#1
Which of the following is a common security vulnerability in web applications?
SQL Injection
ExplanationInjection of malicious SQL queries to manipulate or access database data.
#2
What does XSS stand for in the context of software security?
Cross-Site Scripting
ExplanationInsertion of malicious scripts into web pages viewed by other users.
#3
Which of the following is NOT a type of software vulnerability?
Binary Tree
ExplanationBinary Tree is a data structure, not a software vulnerability.
#4
What does CSRF stand for in the context of software security?
Cross-Site Request Forgery
ExplanationA type of attack where unauthorized commands are transmitted from a user's browser.
#5
What is the main goal of a 'Man-in-the-Middle' attack?
To intercept and alter communication between two parties
ExplanationAn attack where a third party intercepts communication between two parties.
#6
Which of the following is NOT a best practice for secure password management?
Storing passwords in plain text
ExplanationStoring passwords in plain text is insecure and violates best practices.
#7
What is the purpose of input validation in software security?
To ensure that input data meets certain criteria or constraints
ExplanationValidating input to prevent exploitation of software vulnerabilities.
#8
Which encryption algorithm is commonly used for secure communication over the internet?
RSA
ExplanationA widely used asymmetric encryption algorithm for secure communication.
#9
What is a 'Buffer Overflow' vulnerability?
When a program attempts to write more data to a buffer than it can hold
ExplanationOccurs when a program writes more data to a buffer than it's allocated, leading to potential security breaches.
#10
Which of the following is a form of privilege escalation attack?
DLL Injection
ExplanationInjecting a dynamic link library to gain elevated privileges within a system.
#11
What is the main purpose of a 'Honey Pot' in cybersecurity?
To detect and deflect unauthorized access attempts
ExplanationA decoy system designed to lure potential attackers and monitor their activities.
#12
What is the purpose of a 'Firewall' in network security?
To prevent unauthorized access to or from a private network
ExplanationA security barrier that controls incoming and outgoing network traffic.
#13
What is 'Zero-Day Exploit' in the context of software vulnerabilities?
An exploit that targets a vulnerability that is unknown and unpatched
ExplanationAn attack exploiting vulnerabilities unknown to software developers or vendors.
#14
What is the primary goal of 'Denial of Service' (DoS) attacks?
To disrupt or disable services provided by a host
ExplanationOverloading a system or network to prevent legitimate users from accessing services.
#15
What is the principle behind 'Least Privilege' in software security?
Giving users only the permissions they need to perform their tasks
ExplanationGranting minimal access rights to users to limit potential damage from security breaches.
#16
Which of the following is a technique used in cryptography to verify the integrity and authenticity of data?
Hashing
ExplanationCreating a fixed-size digest of data to ensure integrity and authenticity.
#17
Which of the following is NOT a common security measure for protecting against malware?
Public Wi-Fi
ExplanationPublic Wi-Fi is not a security measure but rather a potential vulnerability.
#18
What is the primary purpose of 'Security Patch Management'?
To keep software up-to-date with the latest security patches
ExplanationRegularly updating software to address known security vulnerabilities.
#19
Which of the following is a characteristic of a 'Brute Force Attack'?
It attempts to guess passwords or encryption keys
ExplanationRepeatedly trying various combinations to guess passwords or keys.