Question Bank

What is an SSL Certificate?

What is the role of a Certificate Authority (CA)?

Which port does HTTPS typically use?

Which port does HTTP typically use?

What security issue arises from session tokens having poor randomness?

What is the primary benefit of implementing Content Security Policy (CSP)?

What does the Access-Control-Allow-Origin header do?

What is the main difference between IDS and a firewall?

What is Cross-Site Request Forgery (CSRF)?

What is ClickJacking?

What is a Honeypot in security?

What happens when an application takes user-inserted data and sends it to a web browser without proper validation and escaping?

What is HTTP Public Key Pinning (HPKP)?

What is Failure to Restrict URL Access?

How can applications protect against Forced Browsing attacks?

What is the difference between encryption, encoding, and hashing?

Why are hash values not reversible?

What is HSTS (HTTP Strict Transport Security)?

What is Stored XSS?

What is Reflected XSS?