1. . Web Application Security is focused on:
(A) Installing browsers
(B) Increasing internet speed
(C) Deleting web files
(D) Protecting websites and web apps from attacks
2. . Which of the following is a common web application threat?
(A) SQL Injection
(B) Cross-Site Scripting (XSS)
(C) All of the above
(D) Cross-Site Request Forgery (CSRF)
3. . SQL Injection occurs when:
(A) The server crashes randomly
(B) Malicious SQL commands are inserted into input fields
(C) Network cables are unplugged
(D) Firewall blocks requests
4. . Cross-Site Scripting (XSS) allows attackers to:
(A) Delete server files automatically
(B) Increase internet speed
(C) Execute malicious scripts in users' browsers
(D) Install software
5. . CSRF (Cross-Site Request Forgery) attack tricks a user into:
(A) Deleting their browser history
(B) Performing unwanted actions on a web app
(C) Installing antivirus
(D) Encrypting files
6. . Input validation helps to:
(A) Delete files
(B) Prevent malicious data from being processed
(C) Increase CPU speed
(D) Compress data
7. . HTTPS is important because it:
(A) Reduces storage usage
(B) Deletes cookies automatically
(C) Speeds up the website
(D) Encrypts data transmitted between client and server
8. . A web application firewall (WAF) is used to:
(A) Scan hardware
(B) Block printers
(C) Increase internet speed
(D) Protect web applications from attacks
9. . Session hijacking occurs when:
(A) Internet speed increases
(B) Files are deleted automatically
(C) The server restarts
(D) An attacker steals a user's session token
10. . Which of the following helps prevent XSS attacks?
(A) Strong passwords
(B) Input sanitization
(C) Regular backups
(D) Network monitoring
11. . Authentication in web apps ensures:
(A) Data is compressed
(B) Files are deleted
(C) Internet speed is increased
(D) Users are who they claim to be
12. . Authorization in web apps ensures:
(A) Browser settings are changed
(B) All users can access everything
(C) Files are encrypted automatically
(D) Users can access only permitted resources
13. . Which of the following is a secure password practice?
(A) Using "123456" as password
(B) Sharing passwords with colleagues
(C) Using complex, unique passwords
(D) Using the same password for all apps
14. . Security headers in HTTP help to:
(A) Compress files
(B) Increase internet speed
(C) Prevent attacks like XSS and clickjacking
(D) Delete cookies automatically
15. . Clickjacking is an attack where:
(A) Internet speed is reduced
(B) Users are tricked into clicking hidden elements
(C) Files are deleted automatically
(D) Hardware is damaged
16. . Sensitive data in web apps should be:
(A) Shared openly
(B) Stored in plain text
(C) Sent via HTTP only
(D) Encrypted during storage and transmission
17. . Error messages in web apps should be:
(A) Detailed with database info
(B) Generic to avoid revealing system details
(C) Printed to all users
(D) Ignored
18. . Regular software updates in web apps are important because they:
(A) Increase CPU speed
(B) Delete all data
(C) Fix vulnerabilities and improve security
(D) Reduce bandwidth usage
19. . Two-Factor Authentication (2FA) in web apps:
(A) Adds an extra layer of security
(B) Speeds up login process only
(C) Encrypts all files automatically
(D) Deletes old accounts
20. . The main goal of web application security is to:
(A) Compress files
(B) Increase website traffic only
(C) Ensure confidentiality, integrity, and availability of web resources
(D) Improve graphics