1Which organization manages the standard awareness document for developers and web application security known as the 'Top 10'?
A.ISO
B.IEEE
C.NIST
D.OWASP
Correct Answer: OWASP
Explanation:
OWASP (Open Web Application Security Project) is a non-profit foundation that works to improve the security of software and produces the OWASP Top 10 list of critical web application security risks.
Incorrect! Try again.
2In the context of OWASP Top 10, which vulnerability allows an attacker to access unauthorized functionality or data, such as viewing another user's account details by simply changing a URL parameter?
A.Cryptographic Failures
B.Injection
C.Security Misconfiguration
D.Broken Access Control
Correct Answer: Broken Access Control
Explanation:
Broken Access Control occurs when restrictions on what authenticated users are allowed to do are not properly enforced, allowing attackers to access unauthorized data or functions.
Incorrect! Try again.
3Which attack involves an attacker stealing a valid session ID to gain unauthorized access to a web server?
A.Session Hijacking
B.SQL Injection
C.Buffer Overflow
D.Directory Traversal
Correct Answer: Session Hijacking
Explanation:
Session Hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.
Incorrect! Try again.
4What is the primary mechanism of a Cross-Site Request Forgery (CSRF) attack?
A.Injecting malicious SQL scripts into a database
B.Tricking a user's browser into sending an unwanted request to a trusted site where the user is authenticated
C.Executing scripts in the victim's browser via a reflected input
D.Brute-forcing the admin password
Correct Answer: Tricking a user's browser into sending an unwanted request to a trusted site where the user is authenticated
Explanation:
CSRF forces an end user to execute unwanted actions on a web application in which they are currently authenticated by exploiting the trust that a site has in a user's browser.
Incorrect! Try again.
5Which input would most likely be used to test for a basic SQL Injection vulnerability?
A.' OR '1'='1
B.<script>alert(1)</script>
C.../../etc/passwd
D.ping 127.0.0.1
Correct Answer: ' OR '1'='1
Explanation:
The payload ' OR '1'='1 (or ) is a classic SQL injection test. It attempts to manipulate the query logic to always return true.
Incorrect! Try again.
6What is the primary defense mechanism against SQL Injection attacks?
Correct Answer: Using Parameterized Queries (Prepared Statements)
Explanation:
Parameterized Queries ensure that the database treats user input as data rather than executable code, effectively neutralizing SQL injection attempts.
Incorrect! Try again.
7Which type of XSS attack occurs when the malicious script is permanently stored on the target server (e.g., in a database or forum post)?
A.Blind XSS
B.Stored (Persistent) XSS
C.Reflected XSS
D.DOM-based XSS
Correct Answer: Stored (Persistent) XSS
Explanation:
Stored XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP responses in an unsafe way.
Incorrect! Try again.
8In a DOM-based XSS attack, where does the security vulnerability lie?
A.In the web server configuration
B.In the network transport layer
C.In the client-side code (JavaScript) processing data
D.In the server-side database code
Correct Answer: In the client-side code (JavaScript) processing data
Explanation:
DOM-based XSS occurs when the vulnerability is in the client-side code rather than the server-side code. The attack payload is executed as a result of modifying the DOM environment in the victim's browser.
Incorrect! Try again.
9Which flag should be set on a Set-Cookie HTTP response header to prevent client-side scripts (like XSS payloads) from accessing the cookie?
A.SameSite
B.Expires
C.Secure
D.HttpOnly
Correct Answer: HttpOnly
Explanation:
The HttpOnly flag directs the browser that the cookie should not be accessible via JavaScript (e.g., document.cookie), mitigating the risk of session theft via XSS.
Incorrect! Try again.
10BeEF is a popular penetration testing tool. What does the acronym stand for?
A.Backend Engineering Exploitation File
B.Binary Encryption and Encoding Facility
C.Basic Exploitation Environment Frontend
D.Browser Exploitation Framework
Correct Answer: Browser Exploitation Framework
Explanation:
BeEF stands for Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
Incorrect! Try again.
11Which SQL injection technique involves asking the database true/false questions and determining the answer based on the application's response time?
A.Out-of-band SQLi
B.Time-based Blind SQLi
C.Union-based SQLi
D.Error-based SQLi
Correct Answer: Time-based Blind SQLi
Explanation:
Time-based Blind SQLi relies on sending an injected query that causes the database to wait (sleep) for a specified period before responding if the condition is true.
Incorrect! Try again.
12What is the mathematical logic often used in tautology-based SQL injection?
A.
B. where A is false
C. (Imaginary)
D. (Always True)
Correct Answer: (Always True)
Explanation:
Attackers inject statements that evaluate to Always True (like or 'a'='a') to bypass authentication or retrieve all records.
Incorrect! Try again.
