What are two reasons why it is recommended that a Web application be scanned in a pre-production environment? (Choose two.)A. to avoid having to notify the application owner B. to improve scan performanceC. to avoid service interruptionD. to obtain more accurate resultsE. to avoid corruption of the production database
Answer: C, EQuestion: 8
What is indicative of Information Leakage vulnerability?A. When the user logs in, hello, username! is displayed.B. The exception call stack is displayed.C. The message incorrect username or password! is displayed.D. The message script error: Please contact the Web site administrator! is displayed.
Answer: BQuestion: 9
Answer: A, DQuestion: 10
AppScan received the following test response: AnError Has OccurredSummary: Syntax error in string in query expression 'userid = ''. Error Message:System.Data.OleDb.OleDbException: Syntax error in string in query expression 'userid = ''. atSystem.Data.OleDb.OleDbCommand.ExecuteCommandTextForSingleResult(tagDBPARAMSdbParams, Object executeResult) at ? Which type of vulnerability does this error message indicate?A. SQL InjectionB. Blind SQL InjectionC. XSSD. Possible Server Path Disclosure Found
Answer: AQuestion: 11
When can an injection type attack occur?A. when the database is set up on a server outside the demilitarized zoneB. when an error message is generated by the Web server C. when user-supplied data is sent to an interpreter as part of a command, query, or dataD. when too many users have ADMIN credentials to the Web server console
Answer: CQuestion: 12
Which statement is true about application-specific vulnerabilities?A. They exist in third-party components and are fixed by applying security patches.B. They are caused by insecure coding and are fixed by modifying the application code.C. They are detected using application security scanners and exist in third-party components.
For Latest 000-139 Exam Questions and study guides- visit- http://www.Aonetesting.com/000-139.html