C2150-139 Exam Details

  • Exam Code
    :C2150-139
  • Exam Name
    :AppScan Standard Edition
  • Certification
    :IBM Certifications
  • Vendor
    :IBM
  • Total Questions
    :52 Q&As
  • Last Updated
    :Jan 09, 2020

IBM C2150-139 Online Questions & Answers

  • Question 21:

    Which defense is most reliable in protecting a Web application from being hacked?

    A. set up an application firewall
    B. use SSL encryption
    C. set up an Intrusion Detection System
    D. write secure code

  • Question 22:

    After scanning your site with AppScan, you notice that your password was changed to 234. What most likely happened?

    A. One of theAppScan tests hacked your account and changed the password.
    B. AppScan followed the Reset Password link.
    C. AppScan submitted the change password form.
    D. Your system admin changed your password during the scan.

  • Question 23:

    What information does difference displayed in the Request / Response tab provide?

    A. the difference between two tests
    B. how the vulnerability was resolved
    C. howAppScan constructed the test HTTP request
    D. how the Web application page has been modified from its previous version

  • Question 24:

    Where can you find details about a test AppScan executed during a scan?

    A. in the Application Data view
    B. in the Request/Response view
    C. in the Original HTTP Traffic view
    D. in the Fix Recommendation view

  • Question 25:

    Your site contains the following URL: http://www.mycompany.com/smb/default.jsp?page=wireless In this URL, the Page parameter defines a unique page. How would you configure AppScan to fully explore this site?

    A. turn off Redundant Path limit
    B. ensure JavaScript Execute is turned on
    C. ignore the Page parameter
    D. track the Page parameter

  • Question 26:

    What is indicative of Information Leakage vulnerability?

    A. When the user logs in, hello, username!is displayed.
    B. The exception call stack is displayed.
    C. The message incorrect username or password!is displayed.
    D. The message script error: Please contact the Web site administrator!is displayed.

  • Question 27:

    Which type of parameters does AppScan manipulate when testing a .Net Web Service

    A. JSON parameters
    B. All custom parameters
    C. SOAP parameters
    D. POST parameters

  • Question 28:

    When can an injection type attack occur?

    A. when the database is set up on a server outside the demilitarized zone
    B. when an error message is generated by the Web server
    C. when user-supplied data is sent to an interpreter as part of a command, query, or data
    D. when too many users have ADMIN credentials to the Web server console

  • Question 29:

    How does an attacker exploit Web application vulnerabilities?

    A. by hacking the firewall
    B. by installing viruses on a usermachineby installing viruses on a user? machine
    C. by sending malicious HTTP requests
    D. by sniffing the traffic between a user and the Web server

  • Question 30:

    Which type of vulnerability allows an attacker to execute a malicious script in a user browser?

    A. Cross-site Scripting
    B. Injection Flaw
    C. Insecure Direct Object Reference
    D. Failure to restrict URL access

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IBM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your C2150-139 exam preparations and IBM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.