13Which mobile deployment model allows employees to use their personal devices for work but requires them to install a Mobile Device Management (MDM) agent?
A.Direct Access
B.BYOD (Bring Your Own Device)
C.CYOD (Choose Your Own Device)
D.COPE (Corporate Owned, Personally Enabled)
Correct Answer: BYOD (Bring Your Own Device)
Explanation:
BYOD allows employees to use personal devices for work purposes, usually managed partially by corporate MDM software to secure corporate data.
Incorrect! Try again.
14Which OWASP Mobile Top 10 vulnerability refers to the storage of sensitive data (like passwords or API keys) in plain text within the device's file system?
A.Improper Platform Usage
B.Insecure Communication
C.Insecure Data Storage
D.Extraneous Functionality
Correct Answer: Insecure Data Storage
Explanation:
Insecure Data Storage is a critical vulnerability where developers fail to encrypt sensitive data stored locally on the mobile device.
Incorrect! Try again.
15What is 'Jailbreaking' in the context of mobile security?
A.Creating a sandbox environment for apps
B.Escaping a physical prison using a mobile phone
C.Encrypting the file system of an Android device
D.Removing software restrictions imposed by the manufacturer on iOS devices
Correct Answer: Removing software restrictions imposed by the manufacturer on iOS devices
Explanation:
Jailbreaking (on iOS) or Rooting (on Android) involves privilege escalation to remove manufacturer restrictions, allowing the installation of unauthorized software.
Incorrect! Try again.
16Which Bluetooth attack involves sending unsolicited messages (often vCards or images) to a Bluetooth-enabled device?
A.Blueborne
B.Bluebugging
C.Bluejacking
D.Bluesnarfing
Correct Answer: Bluejacking
Explanation:
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices. It is generally considered annoying rather than damaging.
Incorrect! Try again.
17Which Bluetooth attack allows an attacker to steal data (contacts, calendars, emails) from a device?
A.Bluesnarfing
B.Bluejacking
C.Pairing Spoofing
D.Frequency Hopping
Correct Answer: Bluesnarfing
Explanation:
Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, allowing theft of data.
Incorrect! Try again.
18Which tool is commonly used to automate the detection and exploitation of SQL injection flaws?
A.Aircrack-ng
B.John the Ripper
C.sqlmap
D.Hydra
Correct Answer: sqlmap
Explanation:
sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
Incorrect! Try again.
19What does a 'Union-based' SQL injection allow an attacker to do?
A.Combine the results of the original query with the results of a malicious injected query
B.Shut down the database server
C.Encrypt the database contents
D.Delete the database schema
Correct Answer: Combine the results of the original query with the results of a malicious injected query
Explanation:
The UNION operator is used in SQL to combine the result-set of two or more SELECT statements, allowing attackers to retrieve data from other tables.
Incorrect! Try again.
20Which social engineering attack targets mobile users via SMS messages containing malicious links?
A.Whaling
B.Vishing
C.Phishing
D.Smishing
Correct Answer: Smishing
Explanation:
Smishing (SMS Phishing) is a form of phishing that uses text messages to trick users into clicking malicious links or divulging private information.
Incorrect! Try again.
21In the context of browser exploitation, what is a 'hook'?
A.A hardware keylogger
B.A phishing email subject line
C.A script that binds the victim's browser to the attacker's framework (e.g., BeEF)
D.A method to close the browser remotely
Correct Answer: A script that binds the victim's browser to the attacker's framework (e.g., BeEF)
Explanation:
In tools like BeEF, a hook is a JavaScript file that, once executed by the victim's browser, establishes a command and control channel back to the attacker.
Incorrect! Try again.
22Which mitigation technique involves generating a unique random token for every user session and validating it with every state-changing request to prevent CSRF?
An Anti-CSRF Token is a unique, random, and unpredictable value submitted by the client application to the server, ensuring the request originated from the legitimate application.
Incorrect! Try again.
23What is 'Bluebugging'?
A.Jamming a Bluetooth signal
B.Scanning for Bluetooth devices
C.Sending a virus via Bluetooth
D.Taking full control of a Bluetooth device to make calls or listen to conversations
Correct Answer: Taking full control of a Bluetooth device to make calls or listen to conversations
Explanation:
Bluebugging allows an attacker to take over a mobile phone, allowing them to make calls, send messages, and eavesdrop on conversations.
Incorrect! Try again.
24Which vulnerability allows an attacker to inject malicious code into a website that is then executed by other users?
A.XXE
B.XSS
C.RCE
D.SSRF
Correct Answer: XSS
Explanation:
XSS (Cross-Site Scripting) enables attackers to inject client-side scripts into web pages viewed by other users.
COPE stands for Corporate Owned, Personally Enabled. The company owns the device but allows the employee to use it for personal tasks.
