Why is it important to use a comprehensive wordlist when performing directory brute-forcing with tools like dirb?

To increase the likelihood of discovering hidden directories and files

To avoid detection by firewalls

Which of the following best describes Cross-Site Scripting (XSS)?

Executing malicious scripts in a user's browser via a vulnerable web application

Injecting malicious SQL queries into a database

Intercepting network traffic between two parties

Gaining unauthorised access to a server's file system

In the context of penetration testing, what does the term 'scope' refer to?

The systems, applications, and networks that are authorised to be tested

The time allocated for the test

Which of the following is a limitation of automated vulnerability scanners like Nikto?

They may produce false positives or miss certain vulnerabilities

They can only be run on Linux systems

They require physical access to the server

They encrypt all network traffic

What is the main advantage of using directory brute-forcing tools during a web application penetration test?

They help discover hidden or unlinked resources that may not be visible through normal browsing

They can bypass firewalls automatically

They automatically patch vulnerabilities

They generate detailed compliance reports

Which of the following is a recommended best practice after completing a penetration test?

Provide a detailed report to the client, including remediation steps

Publicly disclose all vulnerabilities found

Ignore low-risk vulnerabilities

Delete all test data without informing the client

What is the primary goal of penetration testing methodologies such as OSSTMM or OWASP?

To provide a structured approach for identifying and addressing security weaknesses

To ensure compliance with Australian privacy laws

To develop new web applications

Web Security and Pen Testing Quiz

Authored by NetworkHaz NetworkHaz

Information Technology (IT)

12th Grade

Used 2+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

15 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following best describes the main purpose of a web application vulnerability scanner like Nikto?

To encrypt web traffic between a client and a server

To identify known security issues and misconfigurations in web servers and applications

To create backup copies of web applications

To monitor website uptime and performance

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the primary function of the tool 'dirb' in penetration testing?

To scan for open ports on a server

To brute-force directories and files on a web server

To analyse network traffic for malicious activity

To generate SSL certificates

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is considered a common web application vulnerability?

SQL Injection

Buffer Overflow in desktop applications

Bluetooth sniffing

ARP Spoofing

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

During a penetration test, which phase involves gathering as much information as possible about the target system?

Reporting

Exploitation

Reconnaissance

Remediation

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which HTTP response code indicates that a directory or file was found during a directory brute-force scan?

404 Not Found

200 OK

301 Moved Permanently

500 Internal Server Error

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the main risk of leaving default files and directories accessible on a web server?

Increased server speed

Exposure of sensitive information or vulnerabilities

Improved search engine ranking

Reduced storage usage

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is NOT a feature of Nikto?

Scanning for outdated server software

Brute-forcing login credentials

Checking for dangerous files and scripts

Identifying default files and directories

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

15 questions

Grade 6 - Living with AI

Quiz

•

6th Grade - University

15 questions

Quiz tentang Mesin Pencari

Quiz

•

10th Grade - University

15 questions

FASE D. 9. Teknologi Komputer

Quiz

•

9th Grade - University

11 questions

Literasi DIgital Part II

Quiz

•

12th Grade

15 questions

Quiz VOIP & KJ

Quiz

•

12th Grade

15 questions

LibreOffice Writer Styles Quiz

Quiz

•

10th Grade - University

20 questions

COMPUTER SYSTEMS SERVICING 3

Quiz

•

12th Grade

10 questions

internet seguro

Quiz

•

9th - 12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

10 questions

Probability Practice

Quiz

•

4th Grade

15 questions

Probability on Number LIne

Quiz

•

4th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

6 questions

Appropriate Chromebook Usage

Lesson

•

7th Grade

10 questions

Greek Bases tele and phon

Quiz

•

6th - 8th Grade

Discover more resources for Information Technology (IT)

15 questions

Making Inferences

Quiz

•

7th - 12th Grade

23 questions

TSI Math Vocabulary

Quiz

•

10th - 12th Grade

20 questions

-AR -ER -IR present tense

Quiz

•

10th - 12th Grade

20 questions

SSS/SAS

Quiz

•

9th - 12th Grade

20 questions

Predicting Products

Quiz

•

9th - 12th Grade

20 questions

Presidents Day challenge

Quiz

•

9th - 12th Grade

20 questions

Food Chains and Food Webs

Quiz

•

7th - 12th Grade

20 questions

Banking

Quiz

•

9th - 12th Grade