Web Security and Pen Testing Quiz

To encrypt web traffic between a client and a server

To identify known security issues and misconfigurations in web servers and applications

To create backup copies of web applications

To monitor website uptime and performance

To scan for open ports on a server

To brute-force directories and files on a web server

To analyse network traffic for malicious activity

To generate SSL certificates

SQL Injection

Buffer Overflow in desktop applications

Bluetooth sniffing

ARP Spoofing

Reporting

Exploitation

Reconnaissance

Remediation

404 Not Found

200 OK

301 Moved Permanently

500 Internal Server Error

Increased server speed

Exposure of sensitive information or vulnerabilities

Improved search engine ranking

Reduced storage usage

Scanning for outdated server software

Brute-forcing login credentials

Checking for dangerous files and scripts

Identifying default files and directories

To reduce the scan time

To increase the likelihood of discovering hidden directories and files

To avoid detection by firewalls

To encrypt the scan results

Injecting malicious SQL queries into a database

Executing malicious scripts in a user's browser via a vulnerable web application

Intercepting network traffic between two parties

Gaining unauthorised access to a server's file system

The tools used during the test

The time allocated for the test

The systems, applications, and networks that are authorised to be tested

The vulnerabilities discovered