Interview Questions & Answers: Web Application Security Testing

Web Application Security testing is defined as the testing of the security mechanism employed in web applications to protect them from cyber-attacks. Here I have mentioned interview questions asked in job interviews on Application Security.

Q1. What port is for ICMP or pinging?

Ans: Ping doesn't use any port. It is used to identify whether the remote host at the other end is active or not. It also helps in determining the packet loss and round-trip delay while communicating.

Just remember, ping basically uses the ICMP protocol.

Q2. Do you prefer Windows or Linux?

Ans: Both operating systems have their own pros and cons. Be ready with a justification for why you use a particular OS. But as security analysts, prefer to use Linux as it gives more flexibility and more security in comparison to Windows. Many security researchers have also contributed to enhancing features and securing Linux.

Q3. What security mechanism should be implemented on a login page?

Ans: There are a lot of mechanisms available to secure the login page. First and foremost, implement TLS protocol that helps in achieving confidentiality and integrity of customers’ sensitive data by encrypting it while transmitting. If TLS is not used, an attacker can see sensitive information such as username, password, session id, etc.

Implement two-factor authentication for accessing user accounts. On the server side, never store passwords in the database in cleartext format. Always store passwords in an encrypted format. The algorithm used for encryption must be tested and certified by an auditing agency.

Q4. How would an HTTP program handle the state?

Ans: HTTP is a stateless protocol. It uses cookies to handle the state of the web application. Basically, there are two ways in which HTTP can handle web application states: one is client side and another server side. The developer may store data in cookies or may store data in the web server session. In this way, the application maintains sessions during a particular period and is not logged out in between.

Q5. What is Cross Site Scripting or XSS?

Ans: Cross-site scripting is one of the common vulnerabilities found in web applications. Here, an attacker sends malicious scripts to the victim and tricked the victim to execute those scripts. On execution,  cookies, session tokens, or other sensitive information got compromised by an attacker.

Q6. What are the types of XSS?

Ans: Cross-site scripting (XSS) is broadly divided into three categories:

Reflected XSS: In this vulnerability, the attacker executed the malicious script and get instant output in form of an error message, cookie information, and other sensitive information. A malicious script is not stored in the database in case of this vulnerability.

Stored XSS: Here, malicious scripts got stored in the database, maybe because of comment fields, discussion forums etc. Whenever the victim visited those pages, it got executed.

DOM XSS: DOM stands for Document Object Model. It defines how documents are accessed and manipulated. In DOM XSS, the malicious script flows in the browser and act as source and sink for the script in DOM. This vulnerability arises when a client-side script reads data from a controllable part of the DOM (for example, the URL) and processes this data without sanitizing the input.

Q7. What is the business application of public key cryptography?

Ans: The main business application of public key cryptography is digital signing and encryption.

In digital signing, the sender sign the document with the private key and the receiver checks the integrity of that document with the sender's public key.

In encryption, the sender encrypts the document with the public key of the receiver and the receiver decrypts it using his/her private key.

Q8. Explain Phishing attacks & How can you defend against phishing attempts?

Ans: In a Phishing attack, the attacker tricks the victim to access a fake web page and submitting sensitive information.

Check for XSS vulnerabilities and implement HTTP referer header are some mitigation techniques against a phishing attack.

Q9. What is the difference between public key cryptography and a private key for encrypting and signing content?

Ans: In digital signing, the sender signs the document with the private key and the receiver checks the integrity of that document with the sender's public key.

In encryption, the sender encrypts the document with the public key of the receiver and the receiver decrypts it using his/her private key.

Q10. What can you use to defend against multiple login attempts?

Ans: There are many techniques to defend against multiple login attempts. You can create an account lockout policy based on the number of attempts. Another method is to implement a captcha on the login page to know if the user is a machine or a human.

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

You may also like...

1 Response

  1. Alina says:

    Hi there, of course this article is genuinely fastidious and I have
    learned lot of things from it concerning blogging. thanks.

Leave a Reply

Your email address will not be published.