Within few minutes after starting the scan you notice that the scan is going very slow and that there are lot of communication errors in the scan log. How will you rectify the problem?
Increase the no of threads and increase the timeout
Decrease the no of threads and increase the timeout
Increase the no of threads and decrease the timeout
Decrease the no of threads and decrease the timeout
When do you record a multi step operation?
When you need to record a particular login sequence
When a particular application process flow needs to be recorded
When you need to configure the in session parameter
When you need to manually explore the application
Out of 500 urls for your application after the explore stage you observe that appscan could visit only 55 urls. What could be the reason? Select 2
Appscan could not login to your application
In session identifier was not setup properly
Additional servers and domains were not listed correctly
Reduntant path limit was set to 55
When do you use a multi step operation ?
When a login sequence needs to be recorded
When a particular application flow needs to be recorded
When in session parameter needs to be defined
When you need to test only a part of your application
What kind of testing tool is AppScan?
Black box security testing
White box security testing
Gray box security testing
Blue box security testing
For a given url -> http://www.example.com/smb.jsp&page=wireless where wireless indicates a unique page how would you configure appscan to test all unique pages?
Ignore the page parameter
Track the page parameter
Set the redundant path limit to 1
a.Set the depth limit to 1
What information does difference displayed in the Request / Response tab provide?
Difference between 2 tests
How appscan modified the original web application page
How appscan constructed the test http request
How the vulnerability was resolved
During a scan you notice that its running quite slow and there are lot of communication errors in the logs. How would you correct this problem?
What parameters does Appscan modify when testing a .net webservice?
POST parameters
SOAP parameters
GET parameters
Cookies
Cross site scripting vulnerabilities helps an attacker to do what?
Execute OS commands
Steal user sessions
Execute scripts on the webserver
Manipulate the data in the database