Application security and red teaming L2

1. What is the primary goal of red teaming in application security?

A) To identify and exploit vulnerabilities
B) To patch vulnerabilities in the application
C) To perform security audits
D) To develop new security protocols

Answer: A) To identify and exploit vulnerabilities

2. Which of the following is NOT a common application security vulnerability?

A) Cross-Site Scripting (XSS)
B) SQL Injection
C) Secure Sockets Layer (SSL)
D) Cross-Site Request Forgery (CSRF)

Answer: C) Secure Sockets Layer (SSL)

3. What does XSS stand for in the context of web security?

A) Extended Security Suite
B) Cross-Site Scripting
C) External Security System
D) Cross-Site Security

Answer: B) Cross-Site Scripting

4. Which type of security attack aims to manipulate a user into performing actions they did not intend
to?
A) SQL Injection
B) Cross-Site Scripting
C) Social Engineering
D) Buffer Overflow

Answer: C) Social Engineering

5. In SQL Injection attacks, what is typically the target of malicious SQL code?
A) User authentication data
B) Session cookies
C) Application logs
D) Database queries

Answer: D) Database queries

6. Which HTTP method is typically used for safe and idempotent operations?
A) GET
B) POST
C) DELETE
D) PUT

Answer: A) GET

7. What is the purpose of input validation in application security?

A) To ensure inputs meet certain criteria
B) To encrypt sensitive data
C) To authenticate users
D) To authorize access to resources
 Answer: A) To ensure inputs meet certain criteria

8. Which of the following best describes the concept of "least privilege"?

A) Giving users access only to the resources they need to perform their jobs
B) Providing users with maximum privileges by default
C) Allowing users to access any resource without restrictions
D) Granting privileges based on seniority rather than necessity

Answer: A) Giving users access only to the resources they need to perform their jobs

9. Which cryptographic technique is commonly used to store passwords securely?

A) MD5 hashing
B) Base64 encoding
C) SHA-256 hashing
D) ROT13 encryption

Answer: C) SHA-256 hashing

10. What is the purpose of a CAPTCHA in web applications?

A) To encrypt sensitive data
B) To authenticate users
C) To prevent automated bots from submitting forms
D) To ensure secure communication over the network

Answer: C) To prevent automated bots from submitting forms

11. Which HTTP header is used to prevent clickjacking attacks?

A) X-Frame-Options
B) Content-Security-Policy
C) Access-Control-Allow-Origin
D) X-XSS-Protection

Answer: A) X-Frame-Options

12. What is the primary goal of a penetration test?

A) To identify and exploit vulnerabilities
B) To patch vulnerabilities in the application
C) To perform security audits
D) To develop new security protocols

Answer: C) To identify and exploit vulnerabilities

13. Which of the following is a common method for protecting against session hijacking attacks?
A) Using HTTPS for all communication
B) Regularly changing session IDs
C) Disabling cookies
D) Storing session data in client-side cookies

Answer: B) Regularly changing session IDs

14. What does CSRF stand for in the context of web security?
A) Cross-Site Request Forgery
B) Cross-Site Resource Fixation
C) Cross-Site Redirect Forgery
D) Cross-Site Reflected Forgery

Answer: A) Cross-Site Request Forgery

15. Which of the following is NOT a common defense against SQL injection attacks?
A) Using parameterized queries
B) Escaping user input
C) Limiting database permissions
D) Storing passwords in plaintext

Answer: D) Storing passwords in plaintext

16. Which HTTP header is used to prevent XSS attacks?

A) X-Content-Type-Options
B) X-XSS-Protection
C) Content-Security-Policy
D) Strict-Transport-Security

Answer: B) X-XSS-Protection

17. Which of the following is NOT a characteristic of a secure password?

A) Long and complex
B) Easy to remember
C) Contains a mix of uppercase and lowercase letters, numbers, and special characters
D) Not reused across multiple accounts

Answer: B) Easy to remember

18. Which cryptographic algorithm is commonly used for encrypting data in transit?
A) AES
B) MD5
C) RSA
D) SHA-1

Answer: A) AES

19. What is the purpose of a security token in web applications?

A) To prevent SQL injection attacks
B) To authenticate users
C) To authorize access to resources
D) To encrypt sensitive data

Answer: B) To authenticate users

20. Which HTTP status code indicates that a resource has been permanently moved to a new
location?
A) 200 OK
B) 301 Moved Permanently
C) 404 Not Found
D) 500 Internal Server Error

Answer: B) 301 Moved Permanently

21. Which of the following is a common method for securing APIs?

A) OAuth
B) Captchas
C) Cross-Site Scripting (XSS)
D) SQL Injection

Answer: A) OAuth
22. Which of the following is NOT a security vulnerability commonly found in web applications?
A) Buffer Overflow
B) XSS
C) CSRF
D) FTP Injection

