close

Worried about Placements?

Get on FAST TRACK COURSE

Join Now

menu

PHP Security

1. What is the purpose of the ctype_digit() function in PHP?

To check if a variable is a number or a numeric string

To check if a variable is a string

To check if a variable is an array

To check if a variable is an object

2. Which of the following is a method to prevent Session Hijacking attacks in PHP?

Using SSL encryption

Using a strong session ID generator

Storing session data in cookies

Disabling cookies in the browser

3. Which of the following is a method to prevent brute-force attacks on user passwords in PHP?

Using SSL encryption

Storing passwords in plaintext

Allowing unlimited login attempts

Using password hashing and salting

4. What is the purpose of the md5() function in PHP?

To generate random numbers

To validate email addresses

To encrypt passwords

To convert special characters to HTML entities

5. Which of the following is a method to prevent brute force attacks in PHP?

Allowing unlimited login attempts

Using CAPTCHA

Using plaintext passwords

Storing passwords in cookies

6. Which of the following is a method to prevent Cross-Site Scripting attacks in PHP?

Sanitizing user input

Using a CAPTCHA

Disabling JavaScript in the browser

Using SSL encryption

7. What is Cross-Site Request Forgery (CSRF)?

A vulnerability that allows an attacker to execute SQL statements against a database

A type of Cross-Site Scripting attack

A vulnerability that allows an attacker to submit unauthorized requests on behalf of a user

A type of Denial-of-Service attack

8. What is SQL Injection?

A type of Cross-Site Scripting attack

A vulnerability that allows an attacker to execute SQL statements against a database

A method to bypass CAPTCHA

A type of Denial-of-Service attack

9. Which of the following is a method to prevent code injection attacks in PHP?

Allowing file uploads

Disabling input validation

Using prepared statements and parameterized queries

Storing passwords in plaintext

10. What is a file inclusion vulnerability?

A vulnerability that allows an attacker to execute arbitrary code on a system

A vulnerability that allows an attacker to include a file from a remote server

A vulnerability that allows an attacker to bypass authentication

A vulnerability that allows an attacker to delete files on a system