close

Worried about Placements?

Get on FAST TRACK COURSE

Join Now

menu

PHP Security

1. What is the purpose of the htmlentities() function in PHP?

To convert special characters to HTML entities

To encrypt data before storing it in a database

To hash passwords before storing them in a database

To validate user input

2. What is a Session Hijacking attack?

A type of Cross-Site Scripting attack

A method to bypass firewalls

A vulnerability that allows an attacker to steal a user's session ID and take over their session

A type of Denial-of-Service attack

3. What is Cross-Site Request Forgery (CSRF)?

A vulnerability that allows an attacker to execute SQL statements against a database

A type of Cross-Site Scripting attack

A vulnerability that allows an attacker to submit unauthorized requests on behalf of a user

A type of Denial-of-Service attack

4. What is the purpose of the password_hash() function in PHP?

To encrypt data before storing it in a database

To hash passwords before storing them in a database

To validate user input

To convert special characters to HTML entities

5. Which of the following is a method to prevent Cross-Site Request Forgery (CSRF) attacks in PHP?

Using SSL encryption

Verifying the HTTP referrer header

Storing session data in cookies

Using a CAPTCHA

6. Which of the following is a method to prevent session hijacking attacks in PHP?

Storing session IDs in plaintext

Using a fixed session ID

Using SSL encryption

Disabling session IDs

7. Which of the following is a method to prevent SQL injection vulnerabilities in PHP?

Using SSL encryption

Storing passwords in plaintext

Allowing unlimited login attempts

Using prepared statements and parameterized queries

8. Which of the following is a method to prevent Cross-Site Scripting attacks in PHP?

Sanitizing user input

Using a CAPTCHA

Disabling JavaScript in the browser

Using SSL encryption

9. What is the purpose of the md5() function in PHP?

To generate random numbers

To validate email addresses

To encrypt passwords

To convert special characters to HTML entities

10. What is a file inclusion vulnerability?

A vulnerability that allows an attacker to execute arbitrary code on a system

A vulnerability that allows an attacker to include a file from a remote server

A vulnerability that allows an attacker to bypass authentication

A vulnerability that allows an attacker to delete files on a system