MCQs > IT & Programming > Security MCQs > OWASP MCQs

OWASP MCQ

For a connection that changes from HTTP to HTTPS, what flaw arises if you do not change the session identifier?

Answer

Correct Answer: Session Replay

Note: This Question is unanswered, help us to find answer for this one

What threat arises from not flagging HTTP cookies with tokens as secure?

Answer

Correct Answer: Session Hijacking

Note: This Question is unanswered, help us to find answer for this one

For an indirect reference, what happens if there's no list of limited values authorized for a user in the direct reference?

Answer

Correct Answer: Access to sensitive data possible

Note: This Question is unanswered, help us to find answer for this one

For the every link or form which invoke state changing functions with an unpredictable token for each user what attack can be prevented?

Answer

Correct Answer: Cross Site Request Forgery

Note: This Question is unanswered, help us to find answer for this one

Attack that exploits the trust that a site has in a user's browser

Answer

Correct Answer: Cross Site Request Forgery

Note: This Question is unanswered, help us to find answer for this one

What flaw arises from session tokens having poor randomness across a range of values?

Answer

Correct Answer: Session Hijacking

Note: This Question is unanswered, help us to find answer for this one

An IP Address is the Internet equivalent of

Answer

Correct Answer: Your mailing address

Note: This Question is unanswered, help us to find answer for this one

What flaw can lead to exposure of resources or functionality to unintended actor?

Answer

Correct Answer: Improper Authentication

Note: This Question is unanswered, help us to find answer for this one

An attack technique that forces a user's session credential or session ID to an explicit value.

Answer

Correct Answer: Session Fixation

Note: This Question is unanswered, help us to find answer for this one

We can allow client side scripts to execute in the browsers for needed operations.

Answer

Correct Answer: False

Note: This Question is unanswered, help us to find answer for this one

What is a cookie

Answer

Correct Answer: A file that makes it easier to access a Web site and browse

Note: This Question is unanswered, help us to find answer for this one

Network permissions should be established so that users can accomplish their tasks, but cannot access any system resources that are not necessary so that

Answer

Correct Answer: Only the resources authorized for that user will be at risk

Note: This Question is unanswered, help us to find answer for this one

What is phishing?

Answer

Correct Answer: Email Scam

Note: This Question is unanswered, help us to find answer for this one

What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

Answer

Correct Answer: Cross Site Scripting

Note: This Question is unanswered, help us to find answer for this one

Which threat can be prevented by having unique usernames generated with a high degree of entropy?

Answer

Correct Answer: Authentication bypass

Note: This Question is unanswered, help us to find answer for this one

For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?

Answer

Correct Answer: Cross Site Request Forgery

Note: This Question is unanswered, help us to find answer for this one

What flaw can lead to exposure of resources or functionality to unintended actors?

Answer

Correct Answer: Improper Authentication

Note: This Question is unanswered, help us to find answer for this one

What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?

Answer

Correct Answer: SQL Injection

Note: This Question is unanswered, help us to find answer for this one

For an an indirect reference, what happens if there’s no list of limited values authorized for a user in the direct reference?

Answer

Correct Answer: Access to sensitive data possible

Note: This Question is unanswered, help us to find answer for this one

Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites.

Answer

Correct Answer: Cross site scripting.

Note: This Question is unanswered, help us to find answer for this one

search
More Security Subjects
Access control
Security Management
Digital Certificates
Physical Security
More Resources
Security Skill Assessment
Security PDF
Related MCQs
Selenium Automation
Sencha
SharePoint
Shopify
Skype Development
Logo

Join our newsletter for the latest updates.

play store app store
Coming Soon

Our Products

Skill Assessment
Categories
MCQs
PDFs

Company

About
Advertising
Privacy Policy
Terms & Conditions
Sitemap
Contact
Blog
Back to top back to top
Logo
play store app store
Coming Soon

© Copyrights 2024 Quizack.com