#1
Which of the following is a common security vulnerability in web applications?
SQL Injection
Binary Tree
Merge Sort
Breadth-First Search
#2
What does XSS stand for in the context of software security?
External Source Scripting
Cross-Site Scripting
Xtra Secure Software
Exceptional System Services
#3
Which of the following is NOT a type of software vulnerability?
Race Condition
Memory Leak
Deadlock
Binary Tree
#4
What does CSRF stand for in the context of software security?
Cross-Site Request Forgery
Cross-System Request Falsification
Controlled System Resource Failure
Coordinated Server Response Function
#5
What is the main goal of a 'Man-in-the-Middle' attack?
To gain unauthorized access to a system
To intercept and alter communication between two parties
To overload a server with requests
To exploit a vulnerability in a web application
#6
Which of the following is NOT a best practice for secure password management?
Using a unique password for each account
Storing passwords in plain text
Enabling multi-factor authentication
Regularly updating passwords
#7
What is the purpose of input validation in software security?
To ensure that input data meets certain criteria or constraints
To encrypt input data before processing
To store input data in a secure database
To prevent unauthorized access to input data
#8
Which encryption algorithm is commonly used for secure communication over the internet?
#9
What is a 'Buffer Overflow' vulnerability?
When a program attempts to write more data to a buffer than it can hold
When a program crashes due to insufficient memory
When a program executes code provided as input, exploiting a vulnerability
When a program fails to handle unexpected inputs correctly
#10
Which of the following is a form of privilege escalation attack?
SQL Injection
Cross-Site Scripting
Buffer Overflow
DLL Injection
#11
What is the main purpose of a 'Honey Pot' in cybersecurity?
To detect and deflect unauthorized access attempts
To store sensitive data securely
To perform penetration testing
To enhance network performance
#12
What is the purpose of a 'Firewall' in network security?
To prevent unauthorized access to or from a private network
To encrypt all data transmitted over a network
To detect and remove malware from a network
To optimize network performance
#13
What is 'Zero-Day Exploit' in the context of software vulnerabilities?
An exploit that targets outdated software versions
An exploit that targets a vulnerability that is known and patched
An exploit that targets a vulnerability that is unknown and unpatched
An exploit that targets a specific user's device
#14
What is the primary goal of 'Denial of Service' (DoS) attacks?
To steal sensitive information
To gain unauthorized access to a system
To disrupt or disable services provided by a host
To install malware on a victim's device
#15
What is the principle behind 'Least Privilege' in software security?
Giving users the most permissions possible
Giving users only the permissions they need to perform their tasks
Randomly assigning permissions to users
Not granting any permissions to users
#16
Which of the following is a technique used in cryptography to verify the integrity and authenticity of data?
Hashing
Compression
Encryption
Steganography
#17
Which of the following is NOT a common security measure for protecting against malware?
Anti-virus software
Firewalls
Public Wi-Fi
User training and awareness
#18
What is the primary purpose of 'Security Patch Management'?
To identify vulnerabilities in software
To create new features for software
To keep software up-to-date with the latest security patches
To improve the performance of software
#19
Which of the following is a characteristic of a 'Brute Force Attack'?
It involves exploiting a vulnerability in software
It requires social engineering techniques
It attempts to guess passwords or encryption keys
It targets specific individuals or organizations