Incorrect! Try again.
26Which type of malware disguises itself as legitimate software to trick the user into installing it?
A.Trojan Horse
B.Keylogger
C.Logic Bomb
D.Worm
Correct Answer: Trojan Horse
Explanation:
A Trojan Horse is malware that misleads users of its true intent by appearing to be a legitimate program.
Incorrect! Try again.
27What is the primary risk associated with 'Side-Loading' apps on Android?
A.It bypasses the official app store security checks, increasing malware risk
B.It automatically deletes system files
C.It requires root access
D.It slows down the internet connection
Correct Answer: It bypasses the official app store security checks, increasing malware risk
Explanation:
Side-loading involves installing applications from sources other than the official Google Play Store, bypassing security vetting and increasing the risk of installing malware.
Incorrect! Try again.
28Which attack involves an attacker creating a fake mobile transmission tower to intercept mobile traffic?
A.NFC Replay
B.Rogue Access Point
C.IMSI Catcher (Stingray)
D.Evil Twin
Correct Answer: IMSI Catcher (Stingray)
Explanation:
An IMSI Catcher mimics a cell tower to trick mobile devices into connecting to it, allowing interception of calls and SMS.
Incorrect! Try again.
29Identify the vulnerability: An application allows uploading a file named shell.php without validating the file type.
A.Path Traversal
B.XSS
C.SQL Injection
D.Unrestricted File Upload
Correct Answer: Unrestricted File Upload
Explanation:
Unrestricted File Upload allows an attacker to upload malicious scripts (like a web shell) that can be executed on the server.
Incorrect! Try again.
30Which component is essential for a 'Reflected XSS' attack to succeed?
A.Social engineering to trick a user into clicking a crafted link
B.Access to the database
C.A stored comment on a blog
D.Root access to the server
Correct Answer: Social engineering to trick a user into clicking a crafted link
Explanation:
Reflected XSS requires the payload to be part of the request (e.g., URL parameters). The attacker must trick the victim into clicking this malicious link.
Incorrect! Try again.
31What does the 'SameSite' cookie attribute helps prevent?
A.Buffer Overflows
B.CSRF (Cross-Site Request Forgery)
C.SQL Injection
D.Password Cracking
Correct Answer: CSRF (Cross-Site Request Forgery)
Explanation:
The SameSite attribute prevents the browser from sending the cookie along with cross-site requests, effectively mitigating CSRF attacks.
Incorrect! Try again.
32Which of the following is a symptom of a mobile device being infected with spyware?
A.Screen becomes brighter
B.Faster performance
C.Unexpected high data usage and rapid battery drain
D.Improved battery life
Correct Answer: Unexpected high data usage and rapid battery drain
Explanation:
Spyware runs in the background, collecting and transmitting data, which consumes data bandwidth and battery power.
Incorrect! Try again.
33Reverse engineering an Android app (APK) is often used in penetration testing to:
A.Upgrade the Android OS
B.Identify hardcoded API keys and logic vulnerabilities
C.Increase the app's speed
D.Compress the file size
Correct Answer: Identify hardcoded API keys and logic vulnerabilities
Explanation:
Penetration testers decompile APKs to view the source code and look for hardcoded secrets (keys) or insecure coding logic.
Incorrect! Try again.
34Which attack involves overlaying a legitimate application with a fake window to trick users into entering sensitive data on a mobile device?
A.SIM Swapping
B.Bluejacking
C.Tapjacking / Overlay Attack
D.Rooting
Correct Answer: Tapjacking / Overlay Attack
Explanation:
Tapjacking (or screen overlay attack) involves tricking the user into tapping a hidden element by covering it with a fake UI overlay.
Incorrect! Try again.
35In SQL Injection, what is the purpose of the -- or # characters?
A.To execute the query immediately
B.To start a new table
C.To encrypt the payload
D.To comment out the rest of the original SQL query
Correct Answer: To comment out the rest of the original SQL query
Explanation:
In SQL, -- (and # in MySQL) signifies the start of a comment. Attackers use this to ignore the remainder of the original query after injecting their payload.
Incorrect! Try again.
36Which of the following represents a 'Blind' SQL Injection scenario?
A.The application crashes the server immediately
B.The application does not return data but behaves differently (true/false) based on the injection
C.The application returns the full database error message
D.The application returns the results of the UNION SELECT query on the screen
Correct Answer: The application does not return data but behaves differently (true/false) based on the injection
Explanation:
Blind SQL Injection occurs when the application does not return error messages or data, so the attacker infers data based on the application's behavior (content change or time delay).
Incorrect! Try again.
37Which mobile vulnerability involves an app accidentally sharing access to its components (Activities, Services) with other malicious apps?
Vishing stands for Voice Phishing, where attackers use phone calls or VoIP to deceive victims into revealing personal information.
