ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 4 question 7 discussion

Actual exam question from Microsoft's SC-100
Question #: 7
Topic #: 4
[All SC-100 Questions]

Your company is developing a new Azure App Service web app.
You are providing design assistance to verify the security of the web app.
You need to recommend a solution to test the web app for vulnerabilities such as insecure server configurations, cross-site scripting (XSS), and SQL injection.
What should you include in the recommendation?

  • A. dynamic application security testing (DAST)
  • B. static application security testing (SAST)
  • C. interactive application security testing (IAST)
  • D. runtime application self-protection (RASP)
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by PlumpyTumbler at Sept. 2, 2022, 4:50 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PlumpyTumbler
Highly Voted 2 years, 4 months ago
Selected Answer: A
https://docs.microsoft.com/en-us/azure/security/develop/secure-develop#test-your-application-in-an-operating-state
upvoted 13 times
...
TJ001
Highly Voted 2 years ago
Perfect Answer A Static for non running code Dynamic for any running code(deployed in the infra) checks
upvoted 5 times
Jacquesvz
1 year, 11 months ago
100%, Well explained 😎👍
upvoted 3 times
...
...
tocane
Most Recent 1 year ago
Selected Answer: C
Azure AD Conditional Access policies applies to users, not to applications. but the question is You need to recommend a solution to prevent users on a specific list of countries from connecting to the applications.
upvoted 1 times
Ramye
1 year ago
Where do you see this choice "You need to recommend a solution to prevent users on a specific list of countries from connecting to the applications." in this question? Could be mixing up with another question?
upvoted 1 times
Ramye
1 year ago
I just noticed you are referring to the next question,,,
upvoted 1 times
...
...
...
rishiraval007
1 year, 2 months ago
To test the Azure App Service web app for vulnerabilities such as insecure server configurations, cross-site scripting (XSS), and SQL injection, you should include in the recommendation: A. Dynamic Application Security Testing (DAST) DAST is a testing methodology that involves examining an application during its running state. It's particularly effective at identifying security vulnerabilities that are present when the application is in operation, such as the ones mentioned (insecure server configurations, XSS, SQL injection). DAST tools interact with the application from the outside, simulating an attacker's perspective, which makes them suitable for identifying these types of vulnerabilities.
upvoted 1 times
...
zellck
1 year, 8 months ago
Selected Answer: A
A is the answer. https://learn.microsoft.com/en-us/azure/security/develop/secure-develop#test-your-application-in-an-operating-state Dynamic application security testing (DAST) is a process of testing an application in an operating state to find security vulnerabilities. DAST tools analyze programs while they are executing to find security vulnerabilities such as memory corruption, insecure server configuration, cross-site scripting, user privilege issues, SQL injection, and other critical security concerns.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel