IBM
C2150-810 · Question #50
C2150-810 Question #50: Real Exam Question with Answer & Explanation
Sign in or unlock C2150-810 to reveal the answer and full explanation for question #50. The question stem and answer options stay visible for context.
Question
You are reviewing a thick client application and come upon File Injection findings in a function that opens zip files and extracts data from them, but the customer you are working with tells you that the data is sanitized using a method mySanitizer.validateZip(..). You confirm this and decideto remove this vulnerability and other File Injection findings with sanitized data using the Remove functionality of the Trace section in the Filter Editor. What do you need to do in the Trace Rule Entry dialog to ensure that the rule you create applies only to this application's zip extractor and not all File Inclusion findings?
Options
- ASpecify Sink method name.
- BSpecify File Inclusion as Sink property.
- CSpecify File Inclusion as Source property.
- DAdd validateZipO to the Required Calls section.
- EAdd validateZipO to the Prohibited Calls section.
Unlock C2150-810 to see the answer
You've previewed enough free C2150-810 questions. Unlock C2150-810 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.