Online Access Free GWEB Exam Questions

What is the main objective of penetration testing in web application security?
Response:

• A.To identify and exploit vulnerabilities in the application
• B.To reduce the cost of hosting
• C.To optimize web server performance
• D.To improve user experience

Which of the following HTTP methods is considered idempotent?
Response:

• A.DELETE
• B.POST
• C.TRACE
• D.PUT

What role does a Web Application Firewall (WAF) play in modern web application security?
Response:

• A.Provides a physical barrier between the web server and the internet
• B.Acts as a reverse proxy to intercept and analyze HTTP/S traffic
• C.Serves as the primary authentication mechanism
• D.Encrypts data transmitted between the client and the server

Which type of security testing focuses on identifying security vulnerabilities in the application's source code?
Response:

• A.Static Application Security Testing (SAST)
• B.Dynamic Application Security Testing (DAST)
• C.Load testing
• D.Functional testing

Which of the following session management flaws can lead to session hijacking?
Response:

• A.Session tokens not being invalidated after logout
• B.Weak password policy
• C.The use of CAPTCHA
• D.Limiting login attempts