Exam 000-139 preparation questions
-
Upload
stuart-broad -
Category
Documents
-
view
219 -
download
0
description
Transcript of Exam 000-139 preparation questions
![Page 1: Exam 000-139 preparation questions](https://reader036.fdocuments.in/reader036/viewer/2022082418/568bd59e1a28ab2034991c2d/html5/thumbnails/1.jpg)
Exam 000-139 study material
Made available by Testkingprep.com
Free 000-139 Exam Preparation Questions
Exam 000-139: AppScan Standard Edition
For Latest 000-139 Exam Questions and study guides- visit- http://www.testkingprep.com/000-139.html
![Page 2: Exam 000-139 preparation questions](https://reader036.fdocuments.in/reader036/viewer/2022082418/568bd59e1a28ab2034991c2d/html5/thumbnails/2.jpg)
For Latest 000-139 Exam Questions and study guides- visit- http://www.testkingprep.com/000-139.html
![Page 3: Exam 000-139 preparation questions](https://reader036.fdocuments.in/reader036/viewer/2022082418/568bd59e1a28ab2034991c2d/html5/thumbnails/3.jpg)
Question:1 Which type of vulnerability allows an attacker to browse files that shouldn be accessible (e.g. *.bak, "Copy of", *.inc, etc.) or pages restricted forWhich type of vulnerability allows an attacker to browse files that shouldn? be accessible (e.g. *.bak, "Copy of", *.inc, etc.) or pages restricted for users with higher privileges? A. Insecure Cryptographic Storage B. Injection Flaw C. Failure to Restrict URL Access D. Insecure Communication
Answer: C Question:2 Which HTTP response codes trigger Application Error vulnerabilities? A. 500 B. 302 C. 403 D. 200
Answer: A Question:3 AppScan reported a large number of idden files, which you know do not exist on your Web server.What is the likely cause? A. You did not define a custom error page. B. AppScan created all these files on the server. C. You did not exclude third-party domains. D. Somebody put the files on the server. Answer: A Question:4 How does an attacker exploit Web application vulnerabilities? A. by hacking the firewall B. by installing viruses on a user machineby installing viruses on a user? machine C. by sending malicious HTTP requests D. by sniffing the traffic between a user and the Web server Answer: C Question:5 Which AppScan report type relates to Sarbanes-Oxley Act, HIPPA and FISMA? A. Compliance B. WASC Threat Classification C. OWASP Top 10 D. Delta Analysis
For Latest 000-139 Exam Questions and study guides- visit- http://www.testkingprep.com/000-139.html
![Page 4: Exam 000-139 preparation questions](https://reader036.fdocuments.in/reader036/viewer/2022082418/568bd59e1a28ab2034991c2d/html5/thumbnails/4.jpg)
Answer: A Question:6 An AppScan test successfully embedded the following lines in an HTTP response header (in bold): HTTP/1.1 200 OK Content-Length: 5710 Connection: close Date: Wed, 07 May 2008 19:36:28 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: lang=Foobar AppScanHeader: AppScanValue/1.2-3 SecondAppScanHeader: whatever; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Which type of vulnerability does this indicate? A. Cross-site Scripting B. XPath Injection C. HTTP Response Splitting D. SQL Injection Answer: C
For Latest 000-139 Exam Questions and study guides- visit- http://www.testkingprep.com/000-139.html
![Page 5: Exam 000-139 preparation questions](https://reader036.fdocuments.in/reader036/viewer/2022082418/568bd59e1a28ab2034991c2d/html5/thumbnails/5.jpg)
For complete Exam 000-139 Training kits and Self-Paced Study Material
Visit:http://www.testkingprep.com/000-139.html
http://www.testkingprep.com/
For Latest 000-139 Exam Questions and study guides- visit- http://www.testkingprep.com/000-139.html