Skip to content

This textbook is in beta – content is actively being refined. Report issues or suggestions

18.02 Web Application Vulnerabilities - Quiz

Section 18.2 Quiz: Web Application Vulnerabilities

This quiz assesses your understanding of common web application vulnerabilities, attack vectors, and security countermeasures based on OWASP guidelines.

Time Limit: 40 minutes
Total Marks: 40 marks
Question Types: Multiple choice and short answer

  1. Which vulnerability consistently ranks at the top of the OWASP Top 10?

    • Cross-Site Scripting (XSS)
    • { data-correct } Injection flaws (including SQL injection)
    • Broken authentication
    • Insecure direct object references

  2. What is the primary cause of SQL injection vulnerabilities?

    • Poor database design
    • Weak passwords
    • { data-correct } Insufficient input validation and unsanitized user input in SQL queries
    • Outdated database software

  3. Which type of XSS attack is stored on the server and executed when other users view the content?

    • Reflected XSS
    • { data-correct } Stored (Persistent) XSS
    • DOM-based XSS
    • Server-side XSS

  4. What security mechanism is most effective at preventing Cross-Site Request Forgery (CSRF) attacks?

    • Input validation
    • SQL parameterized queries
    • { data-correct } Anti-CSRF tokens
    • HTTPS encryption

  5. Which vulnerability allows attackers to access files and resources outside the intended directory?

    • SQL injection
    • Cross-site scripting
    • { data-correct } Path traversal (Directory traversal)
    • Session hijacking

  6. What is the main security issue with insecure direct object references?

    • Poor performance
    • Database corruption
    • { data-correct } Users can access unauthorized data by manipulating parameter values
    • Increased server load

  7. Which authentication vulnerability involves session tokens that don’t change after login?

    • Weak passwords
    • { data-correct } Session fixation
    • Account lockout bypass
    • Password recovery flaws

  8. What does XML External Entity (XXE) injection primarily exploit?

    • Database connections
    • User authentication
    • { data-correct } XML parsing configurations that allow external entity processing
    • File upload mechanisms

  9. Which vulnerability category includes sensitive data exposure in URLs, logs, or error messages?

    • Injection flaws
    • Broken authentication
    • { data-correct } Security misconfiguration
    • Insufficient logging

  10. What is the primary defense against most injection attacks?

    • Strong encryption
    • Complex passwords
    • { data-correct } Input validation and parameterized queries
    • Frequent security updates

  11. Which HTTP header helps prevent clickjacking attacks?

    • Content-Type
    • { data-correct } X-Frame-Options
    • Authorization
    • Accept-Language

  12. What vulnerability allows attackers to execute arbitrary code by uploading malicious files?

    • SQL injection
    • XSS
    • { data-correct } Unrestricted file upload
    • CSRF

Short Answer Questions

Question 13 (4 marks): Explain how parameterized queries (prepared statements) prevent SQL injection attacks. Provide a brief code example showing the difference between vulnerable and secure approaches.

Question 14 (4 marks): Describe three different types of Cross-Site Scripting (XSS) attacks and explain how each one works.

Question 15 (4 marks): Explain the concept of the Same-Origin Policy and how it relates to web application security. What are its limitations?

Question 16 (4 marks): Describe the security implications of using components with known vulnerabilities. What steps should organizations take to mitigate this risk?

Question 17 (4 marks): Explain how Content Security Policy (CSP) helps prevent XSS attacks. Provide an example of a basic CSP header.

Answer Key

Multiple Choice: 1-B, 2-C, 3-B, 4-C, 5-C, 6-C, 7-B, 8-C, 9-C, 10-C, 11-B, 12-C

Short Answer Guidelines:

Question 13: Should explain separation of SQL code from data, show example of vulnerable concatenated query vs. parameterized query with placeholders.

Question 14: Should cover Reflected XSS (immediate execution from URL/form), Stored XSS (persisted in database), and DOM-based XSS (client-side JavaScript manipulation).

Question 15: Should explain origin definition (protocol + domain + port), prevention of cross-origin requests, limitations with subdomains and CORS.

Question 16: Should cover dependency management, vulnerability scanning, regular updates, inventory maintenance, and security monitoring of third-party components.

Question 17: Should explain CSP as whitelist of allowed content sources, example header like “default-src ‘self’; script-src ‘self’ trusted-scripts.com”.

Extension Activities

  1. Vulnerability Lab: Set up a vulnerable web application (like DVWA or WebGoat) and practice identifying and exploiting common vulnerabilities in a safe environment.

  2. Security Code Review: Analyze a sample web application codebase and identify potential security vulnerabilities using OWASP guidelines.

  3. Security Testing Automation: Research and test automated vulnerability scanning tools, comparing their effectiveness at detecting different types of web application vulnerabilities.