0% found this document useful (0 votes)

26 views9 pages

Web Application Security (1-10)

The document contains a series of multiple-choice questions and answers related to web, mobile, network, DevOps, and cloud security. Key topics include input validation, common vulnerabilities like XSS and SQL injection, security mechanisms such as firewalls and VPNs, and principles like the Shared Responsibility Model in cloud security. It serves as a quiz or study guide for understanding essential security concepts and practices.

Uploaded by

Nitin Nitin

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

26 views9 pages

Web Application Security (1-10)

Uploaded by

Nitin Nitin

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 9

Web Application Security (1-10)

What is the primary purpose of input validation in web apps?

a) Improve UI
b) Prevent injection attacks
c) Speed up loading
d) Encrypt data
Answer: b

Which vulnerability allows attackers to inject malicious scripts into web pages?
a) SQL Injection
b) Cross-Site Scripting (XSS)
c) CSRF
d) Clickjacking
Answer: b

What does HTTPS stand for?

a) HyperText Transfer Protocol Secure
b) HyperText Transfer Protocol Service
c) Hyper Transfer Text Secure
d) Hyper Transfer Protocol Security
Answer: a

Which HTTP header helps protect against clickjacking?

a) X-Frame-Options
b) Content-Type
c) Authorization
d) Cache-Control
Answer: a

What attack exploits vulnerabilities in web sessions to impersonate a user?

a) CSRF
b) Session Hijacking
c) Phishing
d) Brute Force
Answer: b

What security mechanism prevents unauthorized commands from being executed in a web
session?
a) CAPTCHA
b) CSRF Tokens
c) VPN
d) Firewall
Answer: b
What is SQL Injection?
a) Inserting SQL commands to manipulate databases
b) Sending spam emails
c) Stealing cookies
d) Password guessing
Answer: a

What does Content Security Policy (CSP) help prevent?

a) Data encryption
b) XSS attacks
c) Data loss
d) Network sniffing
Answer: b

Which protocol is commonly used for secure login authentication?

a) FTP
b) LDAP
c) OAuth
d) SMTP
Answer: c

What does Cross-Site Request Forgery (CSRF) exploit?

a) User trust in the site
b) Server misconfiguration
c) Weak encryption
d) Network vulnerabilities
Answer: a

Mobile Application Security (11-20)

Which is a common mobile app security risk?
a) Unsecured Wi-Fi
b) Malware apps
c) Weak app permissions
d) All of the above
Answer: d

What is the principle of least privilege?

a) Granting apps minimal necessary permissions
b) Allowing full access to apps
c) Disabling app updates
d) Encrypting data only on servers
Answer: a
Which technique protects data stored on mobile devices?
a) Data encryption
b) Port scanning
c) SQL injection
d) IP spoofing
Answer: a

Which platform feature can restrict app permissions?

a) Sandboxing
b) Firewall
c) Proxy
d) VPN
Answer: a

What does Mobile Device Management (MDM) primarily do?

a) Manage mobile apps and security policies
b) Monitor network traffic
c) Encrypt emails
d) Perform backups
Answer: a

What can happen if an app requests excessive permissions?

a) Increased risk of data leakage
b) Faster app performance
c) Reduced battery use
d) Better UI experience
Answer: a

Which method is used to authenticate mobile apps?

a) Biometric verification
b) Password only
c) IP address filtering
d) VPN tunneling
Answer: a

What is “jailbreaking” in mobile security?

a) Removing OS restrictions to install unauthorized apps
b) Encrypting data
c) Upgrading OS securely
d) Factory resetting device
Answer: a

What is a common attack targeting mobile apps?

a) Man-in-the-middle
b) Port scanning
c) Brute force
d) ARP spoofing
Answer: a

What is two-factor authentication (2FA)?

a) Two passwords
b) Password plus additional verification method
c) Single password
d) Biometric only
Answer: b

Network Security (21-30)

What is the purpose of a firewall?
a) Filter network traffic
b) Encrypt files
c) Backup data
d) Scan for malware
Answer: a

What does VPN stand for?

a) Virtual Private Network
b) Variable Protocol Network
c) Virtual Public Network
d) Verified Private Network
Answer: a

Which protocol encrypts email communication?

a) SMTP
b) IMAP
c) PGP
d) FTP
Answer: c

What is a common network attack where data is intercepted?

a) Phishing
b) Man-in-the-middle
c) DDoS
d) Ransomware
Answer: b

What does IDS stand for?

a) Intrusion Detection System
b) Internal Data Server
c) Internet Defense Service
d) Intrusion Deployment Software
Answer: a

Which port is commonly used for HTTPS?

