Total No. of Questions = 20

1. Which of the following best describes a web application?

  • A) Code designed to be run on the client
  • B) Code designed to be run on the server
  • C) SQL code for databases
  • D) Targeting of web services

Show Answer

The Correct Answer is:- B

2. __________ is a client-side scripting language.

  • A) JavaScript
  • B) ASP
  • C) ASP.NET
  • D) PHP

Show Answer

The Correct Answer is:- A

3. Which of the following is an example of a server-side scripting language?

  • A) JavaScript
  • B) PHP
  • C) SQL
  • D) HTML

Show Answer

The Correct Answer is:- B

4. Which of the following is used to access content outside the root of a website?

  • A) Brute force
  • B) Port scanning
  • C) SQL injection
  • D) Directory traversal

Show Answer

The Correct Answer is:- D

5. Which of the following can prevent bad input from being presented to an application through a form?

  • A) Request filtering
  • B) Input validation
  • C) Input scanning
  • D) Directory traversing

Show Answer

The Correct Answer is:- B

6. __________ can be used to identify a web server.

  • A) Session hijacking
  • B) Banner grab
  • C) Traversal
  • D) Header analysis

Show Answer

The Correct Answer is:- B

7. In the field of IT security, the concept of defense in depth is layering more than one control on another. Why would this be helpful in the defense of a system of session hijacking?

  • A) To provide better protection
  • B) To build dependency among layers
  • C) To increase logging ability
  • D) To satisfy auditors

Show Answer

The Correct Answer is:- A

8. Which of the following is used to set permissions on content in a website?

  • A) HIDS
  • B) ACE
  • C) ACL
  • D) ALS

Show Answer

The Correct Answer is:- C

9. What could be used to monitor application errors and violations on a web server or application?

  • A) HIDS
  • B) HIPS
  • C) NIDS
  • D) Logs

Show Answer

The Correct Answer is:- D

10. Which of the following is an attribute used to secure a cookie?

  • A) Encrypt
  • B) Secure
  • C) HttpOnly
  • D) Domain

Show Answer

The Correct Answer is:- B,C,D

11. A POODLE attack targets what exactly?

  • A) SSL
  • B) TLS
  • C) VPN
  • D) AES

Show Answer

The Correct Answer is:- A

12. What is used to store session information?

  • A) Cookie
  • B) Snoop
  • C) Directory
  • D) File

Show Answer

The Correct Answer is:- A

13. Which attack can be used to take over a previous session?

  • A) Cookie snooping
  • B) Session hijacking
  • C) Cookie hijacking
  • D) Session sniffing

Show Answer

The Correct Answer is:- B

14. Which command would retrieve banner information from a website at port 80?

  • A) nc 192.168.10.27 80
  • B) nc 192.168.19.27 443
  • C) nc 192.168.10.27 –p 80
  • D) nc 192.168.10.27 –p –l 80

Show Answer

The Correct Answer is:- A

15. How is a brute-force attack performed?

  • A) By trying all possible combinations of characters
  • B) By trying dictionary words
  • C) By capturing hashes
  • D) By comparing hashes

Show Answer

The Correct Answer is:- A

16. What is the command to retrieve header information from a web server using Telnet?

  • A) telnet < website name > 80
  • B) telnet < website name > 443
  • C) telnet < website name > –port:80
  • D) telnet < website name > –port:443

Show Answer

The Correct Answer is:- A

17. Groups and individuals who may hack a web server or web application based on principle or personal beliefs are known as __________.

  • A) White hats
  • B) Black hats
  • C) Script kiddies
  • D) Hacktivists

Show Answer

The Correct Answer is:- D

18. The Wayback Machine would be useful in viewing what type of information relating to a web application?

  • A) Get Job postings
  • B) Websites
  • C) Archived versions of websites
  • D) Backup copies of websites

Show Answer

The Correct Answer is:- C

19. What may be helpful in protecting the content on a web server from being viewed by unauthorized personnel?

  • A) Encryption
  • B) Permissions
  • C) Redirection
  • D) Firewalls

Show Answer

The Correct Answer is:- A

20. A common attack against web servers and web applications is __________.

  • A) Banner grab
  • B) Input validation
  • C) Buffer validations
  • D) Buffer overflow

Show Answer

The Correct Answer is:- D