Answer: D) FTP Injection

23. Which of the following best describes a "man-in-the-middle" attack?

A) An attacker intercepts communication between two parties
B) An attacker gains access to a server by exploiting a vulnerability
C) An attacker floods a network with traffic to disrupt service
D) An attacker injects malicious code into a web application

Answer: A) An attacker intercepts communication between two parties

24. What is the purpose of secure coding practices?

A) To identify and exploit vulnerabilities
B) To develop software that is resistant to attacks
C) To perform security audits
D) To patch vulnerabilities in the application

Answer: B) To develop software that is resistant to attacks

25. Which of the following is NOT a common security measure for protecting against cross-site
scripting (XSS) attacks?
A) Input validation
B) Output encoding
C) Session management
D) Content Security Policy (CSP)

Answer: C)

Session management

26. Which of the following is a common method for protecting against SQL injection attacks?
A) Using prepared statements
B) Disabling HTTPS
C) Storing passwords in plaintext
D) Allowing unrestricted database access

Answer: A) Using prepared statements

27. Which HTTP header is used to enforce HTTPS connections?

A) X-Content-Type-Options
B) X-XSS-Protection
C) Strict-Transport-Security
D) Content-Security-Policy

Answer: C) Strict-Transport-Security

28. Which of the following is NOT a common security threat to mobile applications?
A) Jailbreaking/rooting
B) SQL Injection
C) Man-in-the-middle attacks
D) Insecure data storage
 Answer: B) SQL Injection

29. What is the purpose of the Same-Origin Policy in web browsers?

A) To prevent cross-site scripting attacks
B) To restrict scripts running on one origin from accessing resources from another origin
C) To encrypt sensitive data
D) To authenticate users

Answer: B) To restrict scripts running on one origin from accessing resources from another origin

30. Which of the following is a common method for securing user authentication?
A) Storing passwords in plaintext
B) Using a single factor authentication
C) Implementing multi-factor authentication
D) Allowing unlimited login attempts

Answer: C) Implementing multi-factor authentication

31. What does OWASP stand for in the context of web security?
A) Open Web Application Software Protection
B) Online Web Application Security Protocol
C) Open Web Application Security Project
D) Online Web Application Security Program

Answer: C) Open Web Application Security Project

32. Which of the following best describes a DDoS attack?

A) An attacker gains access to a server by exploiting a vulnerability
B) An attacker intercepts communication between two parties
C) An attacker floods a network with traffic to disrupt service
D) An attacker injects malicious code into a web application

Answer: C) An attacker floods a network with traffic to disrupt service

33. Which of the following is a common method for securing sensitive data in transit?
A) Using plaintext communication
B) Encrypting data with SSL/TLS
C) Storing data in unencrypted files
D) Disabling encryption protocols

Answer: B) Encrypting data with SSL/TLS

34. Which of the following best describes the concept of "defense in depth"?
A) Using a single security measure to protect against all threats
B) Layering multiple security measures to protect against different types of threats
C) Granting maximum privileges to all users
D) Disabling all security measures to improve performance

Answer: B) Layering multiple security measures to protect against different types of threats

35. What is the primary goal of threat modeling in application security?

A) To identify and exploit vulnerabilities
B) To patch vulnerabilities in the application
C) To perform security audits
D) To identify potential threats and vulnerabilities early in the development process
 Answer: D) To identify potential threats and vulnerabilities early in the development process

36. Which of the following is NOT a common security measure for protecting against cross-site
request forgery (CSRF) attacks?
A) CSRF tokens
B) Input validation
C) Same-Origin Policy
D) Content Security Policy (CSP)

Answer: B) Input validation

37. What is the purpose of a WAF (Web Application Firewall)?

A) To prevent SQL injection attacks
B) To monitor and filter HTTP traffic to and from a web application
C) To authenticate users
D) To encrypt sensitive data

Answer: B) To monitor and filter HTTP traffic to and from a web application

38. Which of the following is a common security measure for protecting against clickjacking attacks?
A) HTTP Strict Transport Security (HSTS)
B) Content Security Policy (CSP)
C) X-Frame-Options header
D) Cross-Origin Resource Sharing (CORS)

Answer: C) X-Frame-Options header

39. Which of the following is NOT a common security threat to IoT devices?
A) Brute force attacks
B) DDoS attacks
C) SQL Injection
D) Insecure firmware

Answer: C) SQL Injection

40. What is the purpose of fuzz testing in application security?

A) To identify and exploit vulnerabilities
B) To patch vulnerabilities in the application
C) To perform security audits
D) To test software with invalid, unexpected, or random data

Answer: D) To test software with invalid, unexpected, or random data

41. Which of the following is a common method for securing mobile applications?
A) Jailbreaking/rooting
B) Implementing code obfuscation
C) Storing sensitive data in plaintext
D) Disabling encryption

