"},{"@type":"Answer","text":"../../etc/passwd"},{"@type":"Answer","text":"%0d%0aSet-Cookie: x=1"}]},{"@type":"Question","eduQuestionType":"Multiple choice","text":"Which OWASP-recognised vulnerability allows an attacker to inject client-side scripts that execute in other users' browsers?","acceptedAnswer":{"@type":"Answer","text":"Cross-Site Scripting (XSS)","comment":"Cross-Site Scripting (XSS) injects malicious scripts into web pages that are then executed in the browsers of other users, enabling session theft and defacement."},"suggestedAnswer":[{"@type":"Answer","text":"SQL Injection"},{"@type":"Answer","text":"Cross-Site Request Forgery"},{"@type":"Answer","text":"Directory traversal"}]},{"@type":"Question","eduQuestionType":"Multiple choice","text":"What is the single most effective defence against SQL injection?","acceptedAnswer":{"@type":"Answer","text":"Using parameterized queries (prepared statements) with bound parameters","comment":"Parameterized queries separate code from data so user input is always treated as a value and never executed as SQL, neutralising injection attempts."},"suggestedAnswer":[{"@type":"Answer","text":"Increasing the session timeout"},{"@type":"Answer","text":"Hiding the database server behind a longer URL"},{"@type":"Answer","text":"Renaming the database tables"}]},{"@type":"Question","eduQuestionType":"Multiple choice","text":"Which tool is an intercepting proxy commonly used to capture, inspect, and modify HTTP/HTTPS requests during web-application testing?","acceptedAnswer":{"@type":"Answer","text":"Burp Suite","comment":"Burp Suite acts as an intercepting proxy between the browser and the web server, letting testers inspect and tamper with HTTP/HTTPS traffic."},"suggestedAnswer":[{"@type":"Answer","text":"Aircrack-ng"},{"@type":"Answer","text":"Ettercap"},{"@type":"Answer","text":"Responder"}]},{"@type":"Question","eduQuestionType":"Multiple choice","text":"A Cross-Site Request Forgery (CSRF) attack succeeds by abusing which property of the victim's browser?","acceptedAnswer":{"@type":"Answer","text":"Its automatic inclusion of the victim's session cookies with requests to the trusted site","comment":"CSRF tricks the victim's browser into sending a forged request to a site where the victim is authenticated; the browser automatically attaches the session cookie, so the request is honoured."},"suggestedAnswer":[{"@type":"Answer","text":"Its support for FTP only"},{"@type":"Answer","text":"Its inability to render JavaScript"},{"@type":"Answer","text":"Its lack of any cache"}]},{"@type":"Question","eduQuestionType":"Multiple choice","text":"A directory-traversal payload such as '../../../etc/passwd' is used to:","acceptedAnswer":{"@type":"Answer","text":"Access files outside the web root by manipulating the path","comment":"Directory (path) traversal uses sequences like ../ to step out of the intended directory and read files elsewhere on the file system, such as /etc/passwd."},"suggestedAnswer":[{"@type":"Answer","text":"Encrypt the web server's files"},{"@type":"Answer","text":"Brute-force the admin password"},{"@type":"Answer","text":"Flood the server with requests"}]}]}
Log in Start practising free
Certified Ethical Hacker (CEH)

Web, Application & SQL Injection Attacks

28 free practice questions with explanations

Practise all 28 questions free →

PassNova has 28 free Certified Ethical Hacker (CEH) practice questions on Web, Application & SQL Injection Attacks, each with a clear explanation. Practise them in the browser with instant feedback — 100% free, no sign-up, on any device. Updated for 2026.

Sample questions

Web, Application & SQL Injection Attacks: example questions & answers

Here are 6 example questions from this topic. Practise the full set of 28 free in the browser.

  1. Which input would most clearly indicate a tester is attempting a classic SQL injection on a login form?

    • A ' OR '1'='1' --
    • B <script>alert(1)</script>
    • C ../../etc/passwd
    • D %0d%0aSet-Cookie: x=1

    Answer: The payload ' OR '1'='1' -- manipulates the SQL WHERE clause so the condition is always true and comments out the rest, a textbook authentication-bypass SQL injection.

  2. Which OWASP-recognised vulnerability allows an attacker to inject client-side scripts that execute in other users' browsers?

    • A Cross-Site Scripting (XSS)
    • B SQL Injection
    • C Cross-Site Request Forgery
    • D Directory traversal

    Answer: Cross-Site Scripting (XSS) injects malicious scripts into web pages that are then executed in the browsers of other users, enabling session theft and defacement.

  3. What is the single most effective defence against SQL injection?

    • A Increasing the session timeout
    • B Hiding the database server behind a longer URL
    • C Using parameterized queries (prepared statements) with bound parameters
    • D Renaming the database tables

    Answer: Parameterized queries separate code from data so user input is always treated as a value and never executed as SQL, neutralising injection attempts.

  4. Which tool is an intercepting proxy commonly used to capture, inspect, and modify HTTP/HTTPS requests during web-application testing?

    • A Burp Suite
    • B Aircrack-ng
    • C Ettercap
    • D Responder

    Answer: Burp Suite acts as an intercepting proxy between the browser and the web server, letting testers inspect and tamper with HTTP/HTTPS traffic.

  5. A Cross-Site Request Forgery (CSRF) attack succeeds by abusing which property of the victim's browser?

    • A Its support for FTP only
    • B Its automatic inclusion of the victim's session cookies with requests to the trusted site
    • C Its inability to render JavaScript
    • D Its lack of any cache

    Answer: CSRF tricks the victim's browser into sending a forged request to a site where the victim is authenticated; the browser automatically attaches the session cookie, so the request is honoured.

  6. A directory-traversal payload such as '../../../etc/passwd' is used to:

    • A Encrypt the web server's files
    • B Access files outside the web root by manipulating the path
    • C Brute-force the admin password
    • D Flood the server with requests

    Answer: Directory (path) traversal uses sequences like ../ to step out of the intended directory and read files elsewhere on the file system, such as /etc/passwd.

Start practising Web, Application & SQL Injection Attacks →
More Certified Ethical Hacker (CEH) topics

Practise another topic

Footprinting & Reconnaissance35 questions System Hacking & Malware35 questions Scanning & Enumeration34 questions Wireless, Cryptography & Cloud34 questions Sniffing, Social Engineering & DoS34 questions
← Back to Certified Ethical Hacker (CEH)