Text preview & study summary
CEH - Web Application Hacking and OWASP Top 10
A free sample of 5 questions from this quiz, shown in full with answer choices and explanations. No interactivity — everything is visible on this page for study and review.
Want to test your knowledge? Launch the Interactive Exam Simulator
Question 1
**Insecure Direct Object Reference (IDOR)** occurs when an application exposes a reference to an internal implementation object (such as a database key or filename) without verifying that the user has [[blank1]] to access that object.
Explanation
Classic IDOR example: A URL like `https://bank.com/account?id=1234` — changing `id=1234` to `id=1235` accesses another customer's account if the server doesn't verify the requesting user owns account 1235. IDOR is a type of Broken Access Control (OWASP #1). Fix: Always verify server-side authorization before returning data.
Question 2
The **"Insecure Deserialization"** vulnerability (OWASP 2017, merged into "Software Integrity Failures" in 2021) is most dangerous when the application deserializes data from:
Explanation
Insecure deserialization occurs when applications deserialize user-controlled data (cookies, API parameters, hidden fields) without integrity checks. Attackers can craft malicious serialized objects that, when deserialized, execute arbitrary code (Remote Code Execution). Famous examples: Java serialization attacks, Python pickle exploitation. JSON is less commonly exploited but still requires validation.
Question 3
Which HTTP methods should typically be **disabled on a web server** to reduce attack surface? *(Select TWO)*
Explanation
- PUT: Allows uploading/overwriting files on the server — dangerous if enabled on web servers
- TRACE: Echoes back the HTTP request — enables Cross-Site Tracing (XST) attacks to steal cookies even when HttpOnly is set
- GET, POST, HEAD: Standard methods needed for normal web browsing
Nikto and other scanners specifically check for dangerous HTTP methods like TRACE, DELETE, and PUT.
Question 4
A web application displays error messages containing stack traces and database structure when an exception occurs. This is an example of which OWASP 2021 category?
Explanation
Verbose error messages that expose internal information (stack traces, database schema, framework versions, file paths) fall under Security Misconfiguration. This information helps attackers tailor attacks. Best practice: show generic error messages to users while logging detailed errors server-side.
Question 5
**True or False:** **Stored (persistent) XSS** is generally more dangerous than reflected XSS because it does not require the victim to click a malicious link.
Explanation
Stored XSS injects malicious scripts into a persistent data store (database, comment section, profile field). Every user who views the affected page executes the script automatically — no social engineering required. Classic targets: comment sections, user profiles, forum posts, and product reviews. Reflected XSS requires the victim to click a malicious URL.
