[2026] GIAC Web Application Penetration Tester GWAPT

문제1

What is a common vulnerability in web authentication mechanisms?

A. Use of session cookies

B. Weak password policies

C. Lack of input validation

D. Use of multi-factor authentication

정답: B

문제2

Which steps help prevent clickjacking attacks? (Choose two)

A. Using the X-Frame-Options header

B. Implementing the Content-Security-Policy header

C. Disabling HTTP in favor of HTTPS

D. Enforcing strong password policies

정답: A,B

문제3

Which feature of Burp Suite allows modification of HTTP/HTTPS requests before sending them to the server?

A. Repeater

B. Intruder

C. Spider

D. Scanner

정답: A

문제4

What is the primary purpose of HTTP in web applications?

A. To encrypt data during transmission

B. To facilitate communication between a web browser and a server

C. To provide authentication for web applications

D. To store cookies securely

정답: B

문제5

How can a web application developer prevent Reflected XSS vulnerabilities?

A. By using client-side validation only

B. By encoding user input before displaying it

C. By disabling JavaScript

D. By encrypting session cookies

정답: B

문제6

Which OWASP Top 10 2021 category includes authentication and session flaws?

A. A07 - Identification and Authentication Failures

B. A10 - SSRF

C. A01 - Broken Access Control

D. A02 - Cryptographic Failures

정답: A

문제7

What is a session fixation attack?

A. Forcing a user to use a known session ID

B. Brute-forcing a session ID to gain unauthorized access

C. Terminating user sessions remotely

D. Injecting malicious session data into a server

정답: A

GIAC Web Application Penetration Tester GWAPT - GWAPT무료 덤프문제 풀어보기

우리와 연락하기

유용한 링크

최신 업데이트