IBM Security AppScan Standard Edition Implementation v8.7

1.

What is the simplest method of determining the coverage of a scan configuration, without running a full scan?

Run a Manual Explore Run an Automatic Explore Run the Connection Test tool Generate a Delta Analysis Report

2.

Why is it important to define error pages in IBM Security AppScan Standard Edition?

There would be is no way to review failed requests. Web applications deployed to production may have different server settings. This allows IBM Security AppScan Standard Edition to differentiate application errors from server errors. Web applications often use customized error pages that may be hard for IBM Security AppScan Standard Edition to recognize automatically.

3.

Why is it important that error pages are correctly defined?

IBM Security AppScan Standard Edition cannot handle redirection without correctly defined error pages. IBM Security AppScan Standard Edition cannot maintain session state without correctly defined error pages. If IBM Security AppScan Standard Edition understands the application's request is an error, it can more properly pass or fail certain tests. If IBM Security AppScan Standard Edition understands the application's response is an error, it can more properly pass or fail certain tests.

4.

What is the goal of a sidejacking web application attack?

User impersonation User password reset Denial of service against target website Purging of the target website database schema

5.

Which tab contains the button to replicate a test?

Advisory Issue Information Request/Response Fix Recommendation

6.

The scan log shows "out of session" detection and the AppScan keeps failing to re-login to the application during the scan. Then you find the login account is locked out by the system due to multiple fail attempts. How do you resolve this?

Reset the login sequence Reset the in-session pattern Disable the testing login/logout pages Set "Prompt" login method under Login management

7.

Which three finding types can the IBM Security AppScan Standard Edition malware module identify?

Unclassified external links Broken external links Unwanted internal links Malicious external links Unwanted external links

8.

What are the two main functions of the Parameters and Cookie view?

Control the default treatment of parameters and cookies Assign special treatment to specific parameters and cookies Configure parameters and cookies to ignore specific types of files Configure parameters and cookies to ignore certain paths in the application Configure parameters and cookies relevant to tests during the scan, resulting in a faster and moreaccurate scan

9.

Which statement is true about an IBM Security AppScan Standard Edition test policy?

It controls the type of tests that AppScan will use during a scan. It configures the depth of a scan used by AppScan during a scan. It controls the number of pages scanned by AppScan during a scan. It configures the number of explore/test phases that AppScan will use during a scan.

10.

Which log file would be useful in verifying whether or not a particular security test was executed during a test?

Scan log Update log Security log AppScan log

IBM Security AppScan Standard Edition Implementation v8.7

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

COMPANY

Products

OTHERS

Partner

IBM Security AppScan Standard Edition Implementation v8.7

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner