close

Worried about Placements?

Get on FAST TRACK COURSE

Join Now

menu

PHP Security

1. What is SQL Injection?

A type of Cross-Site Scripting attack

A vulnerability that allows an attacker to execute SQL statements against a database

A method to bypass CAPTCHA

A type of Denial-of-Service attack

2. What is Cross-Site Request Forgery (CSRF)?

A vulnerability that allows an attacker to execute SQL statements against a database

A type of Cross-Site Scripting attack

A vulnerability that allows an attacker to submit unauthorized requests on behalf of a user

A type of Denial-of-Service attack

3. Which of the following is a method to prevent file inclusion vulnerabilities in PHP?

Using SSL encryption

Restricting access to sensitive files

Using the extract() function

Using the $_REQUEST superglobal variable

4. Which of the following is a method to prevent Remote Code Execution vulnerabilities in PHP?

Using SSL encryption

Restricting access to sensitive files

Using the extract() function

Input validation and sanitization

5. What is the purpose of the htmlspecialchars() function in PHP?

To encrypt passwords

To validate email addresses

To convert special characters to HTML entities

To generate random numbers

6. What is the purpose of the htmlentities() function in PHP?

To convert special characters to HTML entities

To encrypt data before storing it in a database

To hash passwords before storing them in a database

To validate user input

7. What is the purpose of the session_regenerate_id() function in PHP?

To regenerate the session ID

To destroy the session

To validate user input

To convert special characters to HTML entities

8. What is a Session Hijacking attack?

A type of Cross-Site Scripting attack

A method to bypass firewalls

A vulnerability that allows an attacker to steal a user's session ID and take over their session

A type of Denial-of-Service attack

9. Which of the following is a method to prevent cross-site scripting (XSS) attacks in PHP?

Using prepared statements and parameterized queries

Storing session IDs in plaintext

Using SSL encryption

Sanitizing user input

10. What is a SQL injection vulnerability?

A vulnerability that allows an attacker to execute arbitrary code on a system

A vulnerability that allows an attacker to include a file from a remote server

A vulnerability that allows an attacker to bypass authentication

A vulnerability that allows an attacker to manipulate database queries