Please comment if you find any answer wrong or if there is any discrepancy. Thanks! 🙂 Here, we aim to please 😀

1) Which protocol’s headers are used for web app session management?
a) HTTP
b) TCP
c) IP
d) HTTPS

Answer(s) : (a) HTTP and (d) HTTPS

2) XSS exploits vulnerability in the
a) network
b) app source code
c) browser
d) web server host

Answer(s) : (b) App source code

3) Which of these are good places to keep the database credentials?
a) In a separate file on your web server host
b) In a separate file in your source code
c) In your database
d) None of the above. They should not be stored.

Answer(s) : (a) In a separate file on your web server host

4) Which of the following are almost completely under a developer’s control for a webapp
a) Network security
b) Database security
c) Browser security
d) Server host security

Answer(s) : 
(b) Database security
(d) Server host security

5) How many cookies can you save for your webapp on a browser?
a) 100
b) 50
c) Depends on the browser
d) None of the above.

Answer(s) : (c) Depends on the browser

6) What is essential to ensure data is sent securely over the network to the right server
a) Having an authentication token
b) Using HTTPS Protocol
c) Using Hash functions
d) Server SSL certificate validation

Answer(s) : 
(b) Using HTTPS Protocol
(d) Server SSL Certificate validation

7) What properties of hash functions are necessary when used for hashing passwords?
a) It converts a particular string to the same random string each time
b) It converts string of any length to a string of fixed length
c) It is not possible to recover the original string from its hashed value
d) The chance of two strings giving the same hash value is very low

Answer(s) :
(a) It converts a particular string to the same random string each time
(c) It is not possible to recover the original string from its hashed value
(d) The chance of two strings giving the same hash value is very low

8) A web app and a native mobile app can share the same
a) API for fetching data
b) Web server
c) HTML + CSS
d) Frontend code

Answer(s) :
(a) API for fetching data
(b) Web server

9) Which of these is a good candidate for a user’s session-id
a) User’s hashed password
b) A newly generated random string every time  the user logs in
c) A fixed random string saved in the user database
d) User’s password

Answer(s) : (b) A newly generated random string every time  the user logs in

10) Which of the following security attacks are caused due to not sanitizing user input carefully
a) XSS
b) SQL Injection
c) Man in the middle
d) DDOS

Answer(s) :
(a) XSS
(b) SQL Injection
Categories: NPTEL solution

2 Comments

Kenji · March 7, 2018 at 4:27 PM

The answer to 7th should be all the options.

    Kenji · March 7, 2018 at 4:28 PM

    For eg: SHA256

Leave a Reply

Your email address will not be published. Required fields are marked *