• Tutorials
  • Courses
  • Tracks

Cyber Quiz Day 29

Last Updated :
Discuss
Comments

Question 1

In a web app engagement following PTES, which activity should you complete before touching the target?

  • Vulnerability analysis

  • Exploitation

  • Pre-engagement interactions

  • Post-exploitation

Discuss it

Question 2

A client wants a repeatable, test-case-driven checklist that maps to web app areas like auth, session, and client-side. Which standard fits best?

  • OSSTMM

  • OWASP WSTG

  • PTES

  • NIST 800-115 only

Discuss it

Question 3

You’re asked to include physical and wireless testing alongside web testing and to produce measureable, verifiable results. Which methodology explicitly emphasizes that?

  • OSSTMM

  • WSTG

  • PTES

  • CIS Controls

Discuss it

Question 4

During testing, you find weak session tokens and missing logout invalidation. Which WSTG categories primarily cover this?

  • WSTG-INPV and WSTG-CRYP

  • WSTG-SESS and WSTG-ATHN

  • WSTG-BUSL and WSTG-CLNT

  • WSTG-API and WSTG-CONF

Discuss it

Question 5

Pick the most accurate example of an attack surface from your list that commonly leads to RCE if mishandled:

  • Cookies with HttpOnly set

  • Search box with client-side validation only

  • CSP with default-src 'self'

  • File upload functions without validation

Discuss it

Question 6

You suspect BOLA/IDOR in APIs. Which tool pairing from your list helps you intercept, replay, and fuzz API requests fastest?

  • Nikto + Wappalyzer

  • Burp Suite + WFuz

  • SQLmap + Hydra

  • Dirb + WhatWeb

Discuss it

Question 7

Your manager asks the difference between vulnerability scanning and penetration testing in one line of outcome:

  • Scanning proves exploitability; pentesting lists CVEs

  • Scanning is manual; pentesting is automated

  • Scanning reports potential issues; pentesting confirms exploitability with impact

  • Both are identical if tools are updated

Discuss it

Question 8

After importing Burp’s CA, your HTTP history is flooded. Which two features from your text help reduce noise without losing required traffic?

  • Turn off Proxy

  • Disable TLS 1.3 in the browser

  • Only use system-wide proxy so all apps route via Burp

  • Use Proxy → Options filters and apply HTTP history “Filter:” controls

Discuss it

Question 9

You set up Burp and see HTTP requests but no HTTPS. What’s the minimum corrective action per your steps?

  • Switch Burp port from 8080 to 443

  • Use system proxy instead of browser proxy

  • Export Burp CA (DER) and import it as a trusted root in the browser

  • Enable “Intercept is on”

Discuss it

Question 10

You’re wrapping up a sprint-bound web security test. Which combined plan best reflects a structured methodology → attack surface → tooling flow?

  • Run Nikto; if clean, skip WSTG

  • Follow PTES phases; map tests to WSTG categories; focus on high-risk areas (auth/session, inputs, APIs, uploads); use Burp, ZAP, SQLmap, Dirb/Gobuster, Hydra as needed; report with exploit evidence and fixes

  • Start with OSSTMM wireless, then only do client-side checks

  • Run Wappalyzer; if WordPress, always exploit with Metasploit first

Discuss it

There are 10 questions to complete.

Take a part in the ongoing discussion