IBM Security AppScan Source Edition Implementation - C2150-810무료 덤프문제 풀어보기
Which two components are required to install AppScan Enterprise Server with reporting?
정답: A,C
Which mechanism is used to share filtered results?
정답: C
You are reviewing an on-line shopping application and find a lost sink method called retrieveOrderf...) that is provided by a third party shopping framework. This method accepts order number and in turn provides all information regarding that order such as items ordered, shipping and billing address, payment type, etc .
Which type of custom rule should you create for this method?
Which type of custom rule should you create for this method?
정답: E
You are reviewing a thick client application and come upon File Injection findings in a function that opens zip files and extracts data from them, but the customer you are working with tells you that the data is sanitized using a method mySanitizer.validateZip(..). You confirm this and decideto remove this vulnerability and other File Injection findings with sanitized data using the Remove functionality of the Trace section in the Filter Editor.
What do you need to do in the Trace Rule Entry dialog to ensure that the rule you create applies only to this application's zip extractor and not all File Inclusion findings?
What do you need to do in the Trace Rule Entry dialog to ensure that the rule you create applies only to this application's zip extractor and not all File Inclusion findings?
정답: A
What is the proper action to take if the attack surface proves to be insufficient?
정답: C