a) 21
b) 443
c) 80
d) 22
Answer: b

What is ARP spoofing?

a) Fake IP address mapping to intercept traffic
b) Malware injection
c) DNS poisoning
d) Email phishing
Answer: a

Which device connects multiple network segments?

a) Router
b) Switch
c) Hub
d) Firewall
Answer: b

What does DDoS stand for?

a) Distributed Denial of Service
b) Dynamic Data of Service
c) Digital Denial on Server
d) Distributed Data of System
Answer: a

Which is an effective way to secure wireless networks?

a) Use WEP encryption
b) Use WPA3 encryption
c) Disable passwords
d) Use open Wi-Fi
Answer: b

DevOps Security (31-40)

What does "shift-left" security mean?
a) Integrate security early in development
b) Test after deployment
c) Outsource security
d) Focus on network security only
Answer: a

What tool automates builds and testing in DevOps?

a) Jenkins
b) Wireshark
c) Nmap
d) Metasploit
Answer: a

What is Infrastructure as Code (IaC)?

a) Managing infrastructure using code
b) Writing application code only
c) Manual server setup
d) Hardware coding
Answer: a

Which security practice involves scanning code for vulnerabilities?

a) Static Application Security Testing (SAST)
b) Penetration testing
c) Firewall configuration
d) Code formatting
Answer: a

What does CI/CD stand for?

a) Continuous Integration / Continuous Deployment
b) Code Integration / Code Deployment
c) Continuous Internet / Continuous Data
d) Code Inspection / Code Development
Answer: a

What is a container in DevOps?

a) Lightweight, portable executable package
b) Physical server
c) Network device
d) Programming language
Answer: a

Which platform is widely used for container orchestration?

a) Kubernetes
b) Docker
c) Jenkins
d) GitHub
Answer: a
What is a secret in DevOps?
a) Sensitive data like API keys or passwords
b) Hidden code
c) Malware
d) Encrypted file
Answer: a

What is a common security risk with CI/CD pipelines?

a) Storing secrets in code repositories
b) Slow builds
c) High bandwidth use
d) Low test coverage
Answer: a

Which practice improves security by automatically testing apps during development?

a) Automated security testing
b) Manual penetration testing
c) Firewall installation
d) Data encryption
Answer: a

Cloud Security (41-50)

What is the Shared Responsibility Model?
a) Division of security duties between cloud provider and customer
b) Outsourcing all security to cloud provider
c) Customer is solely responsible for security
d) Cloud provider handles backups only
Answer: a

Which is a common cloud security risk?

a) Data breaches due to misconfiguration
b) Hardware failure
c) Slow network speeds
d) Application bugs
Answer: a

What does CASB stand for?

a) Cloud Access Security Broker
b) Cloud Automated Security Backup
c) Cloud Access Security Base
d) Cloud Application Security Bot
Answer: a
What is multi-factor authentication (MFA)?
a) More than one method to verify user identity
b) Single password login
c) Biometric only
d) Password and username only
Answer: a

What is encryption at rest?

a) Encrypting stored data
b) Encrypting data in transit
c) Encrypting live video
d) Encrypting backups only
Answer: a

What does SaaS stand for?

a) Software as a Service
b) Security as a Service
c) Storage as a Service
d) Software and Security
Answer: a

Which cloud deployment model is owned by a single organization?

a) Public cloud
b) Private cloud
c) Hybrid cloud
d) Community cloud
Answer: b

What does DLP stand for in cloud security?

a) Data Loss Prevention
b) Data Logging Process
c) Digital Layer Protection
d) Data Leak Protocol
Answer: a

What is a benefit of cloud security monitoring?

a) Detect threats in real-time
b) Backup files automatically
c) Reduce cloud costs
d) Increase internet speed
Answer: a

What is the main function of Identity and Access Management (IAM) in cloud?
a) Control user access and permissions
b) Monitor network traffic
c) Encrypt data
d) Backup user data
Answer: a

Let me know if you want the answers in a separate file or want me to create explanations for
these!

