最新的GIAC GWAPT免費考試真題

問題1

Which measures can prevent session hijacking? (Choose two)

A. Implementing multi-factor authentication

B. Using HTTPS for secure communication

C. Allowing users to log in multiple times simultaneously

D. Allowing cookies to be sent in plaintext

正確答案: A,B

問題2

What mechanism is commonly used to protect session IDs during transmission?

A. Secure cookies and HTTPS

B. Tokenization

C. Session expiration

D. User authentication

正確答案: A

問題3

Which measures can prevent session hijacking? (Choose two)

A. Implementing multi-factor authentication

B. Using HTTPS for secure communication

C. Allowing users to log in multiple times simultaneously

D. Allowing cookies to be sent in plaintext

正確答案: A,B

問題4

Which HTTP method is used to retrieve data from a server?

A. PUT

B. POST

C. GET

D. DELETE

正確答案: C

問題5

What is the primary goal of reconnaissance in web application penetration testing?

A. Gather information about the target application to plan further attacks

B. Execute denial-of-service attacks

C. Identify system misconfigurations

D. Exploit vulnerabilities in the application

正確答案: A

問題6

Which web technologies are considered part of a web application frontend? (Choose two)

A. CSS

B. PHP

C. HTML

D. Python

正確答案: A,C

問題7

What are typical signs of a successful brute-force attack? (Choose two)

A. Unauthorized access to restricted resources

B. Outdated SSL certificates

C. Increased CPU utilization

D. Repeated login failures in the logs

正確答案: A,D

問題8

What is a common vulnerability in web authentication mechanisms?

A. Use of multi-factor authentication

B. Use of session cookies

C. Lack of input validation

D. Weak password policies

正確答案: D

問題9

Which XSS attack occurs entirely in the client's browser and manipulates the DOM?

A. Blind XSS

B. Reflected XSS

C. Stored XSS

D. DOM-based XSS

正確答案: D

最新的GIAC Web Application Penetration Tester GWAPT - GWAPT免費考試真題

聯系我們

站內鏈接

最新更新