Question Bank

What is the primary purpose of anti-CSRF tokens?

XSS can be completely prevented without modifying source code by using a Web Application Firewall (WAF).

What security threat arises from not flagging HTTP cookies with tokens as secure?

What does PKI stand for?

HTTPS is always slower than HTTP due to encryption overhead.

Black Box security testing provides testers with full information about the system being tested.

Security testing is performed to identify vulnerabilities and protect data from possible attacks.

Using robots.txt is an effective way to hide sensitive directories from attackers.

Impersonation in IT systems means that administrators can access other users' data.

Vulnerability refers to a weakness in a system that can be exploited by attackers.

What is the primary difference between Authentication and Authorization?

What does DDOS stand for?

What is a botnet?

What does OWASP stand for?

What type of attack is Cross-Site Scripting (XSS)?

What does IDS stand for in security contexts?

What does CSP stand for in web security?

What does CORS stand for?

What is Session Hijacking?

What is DOM-based XSS?