Braindumps.C questions

Transcription

1 Braindumps.C questions Number: C Passing Score: 800 Time Limit: 120 min File Version: IBM Security AppScan Source Edition Implementation This is the best VCE I ever made. Try guys and if any suggestion please update this. Modified few questions, fixed few spelling mistakes and typos. Got this vce from my friend who passed with 98%, each and every stuff in it. I am sharing with you guys. Nicely written Questions with many corrections inside. Still valid, Hurry up guys study and pass this one.

2 Exam A QUESTION 1 You want to scan and bundle the results for a Java application and only have access to one machine. Which two components must be installed on that machine to execute a scan and bundle the results? A. AppScan Enterprise Server B. AppScan Source for Analysis C. AppScan Source for Automation D. AppScan Source for Remediation E. AppScan Source for Development E /Reference: : QUESTION 2 When scanning a Java Application, the scan fails with Java errors related to missing components. Which dialog can help fix the compilation issues? A. Filter Dialog B. Project Dependencies C. Scan Rules and Rule Sets D. JSP Project Dependencies /Reference: : QUESTION 3 Which license is required for any AppScan Source deployment? A. IBM Security AppScan Enterprise Server license B. IBM Security AppScan Source Core Server license C. IBM Security AppScan Source for Developer license D. IBM Security AppScan Source for Automation license Correct Answer: A /Reference: : QUESTION 4 In AppScan Source for Analysis, you are configuring a Java web application that contains JSPs. The following is a directory tree for your application:

3 On the JSP Project Dependencies tab. which folder should be selected as the 'Web Context Root'? A. Java B. scripts C. webapp D. resources Correct Answer: A /Reference: : QUESTION 5 Which two methods can be used to resolve Unresolved Include Expressions? A. Adding additional Scan Rules B. Adding additional search and replace rules C. Adding additional PHP Document Roots to the project D. Adding additional source files in the project properties menu E. Adding additional directories that contain PHP include files to the include path E /Reference: : QUESTION 6 Which feature is available in the AppScan Source IDE Plugin? A. Create Custom Rules B. Generate PDF reports C. Create scan configurations D. View Trace Information for a given finding

4 Correct Answer: A /Reference: correct answer. QUESTION 7 You are analyzing a client-server application that has "thick" clients that run on Windows and Android. You come across several Remote Command Execution findings with data originating from several different Sources. The customer you are working with is worried about the developers pushing back on low priority findings, so you need to remove those originating from sources that pose the lowest risk. Which Sources pose the lowest risk? A. SqlDB.getValue(...) B. ZipCrypto.extract(...) C. NativeCode.performOperation(...) D. WebService.performOperation(...) E. RPCHandler.performOperation(...) /Reference: : QUESTION 8 To scan JavaScript included within an ASP.NET application, which additional steps must be completed to ensure these artifacts are scanned? A. Create a C# project type B. Import the Visual Studio Solution C. Build a build.xml file and add it to the application project D. Manually create a JavaScript project type and add it to the application /Reference: : QUESTION 9 When scanning.net assemblies, what is the likely cause of missing line of code information from the findings? A. msdia80.dll is not present and registered on the file system. B. pdb files are not generated and present with complete debug info for each target executable or DLL configured in the scan. C. A valid Visual Studio solution file (.sin) is not present on the file system and in the same directory as the.net assembly files. D. The version of Visual Studio used to develop the application and corresponding projects is not installed in the scanning environment. /Reference:

5 : QUESTION 10 What is the difference between AppScan Source Developer and AppScan Source Remediation licenses? A. AppScan Source for Remediation supports only Visual Studio while AppScan Source for Developer supports both Eclipse and Visual Studio. B. AppScan Source Developer allows you to run scans from CLI, while AppScan Source Remediation allows you only to remediate security issues. C. AppScan Source Developer allows you only to remediate security issues, while AppScan Source Remediation allows you to run scans from within the IDE. D. AppScan Source Developer allows you to run scans from within the IDE, while AppScan Source Remediation allows you only to remediate security issues. Correct Answer: A /Reference: : QUESTION 11 When reviewing an application, you discover methods that are not called directly by the application. Which rule should be applied in order to scan this code? A. Add the method as source. B. Add the method as taint propagator. C. Add the method as tainted call back. D. Add the method as not a validation routine. /Reference: : QUESTION 12 What is the best practice for scanning an Android application? A. Import Workspace, Scan Application B. Install Eclipse IDE, Scan Application C. Add JAVA files manually, Add Dependencies. Scan Application D. Verify build succeeds in Eclipse. Import Workspace, Scan Application /Reference: : QUESTION 13 What can be enabled to scan android.xml manifest files which are not scanned by default when configuring a Java mobile application? A. Scan Rules B. JSP Compiler C. Custom Rules

