545a7

profilejrsmith91

Answer the following questions about IT

Questions & Answers 


1. How does skipfish categorize findings in the scan report? 


2. Which tool used in the lab is considered a static analysis tool? Explain what is referred to by static code analysis. 


3. What possible high-risk vulnerabilities did the RATS tool find in the DVWA application source code?

4. Did the static analysis tool find all the potential security flaws in the application? 


5. During the manual code review, what do you notice about high.php that makes it less likely to victimize users with XSS reflection, and why is it considered more secure? 


6. Compare and contrast the tools used in this lab with a penetration-testing tool such as WebScarab. 


7. Compare the results of the RATS and skipfish reports you reviewed in the lab.

    • 4 years ago
    • 10
    Answer(2)

    Purchase the answer to view it

    blurred-text
    • attachment
      order_127218_330192.doc
    • attachment
      order_147559_395064.doc

    Purchase the answer to view it

    blurred-text
    NOT RATED
    • attachment
      Solution.docx