NSCT – Web Application Security MCQs 20 min Score: 0 Attempted: 0/20 Subscribe 1. . Web Application Security is focused on: (A) Installing browsers (B) Increasing internet speed (C) Deleting web files (D) Protecting websites and web apps from attacksShow All Answers 2. . Which of the following is a common web application threat? (A) SQL Injection (B) Cross-Site Scripting (XSS) (C) All of the above (D) Cross-Site Request Forgery (CSRF) 3. . SQL Injection occurs when: (A) The server crashes randomly (B) Malicious SQL commands are inserted into input fields (C) Network cables are unplugged (D) Firewall blocks requests 4. . Cross-Site Scripting (XSS) allows attackers to: (A) Delete server files automatically (B) Increase internet speed (C) Execute malicious scripts in users' browsers (D) Install software 5. . CSRF (Cross-Site Request Forgery) attack tricks a user into: (A) Deleting their browser history (B) Performing unwanted actions on a web app (C) Installing antivirus (D) Encrypting files 6. . Input validation helps to: (A) Delete files (B) Prevent malicious data from being processed (C) Increase CPU speed (D) Compress data 7. . HTTPS is important because it: (A) Reduces storage usage (B) Deletes cookies automatically (C) Speeds up the website (D) Encrypts data transmitted between client and server 8. . A web application firewall (WAF) is used to: (A) Scan hardware (B) Block printers (C) Increase internet speed (D) Protect web applications from attacks 9. . Session hijacking occurs when: (A) Internet speed increases (B) Files are deleted automatically (C) The server restarts (D) An attacker steals a user's session token 10. . Which of the following helps prevent XSS attacks? (A) Strong passwords (B) Input sanitization (C) Regular backups (D) Network monitoring 11. . Authentication in web apps ensures: (A) Data is compressed (B) Files are deleted (C) Internet speed is increased (D) Users are who they claim to be 12. . Authorization in web apps ensures: (A) Browser settings are changed (B) All users can access everything (C) Files are encrypted automatically (D) Users can access only permitted resources 13. . Which of the following is a secure password practice? (A) Using "123456" as password (B) Sharing passwords with colleagues (C) Using complex, unique passwords (D) Using the same password for all apps 14. . Security headers in HTTP help to: (A) Compress files (B) Increase internet speed (C) Prevent attacks like XSS and clickjacking (D) Delete cookies automatically 15. . Clickjacking is an attack where: (A) Internet speed is reduced (B) Users are tricked into clicking hidden elements (C) Files are deleted automatically (D) Hardware is damaged 16. . Sensitive data in web apps should be: (A) Shared openly (B) Stored in plain text (C) Sent via HTTP only (D) Encrypted during storage and transmission 17. . Error messages in web apps should be: (A) Detailed with database info (B) Generic to avoid revealing system details (C) Printed to all users (D) Ignored 18. . Regular software updates in web apps are important because they: (A) Increase CPU speed (B) Delete all data (C) Fix vulnerabilities and improve security (D) Reduce bandwidth usage 19. . Two-Factor Authentication (2FA) in web apps: (A) Adds an extra layer of security (B) Speeds up login process only (C) Encrypts all files automatically (D) Deletes old accounts 20. . The main goal of web application security is to: (A) Compress files (B) Increase website traffic only (C) Ensure confidentiality, integrity, and availability of web resources (D) Improve graphics
