Web Pentest Quiz

Cross-Site Scripting (XSS)

SQL Injection

Command Injection

Cross-Site Request Forgery (CSRF)

To improve user experience

To optimize database performance

To prevent security vulnerabilities such as SQL Injection

To enhance server uptime

POST

GET

DELETE

PUT

Increased server performance

Prevention of data loss

Remote code execution on the server

Reduction in server storage space

Allowing password reuse

Implementing account lockout policies after a number of failed login attempts

Using only client-side encryption for passwords

Disabling two-factor authentication (2FA)

Online Web Application Security Protocol

Open Web Application System Program

Open Worldwide Application Security Policy

Open Web Application Security Project

Storing them in plaintext

Hashing with a salt

Using encryption without a key

Storing them in the database as is

Metasploit

Burp Suite

Nmap

Wireshark

Providing users with unlimited access during testing

Giving users access only to the resources necessary to perform their tasks

Granting users the highest level of access possible

Removing all access controls for trusted users

Input sanitization

Captcha

Cookies

HTTPS