Why should you use CAPTCHA

To protect authentication systems from automated or brute-force attacks

To create cryptographically random session IDs

To protect credentials by using encryption or cryptographic salt and hash

To ensure that authentication systems implement inactivity timeout functionality

What flaw can lead to exposure of resources or functionality to unintended actors

Invalidated Redirects and Forwards

Role-Based Access control helps prevent this OWASP Top 10 weakness

Invalidated Redirect or Forward

Insufficient Transport Layer Protection

What is the type of flaw that occurs when untrusted user entered data is sent to the interpreter as part of a query or command

insufficient Transport Layer Protection

Which of the following functionalities should you include in an authentication and session management system? (Choose two.)

Inactivity Time-out functionality

Forwarding System Functionality

You should set a secure flag in a cookie to ensure that

The cookie is sent over an encrypted channel

The cookie is a persistent cookie

The cookie is deleted when the user closes the browser

The cookie is not available to client script

Web Application Security Testing-PostTest

Authored by Priya Gupta

Other

Professional Development

Used 7+ times

Web Application Security Testing-PostTest

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

19 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping

Security Mis-configuration

Cross Site Scripting

Insecure Direct Object References

Broken Authentication and Session Management

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which character is most likely to be used for an SQL injection attack

Single quote (')

Null (\0) byte

Less than sign(<)

Greater than sign(>)

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following attacks occurs when a malicious user convinces a victim to send a request to a server with malicious input and the server echoes the input back to client?

Reflected XSS

Persistent XSS

Insecure Direct Object Reference

Failure to Restrict URLs

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An attack technique that forces a user’s session credential or session ID to an explicit value.

Brute Force Attack

Session hijacking

Session Fixation

Dictionary attack

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is the best way to ensure that JavaScript cannot be used to access a cookie

Set the Secure Flag in the Cookie

Set the HTTP only Flag in the Cookie

Use the CAPTCHA System

Use non-persistent cookie

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What threat arises from not flagging HTTP cookies with tokens as secure

Session Hijacking

Insecure Cryptographic Storage

Access Control Violation

Session replay

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites

SQL injection

Cross-Site Scripting

Malware Uploading

Man In The Middle Attack

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Popular Resources on Wayground

10 questions

5.P.1.3 Distance/Time Graphs

Quiz

•

5th Grade

10 questions

Fire Drill

Quiz

•

2nd - 5th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

22 questions

School Wide Vocab Group 1 Master

Quiz

•

6th - 8th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

12 questions

What makes Nebraska's government unique?

Quiz

•

4th - 5th Grade

Discover more resources for Other

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

20 questions

NCAA Logo Quiz

Quiz

•

Professional Development

20 questions

Easter trivia

Quiz

•

12th Grade - Professi...