Tag: security

Questions Related to security

Within few minutes after starting the scan you notice that the scan is going very slow and that there are lot of communication errors in the scan log. How will you rectify the problem?
technology security

  1. Increase the no of threads and increase the timeout

  2. Decrease the no of threads and increase the timeout

  3. Increase the no of threads and decrease the timeout

  4. Decrease the no of threads and decrease the timeout

Show answer
Correct Option: B

When do you record a multi step operation?
technology security

  1. When you need to record a particular login sequence

  2. When a particular application process flow needs to be recorded

  3. When you need to configure the in session parameter

  4. When you need to manually explore the application

Show answer
Correct Option: B

Out of 500 urls for your application after the explore stage you observe that appscan could visit only 55 urls. What could be the reason? Select 2
technology security

  1. Appscan could not login to your application

  2. In session identifier was not setup properly

  3. Additional servers and domains were not listed correctly

  4. Reduntant path limit was set to 55

Show answer
Correct Option: A,C

When do you use a multi step operation ?
technology security

  1. When a login sequence needs to be recorded

  2. When a particular application flow needs to be recorded

  3. When in session parameter needs to be defined

  4. When you need to test only a part of your application

Show answer
Correct Option: B

What kind of testing tool is AppScan?
technology security

  1. Black box security testing

  2. White box security testing

  3. Gray box security testing

  4. Blue box security testing

Show answer
Correct Option: A

For a given url -> http://www.example.com/smb.jsp&page=wireless where wireless indicates a unique page how would you configure appscan to test all unique pages?

technology security

  1. Ignore the page parameter

  2. Track the page parameter

  3. Set the redundant path limit to 1

  4. a.Set the depth limit to 1

Show answer
Correct Option: B

What information does difference displayed in the Request / Response tab provide?
technology security

  1. Difference between 2 tests

  2. How appscan modified the original web application page

  3. How appscan constructed the test http request

  4. How the vulnerability was resolved

Show answer
Correct Option: C

During a scan you notice that its running quite slow and there are lot of communication errors in the logs. How would you correct this problem?
technology security

  1. Increase the no of threads and increase the timeout

  2. Decrease the no of threads and decrease the timeout

  3. Increase the no of threads and decrease the timeout

  4. Decrease the no of threads and increase the timeout

Show answer
Correct Option: D

What parameters does Appscan modify when testing a .net webservice?

technology security

  1. POST parameters

  2. SOAP parameters

  3. GET parameters

  4. Cookies

Show answer
Correct Option: B

Cross site scripting vulnerabilities helps an attacker to do what?
technology security

  1. Execute OS commands

  2. Steal user sessions

  3. Execute scripts on the webserver

  4. Manipulate the data in the database

Show answer
Correct Option: B