Mid 1-2-3-4 (Quiz-Review)
No ratings yet
Mid 1-2-3-4 (Quiz-Review)
26 pages
Security+ - Chapter 3 Focus
No ratings yet
Security+ - Chapter 3 Focus
52 pages
Cisco Security Exam Prep Guide
No ratings yet
Cisco Security Exam Prep Guide
71 pages
Cse423 Mcqs
No ratings yet
Cse423 Mcqs
58 pages
Multiple
No ratings yet
Multiple
29 pages
Generate PDF of Questions With Their Answers That
No ratings yet
Generate PDF of Questions With Their Answers That
8 pages
Unit 6 MCQs
No ratings yet
Unit 6 MCQs
16 pages
CISSP Exam Q&A: Key Concepts Explained
No ratings yet
CISSP Exam Q&A: Key Concepts Explained
14 pages
Jas Exam Que Bank
No ratings yet
Jas Exam Que Bank
45 pages
Cns
No ratings yet
Cns
129 pages
CCNA Security
No ratings yet
CCNA Security
20 pages
Security+ SY0-701 Practice Exam Set 2
No ratings yet
Security+ SY0-701 Practice Exam Set 2
22 pages
Accenture Networking
No ratings yet
Accenture Networking
91 pages
Cybersecurity Assessment Questions
100% (2)
Cybersecurity Assessment Questions
27 pages
Cybersecurity Practice Exam Questions
No ratings yet
Cybersecurity Practice Exam Questions
17 pages
Cyber Security Quiz
No ratings yet
Cyber Security Quiz
27 pages
Security Management
No ratings yet
Security Management
7 pages
Application Security and Red Teaming L2
No ratings yet
Application Security and Red Teaming L2
9 pages
Cybersecurity MCQ 200 Questions
No ratings yet
Cybersecurity MCQ 200 Questions
49 pages
Chapter 4 Review
No ratings yet
Chapter 4 Review
6 pages
Exam Cybersecurity Apprentice - Palo Alto Networks (Verify Dumps)
No ratings yet
Exam Cybersecurity Apprentice - Palo Alto Networks (Verify Dumps)
9 pages
CompTIA Security Sy0 701 Exam Questions
No ratings yet
CompTIA Security Sy0 701 Exam Questions
17 pages
Question and Answer Bank 2nd Partial NETWORKS 3
No ratings yet
Question and Answer Bank 2nd Partial NETWORKS 3
17 pages
Info ASS Mid
No ratings yet
Info ASS Mid
5 pages
Cryptography Question Paper
No ratings yet
Cryptography Question Paper
8 pages
Unit 3 MCQ
No ratings yet
Unit 3 MCQ
12 pages
Cloud & Network Quiz for IT Pros
No ratings yet
Cloud & Network Quiz for IT Pros
5 pages
Resumen Examen
No ratings yet
Resumen Examen
390 pages
Course 4
No ratings yet
Course 4
7 pages
Networking and Cloud Security Quiz
No ratings yet
Networking and Cloud Security Quiz
32 pages
Computer Security & Trends Quiz
No ratings yet
Computer Security & Trends Quiz
11 pages
Cloud & OT Security Quiz
No ratings yet
Cloud & OT Security Quiz
10 pages
Cyber Security
No ratings yet
Cyber Security
16 pages
350-701 Corregidos 491Q
No ratings yet
350-701 Corregidos 491Q
143 pages
Satender Kumar - Final Exam - CompTIA Security+ (SY0-701)
No ratings yet
Satender Kumar - Final Exam - CompTIA Security+ (SY0-701)
12 pages
CH 5 Cloud Analytical Questions
No ratings yet
CH 5 Cloud Analytical Questions
54 pages
Institutional Training Final
No ratings yet
Institutional Training Final
10 pages
Satender KumarPractice Test 1 - CompTIA Security+ (SY0-701)
No ratings yet
Satender KumarPractice Test 1 - CompTIA Security+ (SY0-701)
11 pages
Security+ Exam 4: 65 Practice Questions
No ratings yet
Security+ Exam 4: 65 Practice Questions
30 pages
BCA Internet Security Important MCQ
No ratings yet
BCA Internet Security Important MCQ
9 pages
Technical Screening Questionst
No ratings yet
Technical Screening Questionst
6 pages
CompTIA Security+ SY0-401 Practice Exam
100% (4)
CompTIA Security+ SY0-401 Practice Exam
41 pages
Star Cyber Secure User
No ratings yet
Star Cyber Secure User
10 pages
Cyber Security 500 MCQs
No ratings yet
Cyber Security 500 MCQs
101 pages
SOC Analyst Interview QA
No ratings yet
SOC Analyst Interview QA
12 pages
Interview Questions For Analyst
No ratings yet
Interview Questions For Analyst
65 pages
100-160 Exam Dumps - Cisco Certified Support Technician (CCST) Cybersecurity
100% (2)
100-160 Exam Dumps - Cisco Certified Support Technician (CCST) Cybersecurity
19 pages
Malicious Code Threat Response Guide
