GWAPT Web Application Security Testing & Vulnerabilities

Question 1

What is SQL injection?

Accepted Answer

A vulnerability that allows database manipulation

Answer

A method of hacking passwords.

Answer

A form of cross-site scripting.

Answer

A method of stealing session cookies.

Question 2

Which of the following is a common vulnerability in web applications?

Accepted Answer

Cross-Site Scripting (XSS) and SQL injection

Answer

Malware injection.

Answer

Physical theft of data.

Answer

Buffer overflow attacks.

Question 3

What does Cross-Site Scripting (XSS) allow an attacker to do?

Accepted Answer

Inject malicious scripts into a webpage

Answer

Access the server logs.

Answer

Disable firewalls.

Answer

Intercept network traffic.

Question 4

What is the primary purpose of web application penetration testing?

Accepted Answer

To find and fix security vulnerabilities

Answer

To check for performance issues.

Answer

To increase user traffic.

Answer

To improve design aesthetics.

Question 5

Which of the following is a technique used to prevent SQL injection?

Accepted Answer

Using prepared statements and parameterized queries

Answer

Allowing dynamic SQL queries.

Answer

Filtering user input.

Answer

Encrypting database connections.

Question 6

What is a session hijacking attack?

Accepted Answer

Intercepting and stealing session tokens

Answer

Stealing user credentials.

Answer

Accessing an unencrypted database.

Answer

Bypassing authentication systems.

Question 7

What is the OWASP Top Ten?

Accepted Answer

A list of the top ten web application security risks

Answer

A list of the most common coding languages.

Answer

A list of the best penetration testing tools.

Answer

A list of the best cybersecurity firms.

Question 8

What is Cross-Site Request Forgery (CSRF)?

Accepted Answer

Tricking an authenticated user into performing unwanted actions

Answer

A method of stealing user credentials.

Answer

Forcing users to access malicious websites.

Answer

Hijacking user sessions.

Question 9

How can input validation prevent security vulnerabilities?

Accepted Answer

By preventing the submission of malicious input

Answer

By ensuring the data is in the correct format.

Answer

By limiting the size of input fields.

Answer

By encrypting user data.