25. What is the purpose of the "AllowAnonymous" attribute in ASP.NET Core?

  • To allow anonymous access to a controller or action method that is otherwise restricted to authenticated users.
  • To encrypt sensitive data in web forms.
  • To define the URL path for a specific route in an ASP.NET Core application.
  • To define the HTTP method to use for a controller action method in an ASP.NET Core application.

26. What is the purpose of the "ValidateAntiForgeryToken" attribute in ASP.NET?

  • To prevent Cross-Site Request Forgery (CSRF) attacks.
  • To encrypt sensitive data in web forms.
  • To define the URL path for a specific route in an ASP.NET Core application.
  • To validate that the anti-forgery token is present and valid in a form submission.

27. What is the purpose of the "Authentication" middleware in ASP.NET Core?

  • To validate that the anti-forgery token is present and valid in a form submission.
  • To encrypt sensitive data in web forms.
  • To handle user authentication and establish an identity for the user.
  • To prevent Cross-Site Request Forgery (CSRF) attacks.

28. What is the purpose of the ASP.NET Identity framework?

  • To provide a way to authenticate users using Facebook or Google accounts.
  • To provide a framework for user authentication and authorization in ASP.NET applications.
  • To provide a way to manage CSS and JavaScript files in an ASP.NET application.
  • To provide a way to easily create HTML forms in an ASP.NET application.

29. What is a SQL injection attack?

  • An attack in which the attacker steals a user’s session ID and uses it to impersonate the user.
  • An attack in which the attacker exploits a vulnerability in a web application’s input validation and injects malicious SQL code into a query, allowing the attacker to view, modify, or delete data in the database.
  • An attack in which the attacker intercepts and modifies data transmitted between a client and server.
  • An attack in which the attacker exploits a vulnerability in a web application’s authentication system to gain unauthorized access to sensitive data.

30. What is two-factor authentication?

  • A security measure that requires users to enter a username and password.
  • A security measure that requires users to enter a password and answer a security question.
  • A security measure that requires users to provide two forms of identification, typically a password and a unique code sent to their mobile device or email address.
  • A security measure that requires users to complete a CAPTCHA challenge to prove they are human.

31. What is the purpose of a salt in password hashing?

  • To add flavor to the hashed password.
  • To store the password in plain text in the database.
  • To add random data to the password before hashing, making it more difficult for attackers to use precomputed lookup tables to crack the hashed password.
  • To add a secret key to the password before hashing, making it more difficult for attackers to crack the hashed password.

32. What is the purpose of the HTTPOnly flag in a cookie?

  • To ensure that the cookie can only be accessed by the domain that created it.
  • To prevent the cookie from being sent over an unencrypted connection.
  • To prevent JavaScript code from accessing the cookie, which can help prevent cross-site scripting (XSS) attacks.
  • To set an expiration date for the cookie.

33. What is the purpose of role-based authorization?

  • To authenticate users based on their role in the organization.
  • To restrict access to certain features or resources in a web application based on a user’s role in the organization.
  • To encrypt sensitive data transmitted between a client and server.
  • To prevent Cross-Site Request Forgery (CSRF) attacks.
Previous

Leave a Reply