Please comment if you find any answer wrong or if there is any discrepancy. Thanks! 🙂 Here, we aim to please 😀
1) Which protocol’s headers are used for web app session management?
a) HTTP
b) TCP
c) IP
d) HTTPS
Answer(s) : (a) HTTP and (d) HTTPS
2) XSS exploits vulnerability in the
a) network
b) app source code
c) browser
d) web server host
Answer(s) : (b) App source code
[quads id=1]
3) Which of these are good places to keep the database credentials?
a) In a separate file on your web server host
b) In a separate file in your source code
c) In your database
d) None of the above. They should not be stored.
Answer(s) : (a) In a separate file on your web server host
4) Which of the following are almost completely under a developer’s control for a webapp
a) Network security
b) Database security
c) Browser security
d) Server host security
Answer(s) : (b) Database security (d) Server host security
[quads id=1]
5) How many cookies can you save for your webapp on a browser?
a) 100
b) 50
c) Depends on the browser
d) None of the above.
Answer(s) : (c) Depends on the browser
6) What is essential to ensure data is sent securely over the network to the right server
a) Having an authentication token
b) Using HTTPS Protocol
c) Using Hash functions
d) Server SSL certificate validation
Answer(s) : (b) Using HTTPS Protocol (d) Server SSL Certificate validation
[quads id=1]
7) What properties of hash functions are necessary when used for hashing passwords?
a) It converts a particular string to the same random string each time
b) It converts string of any length to a string of fixed length
c) It is not possible to recover the original string from its hashed value
d) The chance of two strings giving the same hash value is very low
Answer(s) : (a) It converts a particular string to the same random string each time (c) It is not possible to recover the original string from its hashed value (d) The chance of two strings giving the same hash value is very low
8) A web app and a native mobile app can share the same
a) API for fetching data
b) Web server
c) HTML + CSS
d) Frontend code
Answer(s) : (a) API for fetching data (b) Web server
[quads id=1]
9) Which of these is a good candidate for a user’s session-id
a) User’s hashed password
b) A newly generated random string every time the user logs in
c) A fixed random string saved in the user database
d) User’s password
Answer(s) : (b) A newly generated random string every time the user logs in
10) Which of the following security attacks are caused due to not sanitizing user input carefully
a) XSS
b) SQL Injection
c) Man in the middle
d) DDOS
Answer(s) : (a) XSS (b) SQL Injection
[quads id=1]