6 D. Project Dependencies /Reference: : QUESTION 14 Which task allows users to specify a Web Context Root for each generated project using Ounce/Ant? A. ouncecli B. ouncecreateproject C. ounce.project_name D. ounce.build.compiler /Reference: QUESTION 15 You are reviewing an application and come across a method called dosomething() that can be executed by other systems to provide data to the application via this method's parameters. Which type of custom rule do you need to create for AppScan Source to properly capture this data? A. Sink B. Source C. Taint Propagator D. Tainted Callback E. Not Susceptible to Taint /Reference: : QUESTION 16 You are reviewing an application and discover a method called dosomethingq that retrieves and returns data from another system. Which type of custom rule do you need to create for AppScan Source to properly capture this data? A. Sink B. Source C. Taint Propagator D. Tainted Callback E. Not Susceptible to Taint /Reference:

7 : QUESTION 17 You are reviewing an online shopping application and find a lost sink method called combineltemlistsf..,) that is provided by a third-party shopping framework. This method combines two lists of items (provided as arguments) into one. Which type of custom rule do you need to create for this method? A. Sink B. Source C. Taint Propagator D. Tainted Callback E. Not Susceptible to Taint /Reference: right answer. QUESTION 18 How does the "Single virtual call" setting affect scan behavior? A. If set to true, it allows the detection of all virtual functions calls. B. If set to false, it allows the detection of all virtual functions calls. C. If set to true, it allows the taint analysis to follow multiple implementations of a virtual function. D. If set to false, it allows the taint analysis to follow multiple implementations of a virtual function. /Reference: QUESTION 19 You are reviewing a banking application and find a lost sink method called performtransactionf...) that sends requested transaction information (bill payment, funds transfer, etc) to the back-end COBOL application running on IBM System z mainframe that actually moves the money. Which type of custom rule should you create for this method? A. Sink B. Source C. Taint Propagator D. Tainted Callback E. Not Susceptible to taint

8 /Reference: appropriate answer. QUESTION 20 You are reviewing a thick client application and come upon File Injection findings in a function that opens zip files and extracts data from them, but the customer you are working with tells you that the data is sanitized using a method mysanitizer.validatezip{..). You confirm this and decide to remove this vulnerability and other File injection findings with sanitized data using the Remove functionality of the Trace section in the Filter Editor. In which area of the Trace Rule Entry dialog would you add mysanitizer.validatezip(..) method? A. Sink section B. Source section C. Required Calls section D. Prohibited Calls section /Reference: : QUESTION 21 Which view in the Visual Studio IDE Plugin allows a user to focus on results in which they are interested? A. Trace View B. Filters View C. Define Variables View D. Customer Rules View /Reference: QUESTION 22 What is the proper action to take if the attack surface proves to be insufficient? A. Clear any findings from the excluded bundle B. Remove all the filters to maximize the findings C. Perform application profiling to identify any missing sources D. Make sure scan configuration for single virtual call is set to true /Reference: : QUESTION 23 How can a user be prevented from creating new custom rules? A. By deleting the user from AppScan Source

9 B. By deleting the user from AppScan Enterprise C. By updating user permissions in AppScan Source D. By updating user permissions in AppScan Enterprise /Reference: : QUESTION 24 Reports in AppScan Source Edition can be exported in which two formats? A. pdf B. xml C. html D. Microsoft Excel E. Microsoft Word Correct Answer: AB /Reference: : QUESTION 25 Which two AppScan Source components can be used to generate reports? A. AppScan Source for Core B. AppScan Source for Analysis C. AppScan Source for Developer D. AppScan Source for Automation E. AppScan Source for Remediation D /Reference: : QUESTION 26 Which two components are required to install AppScan Enterprise Server with reporting? A. DB2 B. AppScan Standard C. Microsoft SQL Server D. Team Foundation Server E. Internet Information Services Correct Answer: AB /Reference: properly answered.

