Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
4Activity
0 of .
Results for:
No results containing your search query
P. 1
Exam 000-139 Preparation Questions

Exam 000-139 Preparation Questions

Ratings:

4.5

(2)
|Views: 48 |Likes:
Published by obama123456
Aonetesting the leading source in certification preparation services, all certification guaranteed study material, question and answers, practice exams and many more at one place. This is a brand which fulfills all the requirements of certification preparation of exams. By Aonetesting 000-139 training kits get 100% results in any certification exams.
Aonetesting the leading source in certification preparation services, all certification guaranteed study material, question and answers, practice exams and many more at one place. This is a brand which fulfills all the requirements of certification preparation of exams. By Aonetesting 000-139 training kits get 100% results in any certification exams.

More info:

Published by: obama123456 on Aug 07, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

05/11/2014

pdf

text

original

 
Made available by Aonetesting.com
 
 
AppScan Standard Edition
For Latest 000-139 Exam Questions and study guides- visit- http://www.Aonetesting.com/000-139.html
 
Question: 1
Which three steps should you take before running a security scan with AppScan? (Choose three.)A. notify application usersB. notify IT and Web Operations teamsC. back up your databaseD. disable employed SMTP server E. ensure only one thread is specified in the AppScan configurationF. ensure that you have specified which reports you want to create
Answer: B, C, DQuestion: 2
Which statement is true about network firewalls preventing Web application attacks?A. Network firewalls cannot prevent attacks because ports 80 and 443 must be open.B. If configured properly, network firewalls can prevent attacks.C. Network firewalls cannot prevent attacks because it is too complex to configure.D. Network firewalls can prevent attacks because they can detect malicious HTTP traffic.
Answer: AQuestion: 3
Which username/passwords combination would NOT be reported as predictable by AppScan?A. admin/adminB. johnr/Na2acrAC. user1/passwordD. johnr/nascar 
Answer: BQuestion: 4
When would you set up a multi-step operation in AppScan?A. when your application requires specific user inputB. when your application requires JavaScript executionC. when your application requires a specific flowD. when your application has two-factor authentication
Answer: CQuestion: 5
What does a Cross-site Scripting vulnerability allow an attacker to do?A. execute a malicious script on the Web server B. change the Web server configurationC. steal a user session tokensD. drop database tables
Answer: CQuestion: 6
AppScan belongs to which category of vulnerability assessment tools?A. Host ScannersB. Network ScannersC. Black-Box ScannersD. White-Box Scanners
Answer: CQuestion: 7
For Latest 000-139 Exam Questions and study guides- visit- http://www.Aonetesting.com/000-139.html
 
What are two reasons why it is recommended that a Web application be scanned in a pre-production environment? (Choose two.)A. to avoid having to notify the application owner B. to improve scan performanceC. to avoid service interruptionD. to obtain more accurate resultsE. to avoid corruption of the production database
Answer: C, EQuestion: 8
What is indicative of Information Leakage vulnerability?A. When the user logs in, hello, username! is displayed.B. The exception call stack is displayed.C. The message incorrect username or password! is displayed.D. The message script error: Please contact the Web site administrator! is displayed.
Answer: BQuestion: 9
In the AppScan Application Data view, what can help you determine if your application was fullyexplored? (Choose two.)A. Visited URLsB. JavaScriptsC. CookiesD. Broken links
Answer: A, DQuestion: 10
AppScan received the following test response: AnError Has OccurredSummary: Syntax error in string in query expression 'userid = ''. Error Message:System.Data.OleDb.OleDbException: Syntax error in string in query expression 'userid = ''. atSystem.Data.OleDb.OleDbCommand.ExecuteCommandTextForSingleResult(tagDBPARAMSdbParams, Object executeResult) at ? Which type of vulnerability does this error message indicate?A. SQL InjectionB. Blind SQL InjectionC. XSSD. Possible Server Path Disclosure Found
Answer: AQuestion: 11
When can an injection type attack occur?A. when the database is set up on a server outside the demilitarized zoneB. when an error message is generated by the Web server C. when user-supplied data is sent to an interpreter as part of a command, query, or dataD. when too many users have ADMIN credentials to the Web server console
Answer: CQuestion: 12
Which statement is true about application-specific vulnerabilities?A. They exist in third-party components and are fixed by applying security patches.B. They are caused by insecure coding and are fixed by modifying the application code.C. They are detected using application security scanners and exist in third-party components.
For Latest 000-139 Exam Questions and study guides- visit- http://www.Aonetesting.com/000-139.html

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->