal of a sidejacking web application attack?

A. Purging of the target website database schema

B. User password reset

C. Denial of service against target website

D. User impersonation

Discussion 0

Correct Answer: D Vote an answer

Question 5

A user has recorded a login. AppScan is still reporting an out-of-session error during testing.
What should the user check to correct the issue?

A. That the application server has been identified in the environmental settings

B. That the JavaScript Execution option has been enabled in scan configuration

C. That the login sequence was not recorded via HTTPS

D. That the in-session detection pattern has been identified correctly

Discussion 0

Correct Answer: B Vote an answer

Question 6

Which log file would be useful in verifying whether or not a particular security test was executed during a test?

A. Scan log

B. AppScan log

C. Security log

D. Update log

Discussion 0

Correct Answer: D Vote an answer

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support:

Contact now

Latest Updated

IBM Security AppScan Standard Edition Implementation v8.7 - C2150-199 Exam Practice Test

Contact Us

Useful Links

Latest Updated