10 QUESTION 27 Which AppScan component is required to create PBSA rules? A. AppScan Source for Analysis B. AppScan Source for Automation C. AppScan Source for Remediation D. AppScan Source for Development /Reference: : QUESTION 28 You are reviewing a thick client application and come upon File Injection findings in a function that opens zip files and extracts data from them, but the customer you are working with tells you that the data is sanitized using a method mysanitizer.validatezip(..). You confirm this and decide to remove this vulnerability and other File Injection findings with sanitized data using the Remove functionality of the Trace section in the Filter Editor. What do you need to do in the Trace Rule Entry dialog to ensure that the rule you create applies only to this application's zip extractor and not all File Inclusion findings? A. Specify Sink method name. B. Specify File Inclusion as Sink property. C. Specify File Inclusion as Source property. D. Add validatezipo to the Required Calls section. E. Add validatezipo to the Prohibited Calls section. /Reference: QUESTION 29 When scanning a PHP application, what will occur if the PHP Document Root was not specified? A. The source root that was specified in the Project Sources page will be used instead. B. The scan proceeds with scanning zero source files and will thus produce zero findings. C. The scan will immediately fail with an error asking the user to re-run the creation wizard. D. The scan will only produce scan rule or PBSA (pattern based semantic analysis) findings. Correct Answer: A /Reference: QUESTION 30 What are bundles in IBM Security AppScan Source? A. Bundles are groups of filters created in AppScan Source for Analysis. B. Bundles are groups of reports created in AppScan Source for Analysis. C. Bundles are groups of findings created in AppScan Source for Analysis.

11 D. Bundles are groups of findings created in AppScan Enterprise Server and imported to AppScan Source for Analysis. /Reference: : QUESTION 31 Which features are provided by the AppScan Source for Analysis? A. It is used to run scans and upload them to QRadar. B. It is used for report generation and unattended scans. C. It is used by security teams to run scans and build integration. D. It is used to run scans, triage findings and generate filters and reports. /Reference: : QUESTION 32 Which mechanism is used to share filtered results? A. Bundles B. Custom rules C. Pattern library D. Scan configurations /Reference: : QUESTION 33 Where are two places you can open a saved bundle? A. AppScan Standard B. AppScan Enterprise Server C. AppScan Source for Analysis D. AppScan Source for Automation E. AppScan Source for Development E /Reference: well choice of answer. QUESTION 34 Your customer is a small-sized development company. They would like AppScan Source to be used by a security team of 2 people and a development team of 6 people.

12 Which server license would be recommended for this organization? A. AppScan Enterprise Server B. AppScan Source Server Core C. AppScan Source for Automation D. AppScan Enterprise Server Basic Correct Answer: A /Reference: : QUESTION 35 You are reviewing an on-line shopping application and find a lost sink method called retrieveorderf...) that is provided by a third party shopping framework. This method accepts order number and in turn provides all information regarding that order such as items ordered, shipping and billing address, payment type, etc. Which type of custom rule should you create for this method? A. Sink B. Source C. Taint Propagator D. Tainted Callback E. Not Susceptible to Taint /Reference: : QUESTION 36 Which statement is true about AppScan Source's defect tracking system integration? A. It can be used to submit one or more findings in a single defect entry. B. It can be used to submit one or more bundles in a single defect entry. C. It can be used to update finding status in AppScan Source from a defect entry. D. It can be used to submit defects during unattended scans using AppScan Source for Automation. /Reference: QUESTION 37 In order to publish Assessments to AppScan Enterprise Console for the first time, which settings must be configured?

