Professional Documents
Culture Documents
TEK Oficial L2 Answers
TEK Oficial L2 Answers
Multiple Selection
1. If you want to create a copy of an existing Application Version, what options can you follow:
a. Create a new version selecting “Application State” option
b. Download a FPR from Artifacts using the “Application and Source” button
c. Create a new application version and manually copy/ pasting the vulnerabilities found
d. Create a query and asking the DBA to run it
2. When installing SSC on a SQL Server, there are two requisites related to it:
a. ALLOW_SNAPSHOT_ISOLATION should be enabled
b. READ_COMMITTED_SNAPSHOT should be on
c. READ_COMMITTED_SNAPSHOT should be off
d. ALLOW_SNAPSHOT_ISOLATION should be off
3. Name two reasons why “Interactive Scan” configuration should be selected:
a. CAPTCHA
b. SPA pages
c. 2FA
d. HIPS
4. When using the SCA Visual Studio 2019 plug in on Windows 10 with .Net Framework 4.8, there
is a known issue related to vulnerabilities not showing up, what are the two possible
workarounds:
a. Downgrade to .NetFramework 4.7
b. Uncheck “Optimize rendering for screens with different pixel densities” on Visual
Studio 2019 under Options>Environment
c. Uninstall Visual Studio
d. Modify the Visual Studio configuration files
5. Name some of the general requirements to install WIE on a machine:
a. Windows Server
b. .net Framework
c. IIS
d. Sql Express
e. RHEL 7.x
6. Name some build tools supported by SCA:
a. Bamboo
b. Jenkins
c. Conan
d. Dune
e. Maven
7. Name Single Sign-On versions supported by SSC:
a. SAML 2.0
b. SPNEGO/Kerberos
c. X.509
d. OpenID
8. Select what languages are supported by the CloudScan Sensor during translation
a. Ruby
b. JavaScript
c. Go
d. Cobol
e. Scala
9. On WIE, when checking the Scan Queue it displays the following scan information for each scan
running or waiting to run:
a. Scan Name
b. Date and time the scan was request was created
c. Scan Status
d. Scan IP address
e. Scan expected time to be executed
10. When launching a scan with WI there are some tools or pieces of software that might interfere
with the attacks, select 3:
a. WAF (Web Application Firewall)
b. Antivirus
c. Intrusion detection/ prevention systems
d. Proxy
11. What two options does WI has regarding DB support?
a. SQL Server
b. Oracle
c. MySQL
d. SQLExpress
12. What two parameters would add libraries or dependencies to translate commands
a. -cp
b. -libdirs
c. -libraries
d. -lib
13. What files would you request if a customer reports a problem while scanning a website
a. 00000-00000 folder logs
b. Scan results file (.scan)
c. Traffic monitor
d. Sensor logs
14. What are the two main components of ScanCentral:
a. Controller
b. Client
c. sca
d. SCA
15. Name two methods you can use to upload FPRs to SSC?
a. REST API
b. Fortifyclient
c. FTP
d. Scauploadtolken
16. When WIE is integrated with SSC, the authentication and roles are managed by
a. Authentication is managed by SSC
b. Roles are determined by WIE
c. Roles are taken by SSC
d. Authentication is managed by WIE
17. Does SSC get connected to the following tools
a. Jenkins
b. TFS
c. Maven
d. Gradle
18. When using Maven or Gradle what files are used to determine the build
a. POM xml
b. Make file
c. Ant file
d. Gob.xml
19. SCA can get the following languages translated
a. .net Core
b. Python
c. Go
d. Ruby on Rails
e. Typescript
20. What are some of the steps to upgrade SSC?
a. Generate and run upgrade script on the SSC db
b. Delete ssc.war
c. Delete ssc folder
d. Uninstall SSC