This set of Tough Cyber Security Questions and Answers focuses on “Attack Vectors – Web Application Vulnerabilities”.
1. A _______________ is a program application which is stored on a remote-server & distributed over the Internet when a user uses a browser interface to request for such applications.
a) Android application
b) Web application
c) PC application
d) Cloud application
View Answer
Explanation: A Web application is a program application that is stored on a remote-server & distributed over the Internet when a user uses a browser interface to request for such applications.
2. Which of the following is not an example of web application hacking?
a) Defacing websites
b) Stealing credit card information
c) Reverse engineering PC apps
d) Exploiting server-side scripting
View Answer
Explanation: Reverse engineering PC apps is not an example of web application hacking. Stealing credit card information, reverse engineering PC apps, and exploiting server-side scripting are examples of web application hacking.
3. _______________ hacking refers to mistreatment of applications through HTTP or HTTPS that can be done by manipulating the web application through its graphical web interface or by tampering the Uniform Resource Identifier (URI).
a) Android application
b) Web application
c) PC application
d) Cloud application
View Answer
Explanation: Web application hacking can be defined as the mistreatment of applications through HTTP or HTTPS that can be done by manipulating the web application through its graphical web interface or by tampering the Uniform Resource Identifier (URI).
4. Which of the following is not an appropriate method of web application hacking?
a) XSS
b) CSRF
c) SQLi
d) Brute-force
View Answer
Explanation: The mistreatment of online services and applications that uses HTTP or HTTPS can be done by manipulating the web application through its graphical web interface. Popular hacking methods are XSS, CSRF, SQLi.
5. XSS stands for _________________
a) Crack Site Scripting
b) Cross Site Server
c) Cross Site Scripting
d) Crack Server Scripting
View Answer
Explanation: Cross-site scripting (XSS) is a kind of external injection attack on web-app security where an attacker injects some abnormal data, such as a malicious code/script to harm or lower down the reputation of trusted websites.
6. Which of the following is not an example of web application hacking?
a) DNS Attack
b) Dumpster diving
c) Injecting Malicious code
d) Using the shell to destroy web application data
View Answer
Explanation: Domain Name Server (DNS) Attack, injecting Malicious code, using the shell to destroy web application data, exploiting server-side scripting are examples of web application hacking.
7. Which of the following is not a threat of web application?
a) Reverse engineering
b) Command injection
c) DMZ protocol attack
d) Buffer Overflow
View Answer
Explanation: Web applications are mistreated via HTTP or HTTPS for manipulating the web application through its graphical web interface and this technique is called Web application hacking. Web application threats are command injection, DMZ protocol attack, buffer overflow attack etc.
8. Which of the following is not a threat of web application?
a) Session poisoning
b) Phishing
c) Cryptographic interception
d) Cookie snooping
View Answer
Explanation: Web application hacking is the mistreatment of online applications and services. Some web application threats are session poisoning, cryptographic interception, cookie snooping etc.
9. ________ Injection attack is a special attack done through character elements “Carriage Return” or “Line Feed.” Exploitation can be done when an attacker is capable to inject a CRLF series in an HTTP stream.
a) XSS
b) CSRF
c) CRLF
d) SQL
View Answer
Explanation: CRLF Injection attack is a special attack done through character elements “Carriage Return” or “Line Feed.” Exploitation can be done when an attacker is capable to inject a CRLF series in an HTTP stream.
10. Which of the following scripting language is used for injecting executable malicious code for web-app hacking?
a) C++
b) Tcl
c) Frame-Script
d) JavaScript
View Answer
Explanation: Web application hacking can be defined as the mistreatment of applications through HTTP or HTTPS that can be done by manipulating the web application through its graphical web interface. JavaScript is used for injecting code for web-app hacking.
11. ______________ takes advantage if hidden fields that work as the only security measure in some applications.
a) Parameter tampering
b) Data tampering
c) Tampering of network topology
d) Protocol tampering
View Answer
Explanation: Parameter tampering takes advantage if hidden fields that work as the only security measure in some applications. Modifying this hidden field value will cause the web application to change according to new data incorporated.
12. _____________ is the attack method for decoding user credentials. Using this technique an attacker can log on as a user & gain access to unauthorized data.
a) Cache Snooping
b) Cookie-jacking
c) Cookie Snooping
d) Cache-compromising
View Answer
Explanation: Cookie Snooping is the attack method for decoding user credentials. Using this technique an attacker can log on as a user & gain access to unauthorized data.
13. Which of the following is not an example of web application hacking technique?
a) LDAP injection
b) Cryptanalysis
c) Race condition attack
d) OS command injection.
View Answer
Explanation: Cryptanalysis is the study of cipher-text & cryptosystems keeping in mind to improvise the crypto-algorithm by understanding how they work & finding alternate techniques. The rest three are examples of web application hacking techniques.
Sanfoundry Global Education & Learning Series – Cyber Security.
To practice tough questions and answers on all areas of Cyber Security, here is complete set of 1000+ Multiple Choice Questions and Answers.
If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]
- Practice Computer Science MCQs
- Practice Programming MCQs
- Check Programming Books
- Check Computer Science Books
- Apply for Computer Science Internship
