Test information:
Number of questions: 57
Time allowed in minutes: 120
Required passing score: 58%
Languages: English, French, Latin American Spanish, Portuguese (Brazil)
Related certifications:
IBM Certified Solution Advisor – Security Dynamic and Static Applications V2
Section 1 – Application Security (20%)
Given a scenario, differentiate between DAST, SAST, and/or IAST.
Identify key or necessary triage tasks for DAST and SAST.
Given a scenario, demonstrate various reporting tasks.
Given a scenario, explain continuous delivery tasks, i.e., defect tracking, integrating with SDLC.
Identify AppScan Source remediation tasks.
Given a scenario, identify common web application vulnerabilities.
Identify types of external references that AppScan tool provides.
Section 2 – Competitive Analysis (7%)
Identify the competitive position of AppScan from the perspective of the Gartner Magic Quadrant.
Identify the strengths of the AppScan offering.
Identify the benefits of using AppScan tools, rather than their alternatives.
Section 3 – IBM Security Portfolio (10%)
Given a scenario, identify how AppScan fits into the IBM security framework.
Given a scenario, identify how AppScan fits into the IBM mobile security framework.
Section 4 – Software Development Lifecycle (17%)
Identify ways to integrate AppScan into a build process.
Given a scenario, demonstrate ways to integrate AppScan into a build process.
Identify where blackbox and whitebox solutions fit into secure SDLC.
Given a scenario, explain common development platforms (Ex. Java, .NET, C/C++).
Given a scenario, demonstrate the extensibility of AppScan tools.
Identify the extensibility of AppScan tools.
Section 5 – AppScan Product Knowledge (21%)
Given a scenario, explain how components of the AppScan suite are used in different deployments.
Given a scenario, determine if AppScan can provide a solution.
Identify potential deployment architectures.
Identify supported AppScan development frameworks.
Identify the advantages, purposes, and offerings of integrating AppScann with security tools.
Section 6 – Mobile Security (11%)
Identify the common types of mobile vulnerabilities.
Identify the mobile support platform for AppScan Source and integration with IBM Worklight.
Section 7 – Business Drivers (6%)
Given a scenario, demonstrate how AppScan can solve common problems.
Given a scenario, explain how AppScan can impact a company’s budget.
Given a scenario, explain Application security compliance drivers.
Section 8 – Licensing (8%)
Identify the required license structure for each component in AppScan.
Given a scenario, identify the licenses required for a specific deployment.
IBM Certified Solution Advisor – Security Dynamic and Static Applications V2
Job Role Description / Target Audience
This entry level certification is for solution advisors that are able to identify opportunities and influence direction across the AppScan portfolio. They recommend education, influence key decision makers, are able to respond to RFPs & RFQs, and understand licensing and pricing.
These solution advisors understand application security and competitive analysis, have knowledge of the broader IBM Security protfolio and the software development cycle, have the AppScan product knowledge, and understand mobility security, business drivers and licensing.
This is a technical sales role (CTP/pre-sales engineer) certification.
To attain the IBM Certified Solution Advisor – Security Dynamic and Static Applications V2 certification, candidates must pass 1 test. To gain additional knowledge and skills, and prepare for this test based on the job role and test objectives, take the link to the test below, and refer to the Test Preparation tab.
Recommended Prerequisite Skills
Have static analysis skills:
Read and program code
Configure source code to compile (build) an application
Remediate trivial errors in Java and .net apps: low hanging fruits
Have dynamic analysis skills:
Understand the web application architecture
Produce high-level deployment architecture solutions.
Write technically.
Comfortable discussing technical concepts with developers.
Comfortable discussing business and financial concepts with managers and executives.
Requirements
This certification requires 1 test(s).
Test(s) required:
Test C2150-500 – IBM Security Dynamic and Static Applications V2 Fundamentals
The test:
contains questions requiring single and multiple answers. For multiple-answer questions, you need to choose all required options to get the answer correct. You will be advised how many options make up the correct answer.
is designed to provide diagnostic feedback on the Examination Score Report, correlating back to the test objectives, informing the test taker how he or she did on each section of the test. As a result, to maintain the integrity of each test, questions and answers are not distributed.
Click here to view complete Q&A of C2150-500 exam
Certkingdom Review, Certkingdom C2150-500 PDF
Best IBM C2150-500 Certification, IBM C2150-500 Training at certkingdom.com