C2150-810 Exam Questions

In order to publish Assessments to AppScan Enterprise Console for the first time, which settings must be configured?

When scanning a .NET application, an error is reported. AppScan indicates that source information is not available for a given assembly. What must be done to fix the error?

You are reviewing a cloud storage locker application that is used to store and share user files and backups. You come across Cross-Site Scripting findings with data coming from sev...

Which two languages can be scanned by the AppScan Source CLI?

You want to scan and bundle the results for a Java application and only have access to one machine. Which two components must be installed on that machine to execute a scan and bun...

When scanning a Java Application, the scan fails with Java errors related to missing components. Which dialog can help fix the compilation issues?

Which license is required for any AppScan Source deployment?

In AppScan Source for Analysis, you are configuring a Java web application that contains JSPs. The following is a directory tree for your application: On the JSP Project Dependenci...

Which two methods can be used to resolve Unresolved Include Expressions?

Which feature is available in the AppScan Source IDE Plugin?

You are analyzing a client-server application that has "thick" clients that run on Windows and Android. You come across several Remote Command Execution findings with data originat...

To scan JavaScript included within an ASP.NET application, which additional steps must be completed to ensure these artifacts are scanned?

When scanning .NET assemblies, what is the likely cause of missing line of code information from the findings?

What is the difference between AppScan Source Developer and AppScan Source Remediation licenses?

Which two licenses can be used for AppScan Source IDE plug-ins?

What is "Automatic Propagator Markup" advanced setting in Scan Configuration view?

You just scanned an application with over total 10,000 findings. Many of the findings are in a particular API, which you know is not vulnerable. Without re-scanning the application...

When scanning a PHP application, what will occur if the PHP Document Root was not specified?

What are bundles in IBM Security AppScan Source?

Which features are provided by the AppScan Source for Analysis?

Which mechanism is used to share filtered results?

You are reviewing an on-line shopping application and find a lost sink method called generateltemNotFoundMessage() provided by a third-party shopping framework. This method returns...

When reviewing an application, you discover methods that are not called directly by the application. Which rule should be applied in order to scan this code?

What is the best practice for scanning an Android application?

Where are two places you can open a saved bundle?

Your customer is a small-sized development company. They would like AppScan Source to be used by a security team of 2 people and a development team of 6 people. Which server licens...

You are reviewing an on-line shopping application and find a lost sink method called retrieveOrderf...) that is provided by a third party shopping framework. This method accepts or...

Which statement is true about AppScan Source's defect tracking system integration?

What can be enabled to scan android.xml manifest files which are not scanned by default when configuring a Java mobile application?

Which task allows users to specify a Web Context Root for each generated project using Ounce/Ant?

You are reviewing an application and come across a method called doSomething() that can be executed by other systems to provide data to the application via this method's parameters...

You are reviewing an application and discover a method called doSomethingQ that retrieves and returns data from another system. Which type of custom rule do you need to create for...

You are reviewing an online shopping application and find a lost sink method called combineltemListsf..,) that is provided by a third-party shopping framework. This method combines...

Your customer wants to implement AppScan Source for a small security experts group: two researchers who will be using the tool in their daily routine, often at the same time. Which...

A file with which file extension is created by the AppScan Source for Development Eclipse plug-in before scanning an Eclipse project?

You are scanning a thick client application that receives data over a custom TCP/IP protocol provided by the application's framework method AppComm.getReceivedMessage(). Which rule...

How are safe sources dismissed during the triage process?

AppScan Source discovers a finding that contains data flow that ends at a Lost Sink. How will this finding be classified?

What is the function of the Correlated Security Issues report in AppScan Enterprise?

How does the "Single virtual call" setting affect scan behavior?

You are reviewing a banking application and find a lost sink method called performTransactionf...) that sends requested transaction information (bill payment, fundstransfer, etc) t...

You are reviewing a thick client application and come upon File Injection findings in a function that opens zip files and extracts data from them, but the customer you are working...

Which view in the Visual Studio IDE Plugin allows a user to focus on results in which they are interested?

What is the proper action to take if the attack surface proves to be insufficient?

How can a user be prevented from creating new custom rules?

Reports in AppScan Source Edition can be exported in which two formats?

Which two AppScan Source components can be used to generate reports?

Which two components are required to install AppScan Enterprise Server with reporting?

Which AppScan component is required to create PBSA rules?

You are reviewing a thick client application and come upon File Injection findings in a function that opens zip files and extracts data from them, but the customer you are working...