1Which organization manages the standard awareness document for developers and web application security known as the 'Top 10'?
A.OWASP
B.ISO
C.IEEE
D.NIST
Correct Answer: OWASP
Explanation:
OWASP (Open Web Application Security Project) is a non-profit foundation that works to improve the security of software and produces the OWASP Top 10 list of critical web application security risks.
Incorrect! Try again.
2In the context of OWASP Top 10, which vulnerability allows an attacker to access unauthorized functionality or data, such as viewing another user's account details by simply changing a URL parameter?
A.Broken Access Control
B.Security Misconfiguration
C.Injection
D.Cryptographic Failures
Correct Answer: Broken Access Control
Explanation:
Broken Access Control occurs when restrictions on what authenticated users are allowed to do are not properly enforced, allowing attackers to access unauthorized data or functions.
Incorrect! Try again.
3Which attack involves an attacker stealing a valid session ID to gain unauthorized access to a web server?
A.Directory Traversal
B.Buffer Overflow
C.Session Hijacking
D.SQL Injection
Correct Answer: Session Hijacking
Explanation:
Session Hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.
Incorrect! Try again.
4What is the primary mechanism of a Cross-Site Request Forgery (CSRF) attack?
A.Tricking a user's browser into sending an unwanted request to a trusted site where the user is authenticated
B.Injecting malicious SQL scripts into a database
C.Brute-forcing the admin password
D.Executing scripts in the victim's browser via a reflected input
Correct Answer: Tricking a user's browser into sending an unwanted request to a trusted site where the user is authenticated
Explanation:
CSRF forces an end user to execute unwanted actions on a web application in which they are currently authenticated by exploiting the trust that a site has in a user's browser.
Incorrect! Try again.
5Which input would most likely be used to test for a basic SQL Injection vulnerability?
A.../../etc/passwd
B.' OR '1'='1
C.ping 127.0.0.1
D.<script>alert(1)</script>
Correct Answer: ' OR '1'='1
Explanation:
The payload ' OR '1'='1 (or ) is a classic SQL injection test. It attempts to manipulate the query logic to always return true.
Incorrect! Try again.
6What is the primary defense mechanism against SQL Injection attacks?
Correct Answer: Using Parameterized Queries (Prepared Statements)
Explanation:
Parameterized Queries ensure that the database treats user input as data rather than executable code, effectively neutralizing SQL injection attempts.
Incorrect! Try again.
7Which type of XSS attack occurs when the malicious script is permanently stored on the target server (e.g., in a database or forum post)?
A.Reflected XSS
B.Blind XSS
C.DOM-based XSS
D.Stored (Persistent) XSS
Correct Answer: Stored (Persistent) XSS
Explanation:
Stored XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP responses in an unsafe way.
Incorrect! Try again.
8In a DOM-based XSS attack, where does the security vulnerability lie?
A.In the network transport layer
B.In the server-side database code
C.In the client-side code (JavaScript) processing data
D.In the web server configuration
Correct Answer: In the client-side code (JavaScript) processing data
Explanation:
DOM-based XSS occurs when the vulnerability is in the client-side code rather than the server-side code. The attack payload is executed as a result of modifying the DOM environment in the victim's browser.
Incorrect! Try again.
9Which flag should be set on a Set-Cookie HTTP response header to prevent client-side scripts (like XSS payloads) from accessing the cookie?
A.Secure
B.SameSite
C.HttpOnly
D.Expires
Correct Answer: HttpOnly
Explanation:
The HttpOnly flag directs the browser that the cookie should not be accessible via JavaScript (e.g., document.cookie), mitigating the risk of session theft via XSS.
Incorrect! Try again.
10BeEF is a popular penetration testing tool. What does the acronym stand for?
A.Browser Exploitation Framework
B.Binary Encryption and Encoding Facility
C.Backend Engineering Exploitation File
D.Basic Exploitation Environment Frontend
Correct Answer: Browser Exploitation Framework
Explanation:
BeEF stands for Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
Incorrect! Try again.
11Which SQL injection technique involves asking the database true/false questions and determining the answer based on the application's response time?
A.Time-based Blind SQLi
B.Out-of-band SQLi
C.Union-based SQLi
D.Error-based SQLi
Correct Answer: Time-based Blind SQLi
Explanation:
Time-based Blind SQLi relies on sending an injected query that causes the database to wait (sleep) for a specified period before responding if the condition is true.
Incorrect! Try again.
12What is the mathematical logic often used in tautology-based SQL injection?
A. (Imaginary)
B.
C. (Always True)
D. where A is false
Correct Answer: (Always True)
Explanation:
Attackers inject statements that evaluate to Always True (like or 'a'='a') to bypass authentication or retrieve all records.
Incorrect! Try again.
