最新的GIAC Web Application Penetration Tester GWAPT - GWAPT免費考試真題

問題1
Which tool is effective for analyzing JavaScript vulnerabilities in modern web applications?

正確答案: B
問題2
What actions can mitigate the risk of authentication bypass vulnerabilities? (Choose two)

正確答案: A,C
問題3
Which of the following describes AJAX?

正確答案: A
問題4
What are key defenses against credential stuffing attacks? (Choose two)

正確答案: A,D
問題5
Which methods help prevent session fixation attacks? (Choose two)

正確答案: B,C
問題6
During an automated scan with OWASP ZAP, you identify several potential XSS vulnerabilities.
What is the best follow-up action?

正確答案: C
問題7
During a penetration test, you find that a web application does not implement account lockout policies. What is your next step?

正確答案: A
問題8
What techniques can be used to gather information during reconnaissance? (Choose two)

正確答案: B,D
問題9
Which types of vulnerabilities can Nikto detect? (Choose two)

正確答案: B,D