Answer: B) Implementing code obfuscation

42. Which of the following is NOT a common security measure for securing cloud applications?
A) Data encryption
B) Multi-factor authentication
C) IP whitelisting
D) Storing sensitive data in plaintext
 Answer: D) Storing sensitive data in plaintext

43. What is the purpose of input sanitization in application security?

A) To authenticate users
B) To authorize access to resources
C) To ensure inputs are free from malicious content
D) To encrypt sensitive data

Answer: C) To ensure inputs are free from malicious content

44. Which of the following best describes a buffer overflow attack?

A) An attacker intercepts communication between two parties
B) An attacker gains access to a server by exploiting a vulnerability
C) An attacker floods a network with traffic to disrupt service
D) An attacker injects more data than a buffer can handle, leading to unpredictable behavior

Answer: D) An attacker injects more data than a buffer can handle, leading to unpredictable
behavior

45. What is the purpose of threat intelligence in application security?

A) To identify and exploit vulnerabilities
B) To patch vulnerabilities in the application
C) To perform security audits
D) To gather information about potential threats and attackers

Answer: D) To gather information about potential threats and attackers

46. Which of the following is a common method for securing server-side authentication tokens?
A) Storing tokens in plaintext
B) Using long, randomly generated tokens
C) Sharing tokens over unencrypted channels
D) Hardcoding tokens in client-side code

Answer: B) Using long, randomly generated tokens

47. Which of the following is NOT a common security measure for securing APIs?
A) Rate limiting
B) Input validation
C) Authentication
D) Encryption

Answer: B) Input validation

48. What is the purpose of security headers in web applications?

A) To prevent SQL injection attacks
B) To authenticate users
C) To authorize access to resources
D) To provide additional security controls to the browser

Answer: D) To provide additional security controls to the browser

49. Which of the following best describes the concept of "defense in depth"?
A) Using a single security measure to protect against all threats
B) Layering multiple security measures to protect against different types of threats
C) Granting maximum privileges to all users
 D) Disabling all security measures to improve performance

Answer: B) Layering multiple security measures to protect against different types of threats

50. Which of the following is a common method for securing database connections?
A) Using plaintext communication
B) Disabling encryption protocols
C) Using SSL/TLS
D) Allowing unrestricted database access

Answer: C) Using SSL/TLS

51. Which of the following is a common security threat to mobile applications?

A) SQL Injection
B) Cross-Site Scripting (XSS)
C) Man-in-the-middle attacks
D) Clickjacking

Answer: C) Man-in-the-middle attacks

52. Which of the following best describes the concept of "security by design"?
A) Addressing security concerns only after software development is complete
B) Incorporating security considerations into the software development process from the beginning
C) Ignoring security concerns entirely
D) Developing software without any security features

Answer: B) Incorporating security considerations into the software development process from the
beginning

53. What is the purpose of a Content Security Policy (CSP) in web applications?
A) To prevent cross-site scripting attacks
B) To restrict scripts running on one origin from accessing resources from another origin
C) To encrypt sensitive data
D) To authenticate users

Answer: A) To prevent cross-site scripting attacks

54. Which of the following is a common method for securing API endpoints?
A) Using plaintext communication
B) Disabling HTTPS
C) Implementing authentication and authorization mechanisms
D) Storing API keys in client-side code

Answer: C) Implementing authentication and authorization mechanisms

55. Which of the following is a common method for securing client-side storage?
A) Using unencrypted cookies
B) Storing sensitive data in plaintext
C) Encrypting data stored locally
D) Disabling storage altogether

Answer: C) Encrypting data stored locally

56. Which of the following is a common method for securing server-side rendering in web
applications?
A) Using plaintext communication
B) Disabling encryption
 C) Implementing Content Security Policy (CSP)
D) Storing sensitive data in client-side cookies

Answer: C) Implementing Content Security Policy (CSP)

57. What is the purpose of a security sandbox in application security?

A) To prevent unauthorized access to sensitive data
B) To isolate untrusted code from the rest of the system
C) To perform security audits
D) To develop new security protocols

Answer: B) To isolate untrusted code from the rest of the system

58. Which of the following is a common method for securing server-side authentication tokens?
A) Storing tokens in plaintext
B) Using long, randomly generated tokens
C) Sharing tokens over unencrypted channels
D) Hardcoding tokens in client-side code

Answer: B) Using long, randomly generated tokens

59. Which of the following best describes the concept of "least privilege"?
A) Giving users access only to the resources they need to perform their jobs
B) Providing users with maximum privileges by default
C) Allowing users to access any resource without restrictions
D) Granting privileges based on seniority rather than necessity

Answer: A) Giving users access only to the resources they need to perform their jobs

60. What is the purpose of a security token in web applications?

A) To prevent SQL injection attacks
B) To authenticate users
C) To authorize access to resources
D) To encrypt sensitive data

Answer: B) To authenticate users