No ratings yet
Malicious Code Threat Response Guide
35 pages
CCC Cyber Security 100 MCQ
No ratings yet
CCC Cyber Security 100 MCQ
27 pages
Network Security MCQ
No ratings yet
Network Security MCQ
11 pages
Comptia
No ratings yet
Comptia
52 pages
IAS Model Exit Exam Up
No ratings yet
IAS Model Exit Exam Up
4 pages
Cloud Computing MCQ Assessment
No ratings yet
Cloud Computing MCQ Assessment
21 pages
CCSP 1
No ratings yet
CCSP 1
168 pages
CCSK Cloud Security Practice Questions
No ratings yet
CCSK Cloud Security Practice Questions
78 pages
Cyber Security
No ratings yet
Cyber Security
24 pages
Dr. Kunal Som: Name Age Gender Height Weight Date Pat Id
No ratings yet
Dr. Kunal Som: Name Age Gender Height Weight Date Pat Id
2 pages
Dr. Kunal Som: 12-08-2025 23 Years
No ratings yet
Dr. Kunal Som: 12-08-2025 23 Years
2 pages
Untitled Document
No ratings yet
Untitled Document
1 page
Kishan
No ratings yet
Kishan
7 pages
Cybersecurity Fundamentals MCQ
No ratings yet
Cybersecurity Fundamentals MCQ
5 pages
Ticket
No ratings yet
Ticket
2 pages
TLE7-CSS Mod6 Testing-Electronic-Components V3
No ratings yet
TLE7-CSS Mod6 Testing-Electronic-Components V3
39 pages
Laptop-Desktop - Sab Manual
No ratings yet
Laptop-Desktop - Sab Manual
12 pages
Spruce Up Mobile Application
No ratings yet
Spruce Up Mobile Application
5 pages
Smalltalk Cheatsheet Triptico PDF
No ratings yet
Smalltalk Cheatsheet Triptico PDF
2 pages
Commands
No ratings yet
Commands
7 pages
EY686 Catalogue
No ratings yet
EY686 Catalogue
6 pages
Strengthening Cybersecurity in Africa
No ratings yet
Strengthening Cybersecurity in Africa
9 pages
INFO2320 Project Guide
0% (1)
INFO2320 Project Guide
5 pages
X-BIM CAD Browser Guide for Engineers
No ratings yet
X-BIM CAD Browser Guide for Engineers
51 pages
Manuale Termocamere Flir E40 E50 E60
No ratings yet
Manuale Termocamere Flir E40 E50 E60
186 pages
Microsoft Teams Calling Specialization
No ratings yet
Microsoft Teams Calling Specialization
3 pages
w01 LectureSlices MA4550
No ratings yet
w01 LectureSlices MA4550
36 pages
Yasna Abdi Peresentation
No ratings yet
Yasna Abdi Peresentation
38 pages
Position Paper: SWIFT On Distributed Ledger Technologies
No ratings yet
Position Paper: SWIFT On Distributed Ledger Technologies
20 pages
Veeam Backup Cloud Partner Scenario Card
No ratings yet
Veeam Backup Cloud Partner Scenario Card
2 pages
Input & Output C++
No ratings yet
Input & Output C++
23 pages
Imagepress c7010vp c6010vp c6010 SM
No ratings yet
Imagepress c7010vp c6010vp c6010 SM
2,186 pages
Ramsey Micro-Tech 9104 User Manual
No ratings yet
Ramsey Micro-Tech 9104 User Manual
102 pages
AD182v@SAP TechEd 2023 Final RAP Extensibility JS
No ratings yet
AD182v@SAP TechEd 2023 Final RAP Extensibility JS
27 pages
Free PowerPoint Business Model Presentation Slide Template
No ratings yet
Free PowerPoint Business Model Presentation Slide Template
15 pages
Examen Scrum Master Agile
No ratings yet
Examen Scrum Master Agile
4 pages
A Framework For Automatic Generation of Augmented Reality Maintenance & Repair Instructions Bases On Convolutional Neural Networks
No ratings yet
A Framework For Automatic Generation of Augmented Reality Maintenance & Repair Instructions Bases On Convolutional Neural Networks
6 pages
How Collating Helps in Printing
No ratings yet
How Collating Helps in Printing
10 pages
Development Planning & Project Analysis II
No ratings yet
Development Planning & Project Analysis II
198 pages
Nema Receptacles Wiring Diagram
100% (1)
Nema Receptacles Wiring Diagram
5 pages
RiSCAN PRO Changes 2.18.1
No ratings yet
RiSCAN PRO Changes 2.18.1
51 pages
Spring Batch Processing
No ratings yet
Spring Batch Processing
16 pages
Understanding NFC and Bluetooth Technologies
No ratings yet
Understanding NFC and Bluetooth Technologies
7 pages
MCQs on Operating Systems Concepts
No ratings yet
MCQs on Operating Systems Concepts
4 pages
Guide Microplate Readers
No ratings yet
Guide Microplate Readers
12 pages