13Which mobile deployment model allows employees to use their personal devices for work but requires them to install a Mobile Device Management (MDM) agent?
A.BYOD (Bring Your Own Device)
B.CYOD (Choose Your Own Device)
C.COPE (Corporate Owned, Personally Enabled)
D.Direct Access
Correct Answer: BYOD (Bring Your Own Device)
Explanation:
BYOD allows employees to use personal devices for work purposes, usually managed partially by corporate MDM software to secure corporate data.
Incorrect! Try again.
14Which OWASP Mobile Top 10 vulnerability refers to the storage of sensitive data (like passwords or API keys) in plain text within the device's file system?
A.Insecure Data Storage
B.Improper Platform Usage
C.Insecure Communication
D.Extraneous Functionality
Correct Answer: Insecure Data Storage
Explanation:
Insecure Data Storage is a critical vulnerability where developers fail to encrypt sensitive data stored locally on the mobile device.
Incorrect! Try again.
15What is 'Jailbreaking' in the context of mobile security?
A.Escaping a physical prison using a mobile phone
B.Removing software restrictions imposed by the manufacturer on iOS devices
C.Creating a sandbox environment for apps
D.Encrypting the file system of an Android device
Correct Answer: Removing software restrictions imposed by the manufacturer on iOS devices
Explanation:
Jailbreaking (on iOS) or Rooting (on Android) involves privilege escalation to remove manufacturer restrictions, allowing the installation of unauthorized software.
Incorrect! Try again.
16Which Bluetooth attack involves sending unsolicited messages (often vCards or images) to a Bluetooth-enabled device?
A.Bluejacking
B.Bluesnarfing
C.Bluebugging
D.Blueborne
Correct Answer: Bluejacking
Explanation:
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices. It is generally considered annoying rather than damaging.
Incorrect! Try again.
17Which Bluetooth attack allows an attacker to steal data (contacts, calendars, emails) from a device?
A.Bluejacking
B.Pairing Spoofing
C.Frequency Hopping
D.Bluesnarfing
Correct Answer: Bluesnarfing
Explanation:
Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, allowing theft of data.
Incorrect! Try again.
18Which tool is commonly used to automate the detection and exploitation of SQL injection flaws?
A.Aircrack-ng
B.sqlmap
C.Hydra
D.John the Ripper
Correct Answer: sqlmap
Explanation:
sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
Incorrect! Try again.
19What does a 'Union-based' SQL injection allow an attacker to do?
A.Shut down the database server
B.Delete the database schema
C.Encrypt the database contents
D.Combine the results of the original query with the results of a malicious injected query
Correct Answer: Combine the results of the original query with the results of a malicious injected query
Explanation:
The UNION operator is used in SQL to combine the result-set of two or more SELECT statements, allowing attackers to retrieve data from other tables.
Incorrect! Try again.
20Which social engineering attack targets mobile users via SMS messages containing malicious links?
A.Smishing
B.Whaling
C.Vishing
D.Phishing
Correct Answer: Smishing
Explanation:
Smishing (SMS Phishing) is a form of phishing that uses text messages to trick users into clicking malicious links or divulging private information.
Incorrect! Try again.
21In the context of browser exploitation, what is a 'hook'?
A.A phishing email subject line
B.A method to close the browser remotely
C.A script that binds the victim's browser to the attacker's framework (e.g., BeEF)
D.A hardware keylogger
Correct Answer: A script that binds the victim's browser to the attacker's framework (e.g., BeEF)
Explanation:
In tools like BeEF, a hook is a JavaScript file that, once executed by the victim's browser, establishes a command and control channel back to the attacker.
Incorrect! Try again.
22Which mitigation technique involves generating a unique random token for every user session and validating it with every state-changing request to prevent CSRF?
An Anti-CSRF Token is a unique, random, and unpredictable value submitted by the client application to the server, ensuring the request originated from the legitimate application.
Incorrect! Try again.
23What is 'Bluebugging'?
A.Taking full control of a Bluetooth device to make calls or listen to conversations
B.Jamming a Bluetooth signal
C.Sending a virus via Bluetooth
D.Scanning for Bluetooth devices
Correct Answer: Taking full control of a Bluetooth device to make calls or listen to conversations
Explanation:
Bluebugging allows an attacker to take over a mobile phone, allowing them to make calls, send messages, and eavesdrop on conversations.
Incorrect! Try again.
24Which vulnerability allows an attacker to inject malicious code into a website that is then executed by other users?
A.RCE
B.SSRF
C.XXE
D.XSS
Correct Answer: XSS
Explanation:
XSS (Cross-Site Scripting) enables attackers to inject client-side scripts into web pages viewed by other users.
COPE stands for Corporate Owned, Personally Enabled. The company owns the device but allows the employee to use it for personal tasks.
