C2150-810無料問題集「IBM Security AppScan Source Edition Implementation」

質問 1

How are safe sources dismissed during the triage process?

（A）Set a Trace filter to remove any findings that originated from the safe source.

（B）Set all the sinks originated from the safe source to NST.

（C）Set a Vulnerability Type filter to remove any findings that originated from the safe source.

（D）Set a Classification filter to remove any findings that originated from the safe source.

正解：C 解答を投票する

質問 2

You are analyzing a client-server application that has "thick" clients that run on Windows and Android. You come across several Remote Command Execution findings with data originating from several different Sources. The customer you are working with is worried about the developers pushing back on low priority findings, so you need to remove those originating from sources that pose the lowest risk.
Which Sources pose the lowest risk?

（A）SqlDB.getValue(...)

（B）WebService.performOperation(...)

（C）ZipCrypto.extract(...)

（D）RPCHandler.performOperation(...)

（E）NativeCode.performOperation(...)

正解：B 解答を投票する

質問 3

Which features are provided by the AppScan Source for Analysis?

（A）It is used to run scans, triage findings and generate filters and reports.

（B）It is used for report generation and unattended scans.

（C）It is used to run scans and upload them to QRadar.

（D）It is used by security teams to run scans and build integration.

正解：A 解答を投票する

質問 4

You are scanning a thick client application that receives data over a custom TCP/IP protocol provided by the application's framework method AppComm.getReceivedMessage().
Which rule would you create for this method to capture and trace the incoming data?

（A）Taint Propagator

（B）Not Susceptible to Taint

（C）Sink

（D）Source

正解：D 解答を投票する

質問 5

In AppScan Source for Analysis, you are configuring a Java web application that contains JSPs. The following is a directory tree for your application:

On the JSP Project Dependencies tab. which folder should be selected as the 'Web Context Root'?

（A）scripts

（B）webapp

（C）resources

（D）Java

正解：D 解答を投票する

C2150-810 無料問題集「IBM Security AppScan Source Edition Implementation」

弊社を連絡する

関連リンク

トップ試験