Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Which type of vulnerability can occur when a developer exposes a reference to an internal
implementation object, such as a file, directory, database record, or key, as a URL or form
parameter?
A. Cross-site Scripting
B. Insecure Direct Object Reference
C. Injection Flaw
D. Cross Site Request Forgery
Answer: B
QUESTION NO: 2
m
After 30 minutes your scan stops with an out-of-session error. What is a possible cause of this
error?
Answer: B
tua
QUESTION NO: 3
Cookie:
JSESSIONID=dqt0LSnfhdVyTJkCwTwfLQQSkTTGYX9D79tLLpT1yLQjVhSpZKP9!914376523;
customerLanguage=en
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Host: www.ibm.com
Although, there is no indication in the response about the existence of a password file, AppScan
reported vulnerability with the following reasoning:
Global Validation found an embedded script in the response (<script>alert(25053)</script>), which
was probably injected by a previous test.
Answer: A
QUESTION NO: 4
What information does difference displayed in the Request / Response tab provide?
m
B. how the vulnerability was resolved
C. howAppScan constructed the test HTTP request
.co
D. how the Web application page has been modified from its previous version
Answer: C
sts
QUESTION NO: 5
lTe
You are scanning a Web site in a pre-production environment. You notice that your scan is
running very slowly and there are numerous communication errors. What would you do to resolve
tua
the problem?
Answer: B
QUESTION NO: 6
Which type of vulnerability allows an attacker to execute a malicious script in a user browser?
A. Cross-site Scripting
B. Injection Flaw
C. Insecure Direct Object Reference
Answer: A
QUESTION NO: 7
A. They are caused by insecure coding and are fixed by modifying the application code.
B. They are detected using application security scanners and exist in the Web application.
C. They are known vulnerabilities and are fixed by modifying the application code.
D. They exist in third-party components and are fixed by applying security patches.
Answer: D
m
QUESTION NO: 8
Answer: B
tua
QUESTION NO: 9
Ac
QUESTION NO: 10
You are scanning a Web application in a pre-production environment. During your initial
assessment, you notice that some of the links are specified by IP and some by host name. Your
starting URL contains an IP address, http://12.34.56.67/default.jsp. When the scan completes, you
discover that it has not covered a significant portion of your Web application. What could be the
reason?
A. The host name is not added to the list of additional domains and servers.
B. The scan is configured to use only one connection.
C. There is no route to IP 12.34.56.67.
D. You are not licensed to scan IP 12.34.56.67.
m
Answer: A
.co
QUESTION NO: 11
sts
You expect your scan to cover around 500 pages, but instead it covers 55. What are three
possible reasons for this? (Choose three.)
lTe
Answer: B,D,E
QUESTION NO: 12
QUESTION NO: 13
Which Web application operation indicates that the application may be vulnerable to Cross-site
Request Forgery?
A. GETtransferfunds.aspx?sacct=3434dacct=56745formtoken= YUR345
B. GETsendemail.aspx?address=jsmith@dfg.com subject=hello content=
C. GET search.aspx text=ersonal banking
D. GET login.aspx
Answer: B
m
QUESTION NO: 14
D. updates the session token values to ensure that the user is still logged in
Answer: C
tua
QUESTION NO: 15
Ac
Which three steps should you take before running a security scan with AppScan? (Choose three.)
Answer: B,C,D
QUESTION NO: 16
A. Network firewalls cannot prevent attacks because ports 80 and 443 must be open.
B. If configured properly, network firewalls can prevent attacks.
C. Network firewalls cannot prevent attacks because it is too complex to configure.
D. Network firewalls can prevent attacks because they can detect malicious HTTP traffic.
Answer: A
QUESTION NO: 17
A. admin/admin
B. johnr/Na2acrA
m
C. user1/password
D. johnr/nascar
Answer: B
.co
sts
QUESTION NO: 18
lTe
Answer: C
QUESTION NO: 19
Answer: C
A. Host Scanners
B. Network Scanners
C. Black-Box Scanners
D. White-Box Scanners
Answer: C
QUESTION NO: 21
What are two reasons why it is recommended that a Web application be scanned in a
preproduction environment? (Choose two.)
m
A. to avoid having to notify the application owner
B. to improve scan performance
C. to avoid service interruption
.co
D. to obtain more accurate results
sts
E. to avoid corruption of the production database
Answer: C,E
lTe
QUESTION NO: 22
tua
Answer: B
QUESTION NO: 23
In the AppScan Application Data view, what can help you determine if your application was fully
explored? (Choose two.)
A. Visited URLs
B. JavaScripts
Answer: A,D
QUESTION NO: 24
m
dbParams, Object executeResult) at ?