Incorrect! Try again.
26Which type of malware disguises itself as legitimate software to trick the user into installing it?
A.Keylogger
B.Trojan Horse
C.Logic Bomb
D.Worm
Correct Answer: Trojan Horse
Explanation:
A Trojan Horse is malware that misleads users of its true intent by appearing to be a legitimate program.
Incorrect! Try again.
27What is the primary risk associated with 'Side-Loading' apps on Android?
A.It bypasses the official app store security checks, increasing malware risk
B.It requires root access
C.It slows down the internet connection
D.It automatically deletes system files
Correct Answer: It bypasses the official app store security checks, increasing malware risk
Explanation:
Side-loading involves installing applications from sources other than the official Google Play Store, bypassing security vetting and increasing the risk of installing malware.
Incorrect! Try again.
28Which attack involves an attacker creating a fake mobile transmission tower to intercept mobile traffic?
A.Rogue Access Point
B.IMSI Catcher (Stingray)
C.Evil Twin
D.NFC Replay
Correct Answer: IMSI Catcher (Stingray)
Explanation:
An IMSI Catcher mimics a cell tower to trick mobile devices into connecting to it, allowing interception of calls and SMS.
Incorrect! Try again.
29Identify the vulnerability: An application allows uploading a file named shell.php without validating the file type.
A.Unrestricted File Upload
B.SQL Injection
C.XSS
D.Path Traversal
Correct Answer: Unrestricted File Upload
Explanation:
Unrestricted File Upload allows an attacker to upload malicious scripts (like a web shell) that can be executed on the server.
Incorrect! Try again.
30Which component is essential for a 'Reflected XSS' attack to succeed?
A.Access to the database
B.Root access to the server
C.Social engineering to trick a user into clicking a crafted link
D.A stored comment on a blog
Correct Answer: Social engineering to trick a user into clicking a crafted link
Explanation:
Reflected XSS requires the payload to be part of the request (e.g., URL parameters). The attacker must trick the victim into clicking this malicious link.
Incorrect! Try again.
31What does the 'SameSite' cookie attribute helps prevent?
A.Buffer Overflows
B.Password Cracking
C.SQL Injection
D.CSRF (Cross-Site Request Forgery)
Correct Answer: CSRF (Cross-Site Request Forgery)
Explanation:
The SameSite attribute prevents the browser from sending the cookie along with cross-site requests, effectively mitigating CSRF attacks.
Incorrect! Try again.
32Which of the following is a symptom of a mobile device being infected with spyware?
A.Improved battery life
B.Unexpected high data usage and rapid battery drain
C.Screen becomes brighter
D.Faster performance
Correct Answer: Unexpected high data usage and rapid battery drain
Explanation:
Spyware runs in the background, collecting and transmitting data, which consumes data bandwidth and battery power.
Incorrect! Try again.
33Reverse engineering an Android app (APK) is often used in penetration testing to:
A.Identify hardcoded API keys and logic vulnerabilities
B.Increase the app's speed
C.Upgrade the Android OS
D.Compress the file size
Correct Answer: Identify hardcoded API keys and logic vulnerabilities
Explanation:
Penetration testers decompile APKs to view the source code and look for hardcoded secrets (keys) or insecure coding logic.
Incorrect! Try again.
34Which attack involves overlaying a legitimate application with a fake window to trick users into entering sensitive data on a mobile device?
A.SIM Swapping
B.Bluejacking
C.Tapjacking / Overlay Attack
D.Rooting
Correct Answer: Tapjacking / Overlay Attack
Explanation:
Tapjacking (or screen overlay attack) involves tricking the user into tapping a hidden element by covering it with a fake UI overlay.
Incorrect! Try again.
35In SQL Injection, what is the purpose of the -- or # characters?
A.To encrypt the payload
B.To start a new table
C.To execute the query immediately
D.To comment out the rest of the original SQL query
Correct Answer: To comment out the rest of the original SQL query
Explanation:
In SQL, -- (and # in MySQL) signifies the start of a comment. Attackers use this to ignore the remainder of the original query after injecting their payload.
Incorrect! Try again.
36Which of the following represents a 'Blind' SQL Injection scenario?
A.The application crashes the server immediately
B.The application returns the results of the UNION SELECT query on the screen
C.The application returns the full database error message
D.The application does not return data but behaves differently (true/false) based on the injection
Correct Answer: The application does not return data but behaves differently (true/false) based on the injection
Explanation:
Blind SQL Injection occurs when the application does not return error messages or data, so the attacker infers data based on the application's behavior (content change or time delay).
Incorrect! Try again.
37Which mobile vulnerability involves an app accidentally sharing access to its components (Activities, Services) with other malicious apps?
Vishing stands for Voice Phishing, where attackers use phone calls or VoIP to deceive victims into revealing personal information.
