When scanning a PHP application, what will occur if the PHP Document Root was not specified?
A. The scan will immediately fail with an error asking the user to re-run the creation wizard.
B. The scan proceeds with scanning zero source files and will thus produce zero findings.
C. The scan will only produce scan rule or PBSA (pattern based semantic analysis) findings.
D. The source root that was specified in the Project Sources page will be used instead.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
A file with which file extension is created by the AppScan Source for Development Eclipse plug-in before scanning an Eclipse project?
A. opf
B. epf
C. ppf
D. paf
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Which two AppScan Source components can be used to generate reports?
A. AppScan Source for Analysis
B. AppScan Source for Remediation
C. AppScan Source for Automation
D. AppScan Source for Developer
E. AppScan Source for Core
正解:C,D
質問 4:
How can a user be prevented from creating new custom rules?
A. By updating user permissions in AppScan Enterprise
B. By updating user permissions in AppScan Source
C. By deleting the user from AppScan Enterprise
D. By deleting the user from AppScan Source
正解:B
質問 5:
You are reviewing a thick client application and come upon File Injection findings in a function that opens zip files and extracts data from them, but the customer you are working with tells you that the data is sanitized using a method mySanitizer.validateZip(..). You confirm this and decideto remove this vulnerability and other File Injection findings with sanitized data using the Remove functionality of the Trace section in the Filter Editor.
What do you need to do in the Trace Rule Entry dialog to ensure that the rule you create applies only to this application's zip extractor and not all File Inclusion findings?
A. Specify File Inclusion as Sink property.
B. Add validateZipO to the Prohibited Calls section.
C. Add validateZipO to the Required Calls section.
D. Specify File Inclusion as Source property.
E. Specify Sink method name.
正解:A
Aizawa -
さっき受験スコアが届いてました。Pass4Testの問題集のおかげで高得点で受かりました。