Which type of vulnerability does this error message indicate?
A. SQL Injection
.co
B. Blind SQL Injection
sts
C. XSS
D. Possible Server Path Disclosure Found
lTe
Answer: A
tua
QUESTION NO: 25
Answer: C
QUESTION NO: 26
A. They exist in third-party components and are fixed by applying security patches.
B. They are caused by insecure coding and are fixed by modifying the application code.
Answer: B
QUESTION NO: 27
Answer: C
m
QUESTION NO: 28
.co
Where can you find details about a test AppScan executed during a scan?
sts
Answer: B
Ac
QUESTION NO: 29
A. do not do anything
B. configure theAppScan proxy settings
C. addwww.domain.com to the list of additional domains
D. edit your DNS settings
Answer: C
Which type of vulnerability allows an attacker to browse files that shouldn be accessible (e.g.
*.bak, "Copy of", *.inc, etc.) or pages restricted forWhich type of vulnerability allows an attacker to
browse files that shouldn? be accessible (e.g. *.bak, "Copy of", *.inc, etc.) or pages restricted for
users with higher privileges?
Answer: C
QUESTION NO: 31
m
Which HTTP response codes trigger Application Error vulnerabilities?
A. 500
.co
B. 302
sts
C. 403
D. 200
lTe
Answer: A
tua
QUESTION NO: 32
AppScanreported a large number of idden files, which you know do not exist on your Web server.
Ac
Answer: A
QUESTION NO: 33
Answer: C
QUESTION NO: 34
Which AppScan report type relates to Sarbanes-Oxley Act, HIPPA and FISMA?
A. Compliance
B. WASC Threat Classification
C. OWASP Top 10
D. Delta Analysis
m
Answer: A
.co
QUESTION NO: 35
sts
An AppScan test successfully embedded the following lines in an HTTP response header (in
bold):
lTe
HTTP/1.1 200 OK
Content-Length: 5710
tua
Connection: close
Date: Wed, 07 May 2008 19:36:28 GMT
Ac
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: lang=Foobar
AppScanHeader: AppScanValue/1.2-3
SecondAppScanHeader: whatever; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Which type of vulnerability does this indicate?
A. Cross-site Scripting
Answer: C
QUESTION NO: 36
How can an attacker use the information gained by an SQL debug message?
m
Answer: D
.co
QUESTION NO: 37
sts
Which type of parameters does AppScan manipulate when testing a .Net Web Service
A. JSON parameters
lTe
Answer: C
Ac
QUESTION NO: 38
AppScan identified a Blind SQL Injection vulnerability in your Web application by sending three
requests, all of which modify the searchText parameter in the following way:
Answer: A
QUESTION NO: 39
After scanning your site with AppScan, you notice that your password was changed to 234. What
most likely happened?
A. One of theAppScan tests hacked your account and changed the password.
B. AppScan followed the Reset Password link.
C. AppScan submitted the change password form.
m
D. Your system admin changed your password during the scan.
Answer: C
.co
sts
QUESTION NO: 40
What is the problem with the following session pattern? Good morning, John!
lTe
Answer: B
QUESTION NO: 41
Answer: A
QUESTION NO: 42
A. interact with the Web service methods manually and then runAppScan to send the generated
tests automatically
B. explore the Web service automatically and then manually sends the generated tests one by
one
C. create a Python script for testing the service
D. explore the Web service automatically and then runAppScan to send the generated tests
m
automatically
Answer: A
.co
sts
QUESTION NO: 43
C. the web application, the web server, the web application platform
D. the web application platform, the network layer, the web server
Ac
Answer: C
QUESTION NO: 44
A. SQL Injection
B. XPath Injection
C. Cross-site Scripting
Answer: C
QUESTION NO: 45
Which three actions should you take if your application requires form-based authentication?
(Choose three.)
m
Answer: A,D,E
.co
QUESTION NO: 46
sts
What information does reasoning displayed in the Request / Response tab provide?
lTe
Answer: B
Ac
QUESTION NO: 47
Answer: D
Answer: B
QUESTION NO: 49
Which defense is most reliable in protecting a Web application from being hacked?
m
A. set up an application firewall
B. use SSL encryption
C. set up an Intrusion Detection System
D. write secure code
.co
sts
Answer: D
lTe
QUESTION NO: 50
You notice that when you run your scan, your login account gets locked out. How can you resolve
tua
the issue?
Answer: A
QUESTION NO: 51
Directories containing sensitive files must be hidden from the user. What is the best way to hide
the existence and content of such a directory?
Answer: D
QUESTION NO: 52
Why is it important to encrypt the HTTP traffic for an authenticated connection between a client
m
Answer: B
.co
sts
lTe
tua
Ac