Why should Dynamic and Static analysis scanning of web applications be done before the application goes into a production environment?
A. You can use dynamic analysis scanning only for source code.
B. Everyone understands the value in testing applications before they go to production.
C. Testing your web application during the development lifecycle is the most cost-effective way to fix defects.
D. By its very nature a dynamic analysis scan is dynamic
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Which of the following is a component of Tivoli Endpoint Manager for Core Protection?
A. Patch Management.
B. Managed endpoint software inventory.
C. Web, file, email reputation services.
D. All of the above.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
A client has deployed SourceFire IPS appliances but finds it challenging to keep up with the constant flood of signatures. What is the best IBM Security technology differentiator?
A. The decryptions function in IBM Security Server Sensor.
B. Content Analyzer function in IBM Security IPS appliances.
C. Protocol Analysis Module in IBM Security host, endpoint, and network solutions.
D. IBM Security SecurityFusion Module function in IBM Security SiteProtector.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
A client with a TippingPoint deployment is concerned about the solution's long-term viability. What products should the sales representative prepare to discuss?
A. IBM Security SiteProtector and IBM Security Network IPS.
B. IBM Security SiteProtector and IBM Security Virtual Server Protection.
C. IBM Security SiteProtector and IBM Security Next Generation IPS.
D. Both A and B.
正解:C
質問 5:
Which of the following statements is true about Continuous Compliance?
A. No high-risk periods, lower total cost, continuous improvement.
B. Policy compliance is continuously monitored and enforced at the endpoint; changes are reported immediately.
C. The security team can instantly check on the current state of security and compliance anytime.
D. All of the above.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Which attack vector is primarily identified by web application security scanning solutions?
A. Pattern-based attacks.
B. Denial of Service (DoS).
C. Privileged user violations.
D. SQL Injection
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
米须** -
ギリギリ合格できました。M2150-662試験直前の決定版だね!