13 A. InAppScan Source settings, in the Application Server preference page B. InAppScan Enterprise Server settings, in the Jazz Team Server preference page C. InAppScan Source settings, in the AppScan Enterprise Console preference page D. InAppScan Enterprise Server settings, in the Microsoft SQL server preference page /Reference: QUESTION 38 When scanning a.net application, an error is reported. AppScan indicates that source information is not available for a given assembly. What must be done to fix the error? A. The.NET application must include manifest data. B. Visual Studio must be configured for Release Mode. C. The PDB file for the given assembly must be included in the source directory. D. AppScan Source for Analysis must be configured to scan assembly project types. /Reference: : QUESTION 39 You are reviewing a cloud storage locker application that is used to store and share user files and backups. You come across Cross-Site Scripting findings with data coming from several different sources. The customer you are working with is just getting started and is looking for highest priority issues only, so you need to focus on those issues that originate from the source that poses the highest risk. Which source poses the highest risk? A. SqIDB.getValueO B. ZipCrypto.extract() C. ConfigXMLgetConfigValue() D. FileUpload.getFileContents() E. TCPNetworkHandler.getByteArray() /Reference: : QUESTION 40 Which two languages can be scanned by the AppScan Source CLI? A. C++ B. Java C. Fortran D. Haskell E. ActionScript

14 Correct Answer: AB /Reference: accurate answer. QUESTION 41 Your customer wants to implement AppScan Source for a small security experts group: two researchers who will be using the tool in their daily routine, often at the same time. Which licenses would you recommend for purchase? A. 1 AppScan Enterprise Server and 1 AppScan Source for Analysis floating user licenses B. 2 AppScan Enterprise Server Basic and 1 AppScan Source for Analysis floating user licenses C. 1 AppScan Enterprise Server Basic and 2 AppScan Source for Analysis authorized user licenses D. 2 AppScan Enterprise Server Basic and 2 AppScan Source for Analysis authorized user licenses /Reference: : QUESTION 42 A file with which file extension is created by the AppScan Source for Development Eclipse plug-in before scanning an Eclipse project? A. epf B. opf C. paf D. ppf Correct Answer: A /Reference: QUESTION 43 You are scanning a thick client application that receives data over a custom TCP/IP protocol provided by the application's framework method AppComm.getReceivedMessage(). Which rule would you create for this method to capture and trace the incoming data? A. Sink B. Source C. Taint Propagator D. Not Susceptible to Taint /Reference: :

15 QUESTION 44 How are safe sources dismissed during the triage process? A. Set all the sinks originated from the safe source to NST. B. Set a Trace filter to remove any findings that originated from the safe source. C. Set a Classification filter to remove any findings that originated from the safe source. D. Set a Vulnerability Type filter to remove any findings that originated from the safe source. /Reference: : QUESTION 45 AppScan Source discovers a finding that contains data flow that ends at a Lost Sink. How will this finding be classified? A. Info B. Suspect C. Definitive D. Scan Coverage /Reference: QUESTION 46 What is the function of the Correlated Security Issues report in AppScan Enterprise? A. It is used by a security expert to investigate complex findings. B. It tracks progress of an application during a specified period of time. C. It displays the correlated issues between static analysis and dynamic analysis. D. It displays the correlated issues between glass box analysis and dynamic analysis. /Reference: QUESTION 47 Which two licenses can be used for AppScan Source IDE plug-ins? A. IBM Security AppScan Source for Quality B. IBM Security AppScan Source for Analysis C. IBM Security AppScan Source for Developer D. IBM Security AppScan Source for Automation E. IBM Security AppScan Source for Remediation D

16 /Reference: : QUESTION 48 What is "Automatic Propagator Markup" advanced setting in Scan Configuration view? A. It marks all sinks as "taint propagators". B. It marks all sources as "taint propagators". C. It marks all lost sinks as "taint propagators". D. It marks all lost sources as "taint propagators". /Reference: QUESTION 49 You just scanned an application with over total 10,000 findings. Many of the findings are in a particular API, which you know is not vulnerable. Without re-scanning the application, what should you do to reduce the number of visible findings in the assessment? A. Create a custom rule. B. Create a custom filter. C. Set the severity of each finding to Info. D. Set the vulnerability type of each finding to null. /Reference: good answer. QUESTION 50 You are reviewing an on-line shopping application and find a lost sink method called generateltemnotfoundmessage() provided by a third-party shopping framework. This method returns a search string that was passed in. prepended with an "item not found" message in English, French or Spanish (depending on user's selection). Which type of custom rule do you need to create for this method? A. Sink B. Source C. Taint Propagator D. Tainted Callback E. Not Susceptible to Taint /Reference: :

17