Incorrect! Try again.
39Which technique is used to bypass mobile device screen locks using residues left by fingers?
A.Smudge Attack
B.Rainbow Table
C.Dictionary Attack
D.Brute Force
Correct Answer: Smudge Attack
Explanation:
A Smudge Attack analyzes the oily residues (smudges) left on a touchscreen to infer the unlocking pattern.
Incorrect! Try again.
40Which of the following is a valid method to secure a session ID?
A.Storing it in a public folder
B.Storing it in the URL
C.Regenerating the Session ID after a successful login
D.Using a short, predictable sequence
Correct Answer: Regenerating the Session ID after a successful login
Explanation:
Session Regeneration prevents session fixation attacks by issuing a fresh session ID once the user authenticates.
Incorrect! Try again.
41Malware that encrypts a user's files and demands payment for the decryption key is known as:
A.Ransomware
B.Rootkit
C.Adware
D.Spyware
Correct Answer: Ransomware
Explanation:
Ransomware denies access to a device or data (usually via encryption) until a ransom is paid.
Incorrect! Try again.
42In the context of malware, what is a 'Wrapper' or 'Binder'?
A.A type of antivirus
B.A tool used to combine a malicious executable with a legitimate file
C.A firewall rule
D.A secure coding standard
Correct Answer: A tool used to combine a malicious executable with a legitimate file
Explanation:
A Wrapper or Binder combines a malicious payload with a benign file (like a game or image) so the user installs the malware while thinking they are opening the safe file.
Incorrect! Try again.
43What is the function of a C2 (Command and Control) server in a malware attack?
A.To issue instructions to compromised devices (botnet) and receive stolen data
B.To validate SSL certificates
C.To prevent DDOS attacks
D.To store the company's backups
Correct Answer: To issue instructions to compromised devices (botnet) and receive stolen data
Explanation:
A C2 server allows the attacker to control infected machines remotely, send commands, and exfiltrate data.
Incorrect! Try again.
44Which encoding is often used in XSS payloads to bypass basic keyword filters (e.g., converting < to %3C)?
A.URL Encoding (Percent Encoding)
B.Rot13
C.MD5
D.Base64
Correct Answer: URL Encoding (Percent Encoding)
Explanation:
URL Encoding replaces unsafe characters with a % followed by two hexadecimal digits, often used to bypass simple string matching filters.
Incorrect! Try again.
45What is 'Session Fixation'?
A.The server crashing due to too many sessions
B.An attacker stealing a session cookie via XSS
C.Fixing a broken session link
D.An attacker setting a user's session ID to a known value before the user logs in
Correct Answer: An attacker setting a user's session ID to a known value before the user logs in
Explanation:
In Session Fixation, the attacker tricks the victim into using a Session ID known to the attacker. Once the victim logs in, the attacker uses that same ID to hijack the session.
Incorrect! Try again.
46Which tool is specifically designed for decompiling Android applications into readable Java source code?
A.Nmap
B.Wireshark
C.Jadx / APKTool
D.Metasploit
Correct Answer: Jadx / APKTool
Explanation:
Jadx and APKTool are standard tools used for reverse engineering Android APK files.
Incorrect! Try again.
47If an attacker inputs admin' -- into a login field, they are attempting to bypass authentication via:
A.Path Traversal
B.SQL Injection
C.Cross-Site Scripting
D.Buffer Overflow
Correct Answer: SQL Injection
Explanation:
The input admin' -- attempts to close the string literal and comment out the password check in the SQL query.
Incorrect! Try again.
48Which of the following is an example of a Social Engineering attack utilizing authority?
A.A brute force attack on a password
B.Scanning ports on a server
C.Injecting SQL code
D.An attacker pretending to be the CEO asking for an urgent wire transfer
Correct Answer: An attacker pretending to be the CEO asking for an urgent wire transfer
Explanation:
This relies on Authority (impersonating an executive) and Urgency to trick the victim into bypassing procedures.
Incorrect! Try again.
49What defines a 'Hybrid' mobile application?
A.It runs only on iOS
B.It is a web application wrapped in a native container
C.It is written purely in Assembly language
D.It runs only on Android
Correct Answer: It is a web application wrapped in a native container
Explanation:
Hybrid apps are built using web technologies (HTML, CSS, JS) and run inside a native container, allowing them to work on multiple platforms.
Incorrect! Try again.
50Which mathematical concept is primarily compromised when an attacker successfully performs a 'Integer Overflow' attack on a web application?
A.Confidentiality
B.Network Latency
C.Data Integrity / Correctness of calculation
D.Bandwidth
Correct Answer: Data Integrity / Correctness of calculation
Explanation:
Integer overflows occur when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented, compromising the Integrity and logic of the application.