Incorrect! Try again.
39Which technique is used to bypass mobile device screen locks using residues left by fingers?
A.Dictionary Attack
B.Smudge Attack
C.Rainbow Table
D.Brute Force
Correct Answer: Smudge Attack
Explanation:
A Smudge Attack analyzes the oily residues (smudges) left on a touchscreen to infer the unlocking pattern.
Incorrect! Try again.
40Which of the following is a valid method to secure a session ID?
A.Using a short, predictable sequence
B.Regenerating the Session ID after a successful login
C.Storing it in a public folder
D.Storing it in the URL
Correct Answer: Regenerating the Session ID after a successful login
Explanation:
Session Regeneration prevents session fixation attacks by issuing a fresh session ID once the user authenticates.
Incorrect! Try again.
41Malware that encrypts a user's files and demands payment for the decryption key is known as:
A.Rootkit
B.Ransomware
C.Spyware
D.Adware
Correct Answer: Ransomware
Explanation:
Ransomware denies access to a device or data (usually via encryption) until a ransom is paid.
Incorrect! Try again.
42In the context of malware, what is a 'Wrapper' or 'Binder'?
A.A tool used to combine a malicious executable with a legitimate file
B.A secure coding standard
C.A type of antivirus
D.A firewall rule
Correct Answer: A tool used to combine a malicious executable with a legitimate file
Explanation:
A Wrapper or Binder combines a malicious payload with a benign file (like a game or image) so the user installs the malware while thinking they are opening the safe file.
Incorrect! Try again.
43What is the function of a C2 (Command and Control) server in a malware attack?
A.To store the company's backups
B.To prevent DDOS attacks
C.To issue instructions to compromised devices (botnet) and receive stolen data
D.To validate SSL certificates
Correct Answer: To issue instructions to compromised devices (botnet) and receive stolen data
Explanation:
A C2 server allows the attacker to control infected machines remotely, send commands, and exfiltrate data.
Incorrect! Try again.
44Which encoding is often used in XSS payloads to bypass basic keyword filters (e.g., converting < to %3C)?
A.Rot13
B.MD5
C.URL Encoding (Percent Encoding)
D.Base64
Correct Answer: URL Encoding (Percent Encoding)
Explanation:
URL Encoding replaces unsafe characters with a % followed by two hexadecimal digits, often used to bypass simple string matching filters.
Incorrect! Try again.
45What is 'Session Fixation'?
A.An attacker stealing a session cookie via XSS
B.An attacker setting a user's session ID to a known value before the user logs in
C.The server crashing due to too many sessions
D.Fixing a broken session link
Correct Answer: An attacker setting a user's session ID to a known value before the user logs in
Explanation:
In Session Fixation, the attacker tricks the victim into using a Session ID known to the attacker. Once the victim logs in, the attacker uses that same ID to hijack the session.
Incorrect! Try again.
46Which tool is specifically designed for decompiling Android applications into readable Java source code?
A.Metasploit
B.Nmap
C.Jadx / APKTool
D.Wireshark
Correct Answer: Jadx / APKTool
Explanation:
Jadx and APKTool are standard tools used for reverse engineering Android APK files.
Incorrect! Try again.
47If an attacker inputs admin' -- into a login field, they are attempting to bypass authentication via:
A.Cross-Site Scripting
B.Path Traversal
C.Buffer Overflow
D.SQL Injection
Correct Answer: SQL Injection
Explanation:
The input admin' -- attempts to close the string literal and comment out the password check in the SQL query.
Incorrect! Try again.
48Which of the following is an example of a Social Engineering attack utilizing authority?
A.An attacker pretending to be the CEO asking for an urgent wire transfer
B.Scanning ports on a server
C.A brute force attack on a password
D.Injecting SQL code
Correct Answer: An attacker pretending to be the CEO asking for an urgent wire transfer
Explanation:
This relies on Authority (impersonating an executive) and Urgency to trick the victim into bypassing procedures.
Incorrect! Try again.
49What defines a 'Hybrid' mobile application?
A.It is written purely in Assembly language
B.It is a web application wrapped in a native container
C.It runs only on Android
D.It runs only on iOS
Correct Answer: It is a web application wrapped in a native container
Explanation:
Hybrid apps are built using web technologies (HTML, CSS, JS) and run inside a native container, allowing them to work on multiple platforms.
Incorrect! Try again.
50Which mathematical concept is primarily compromised when an attacker successfully performs a 'Integer Overflow' attack on a web application?
A.Bandwidth
B.Data Integrity / Correctness of calculation
C.Confidentiality
D.Network Latency
Correct Answer: Data Integrity / Correctness of calculation
Explanation:
Integer overflows occur when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented, compromising the Integrity and logic of the application.