We use cookies on this site in order to make it works, and for the traffic analysis.
You can refuse or configure cookies by purposes.
Another message from the Google Adsense consent management platform will ask you for your choices relating to the use of your personal data via cookies for advertising.
We thank you to accept cookies which makes this site work.

FR EN

Create your questionnaire: online, free and easy

HOME
CREATE
ANSWER
RESULTS
MANAGE
PRO ACCOUNT
A QUESTION?

Test Cybersécurité

1337

mandatory answer

Question 1

Prénom et Nom

mandatory answer

Question 2

How is user authentication maintained across pages in a web application?

Through TCP sockets

With HTTP cookies

Using client IP address

uncheck

mandatory answer

Question 3

Input validation should be based on....

Whitelisting

Blacklisting

uncheck

mandatory answer

Question 4

On HTTP protocol, which of the following data can't be easily modified by the end user ?

User Agent

Referer

Hidden field value

Client IP address

uncheck

mandatory answer

Question 5

What is the type of flaw that occurs when untrusted user entered data is sent to the interpreter as part of a query or command?

Insecure Direct Object References

Cross Site Request Forgery

Injection

Insufficient Transport Layer Protection

uncheck

mandatory answer

Question 6

What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

Security Misconfiguration

Insecure Direct Object References

Cross Site Scripting

Broken Authentication and Session Management

uncheck

mandatory answer

Question 7

For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?

Cross Site Request Forgery

Cross Site Tracing

Cross Site Scripting

Broken Authentication and Session Management

uncheck

mandatory answer

Question 8

What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?

XML Injection

SQL Injection

OS Commanding

Cross Site Request Forgery

uncheck

mandatory answer

Question 9

Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites ?

SQL Injection

Malware Uploading

Cross site scripting

Man in the middle

uncheck

mandatory answer

Question 10

An attack technique that forces a user’s session credential or session ID to an explicit value

Session Fixation

Session Hijacking

Dictionary Attack

Brute Force Attack

uncheck

mandatory answer

Question 11

Your application sets a cookie with Secure attribute. What does this mean?

The cookie can not be accessed by JavaScript

The cookie will not be sent cross-domain

Client will send the cookie only over an HTTPS connection

uncheck

mandatory answer

Question 12

Which of the following is used to prevent Clickjacking?

HTTPS Connection

X-Frame-Options HTTP Header

Content-Security-Policy HTTP Header

uncheck

mandatory answer

Question 13

Your web page includes advertising JavaScript from a third-party service. Is it safe to assume that problems like XSS, caused by this third-party JavaScript, is not technically possible on your web page?

Yes, if you validate the JavaScript before you deploy it on your page

uncheck

mandatory answer

Question 14

All SQL queries can be made safe using prepared statements?

Yes

Yes, if both the server and the client supports prepared statements

No, dynamically created specifiers like "LIMIT ?" etc. needs separate validation

uncheck

mandatory answer

Question 15

Placing user submitted data into a typical HTML document is always safe (XSS-wise) if you escape HTML specific characters: <, >, '&, ', " from the user input? Ie. you use htmlspecialchars() funtion in PHP

Yes

No, context-specific escaping is needed

uncheck

mandatory answer

Question 16

You concatenate and hash two inputs, input1 and input2, with SHA-256 algorithm. Is it possible that the order of the inputs fed to the SHA-256 function may have a direct effect regarding security of the hashing?
sha256(input1 . input2) vs. sha256(input2 . input1)

Yes

No, security-wise it does not make a difference with SHA-256

uncheck

mandatory answer

Question 17

What is a FQDN?

Fully Qualified Domain Name

Federated Query Distinction Number

Fine Quality Dynamic Network

uncheck

mandatory answer

Question 18

What is 802.1Q?

A networking standard for QoS

A networking standard to support VLANs on an ethernet netwrok

A networking standard for WiFi security

A networking standard for roaming on wireless networks

uncheck

mandatory answer

Question 19

What is "SYN, SYN-ACK, ACK"?

A denial of service attack

TCP three-way handshake

TLS handshake

uncheck

mandatory answer

Question 20

On which of the following protocols an IP spoofing attack is easy to perform?

HTTP

TCP

UDP

SSH

uncheck

mandatory answer

Question 21

Which extensible authentication protocol type requires client-side certificates?

EAP-MD5

WPA2-PSK

PEAP

EAP-TLS

uncheck

mandatory answer

Question 22

Which statement regarding Mac Address Control is true?

MAC addresses are encrypted when using WEP, WPA or WPA2

MAC addresses can be spoofed

MAC lists keep intruders from using your AP

MAC lists keep stations from connecting to evil twins

uncheck

mandatory answer

Question 23

What is the primary function of Spanning Tree (choose the best answer)?

To avoid L2 loops

To avoid split-horizon

To prevent ARP spoofing

To optimze routing

uncheck

mandatory answer

Question 24

Which of these protocols is used for carrying authentication, authorization, and accounting information between a network access server and a shared authentication server ?

IPSec

VPN

SSH

RADIUS

uncheck

mandatory answer

Question 25

In a public key infrastructure, what is a CRL?

Commun Runtime Language

Certificate Revocation List

Carrier Reputation List

uncheck

mandatory answer

Question 26

RSA is a :

Symmetric encryption alogrithm

Block cipher

Assymmetric encryption alogrithm

uncheck

mandatory answer

Question 27

How many hosts can contain the following network : 172.20.50.8/28

248

uncheck

mandatory answer

Question 28

What is Diffie-Hellman?

A pre shared key format

A key exchange method

A hash algorithm

A block cipher

uncheck

mandatory answer

Question 29

What is pass-the-hash ?

A password validation algorithm based on hash functions

A hacking technique using NTLM hashes to authenticate to a remote service

A protocol to control data integrity over IPSEC VPNs

uncheck

mandatory answer

Question 30

What does IAAS stands for ?

Internet Authentication and Authorization Service

Ip Advertising Analytics System

Interactive And Automated Shell

Infrasctructure As A Service

uncheck

mandatory answer

Question 31

Which protocols are often used to implement identity federation / SSO on software as as service applications ?

SAML or OAUTH

WEP

TOTP

Kerberos

uncheck

mandatory answer

Question 32

What is GIT ?

An alternative to DNS

A tool for java developers

A Linux kernel module

A distributed version-control system

uncheck

You too, create your online questionnaire!
It's free and easy.

Let's go!

▲

Your questionnaires

Create
Answer
Results
Manage
Pro account

Questionnaire templates

Organize a party or a night out
Send a quiz
Customer satisfaction survey
Market study / Poll
Skills assessment / Evaluation

Employee satisfaction survey
User satisfaction survey

Report an inappropriate content - Legal notice - GTU - GTCS - Site plan - FAQ - Contact us

Test Cybersécurité

Prénom et Nom

How is user authentication maintained across pages in a web application?

Input validation should be based on....

On HTTP protocol, which of the following data can't be easily modified by the end user ?

What is the type of flaw that occurs when untrusted user entered data is sent to the interpreter as part of a query or command?

What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?

What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?

Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites ?

An attack technique that forces a user’s session credential or session ID to an explicit value

Your application sets a cookie with Secure attribute. What does this mean?

Which of the following is used to prevent Clickjacking?

Your web page includes advertising JavaScript from a third-party service. Is it safe to assume that problems like XSS, caused by this third-party JavaScript, is not technically possible on your web page?

All SQL queries can be made safe using prepared statements?

Placing user submitted data into a typical HTML document is always safe (XSS-wise) if you escape HTML specific characters: <, >, '&, ', " from the user input? Ie. you use htmlspecialchars() funtion in PHP

You concatenate and hash two inputs, input1 and input2, with SHA-256 algorithm. Is it possible that the order of the inputs fed to the SHA-256 function may have a direct effect regarding security of the hashing?sha256(input1 . input2) vs. sha256(input2 . input1)

What is a FQDN?

What is 802.1Q?

What is "SYN, SYN-ACK, ACK"?

On which of the following protocols an IP spoofing attack is easy to perform?

Which extensible authentication protocol type requires client-side certificates?

Which statement regarding Mac Address Control is true?

What is the primary function of Spanning Tree (choose the best answer)?

Which of these protocols is used for carrying authentication, authorization, and accounting information between a network access server and a shared authentication server ?

In a public key infrastructure, what is a CRL?

RSA is a :

How many hosts can contain the following network : 172.20.50.8/28

What is Diffie-Hellman?

What is pass-the-hash ?

What does IAAS stands for ?

Which protocols are often used to implement identity federation / SSO on software as as service applications ?

What is GIT ?

You concatenate and hash two inputs, input1 and input2, with SHA-256 algorithm. Is it possible that the order of the inputs fed to the SHA-256 function may have a direct effect regarding security of the hashing?
sha256(input1 . input2) vs. sha256(input2 . input1)