Web Application is interesting topic and the interviewer prefer to ask questions from this topic. Here are some of the best web application security interview questions.
Web Application Security Interview Questions
Q1 What do mean by Web Application ?
Answer :
Web Application is basically a software that run on the Internet Servers (be specific web server ) and can be accessed all over the Internet with the help of a web browser.
Q2. Can you give some example of Web Application ?
Answer :
Some of the examples of Web Application are as follows :
E-mail
Instant messaging Services
Facebook
Amazon
YouTube , etc
Q3. Can u name some types of the Web Applications with their examples ?
Answer : Types of the Web Applications are as follows :
| Type of Web Application | Examples |
|---|---|
| Static Web Application | Any Website which is not updated daily, or get updates after a long interval |
| Dynamic Web Application | Any Blog which is updates daily |
| Animated Web Applications | Roll Park, Angry Birds Space |
| E-Commerce Web Applications | Amazon, e-bay, flipkart |
| Portal Web Applications | Carrefour Bank, Med Impact |
| Content Management System | Word Press , Joomla, Shopify |
Q4. What are the security issues in Web application ?
Answer :
As defined by OWASP , following are the 10 main security issues in the Web Application
1. Injection flaw
2. Cross Site Scripting
3. Insecure Deserialization
4. Insufficient Logging and Monitoring
5. Broken access Controls
6. Sensitive Data Exposure
7. Broken Authentication
8. Security Misconfiguration
9. XML External Entities
10. Using Components with known vulnerabilities
Q5. What do you understand by Injection flaws ?
Answer :
Injection flaws occur when a bad sector sends an invalid data to the web application . By doing so the web application is made to operate differently from its purpose .
Q6. What is the most common technique used to attack the web applications ?
Answer :
SQL injection is the most common technique that is used to attack the web application because this language is easy to learn and its execution is also quite easy .
Q7. How do you define Broken Authentication as measure of security issue in Web Application ?
Answer :
The security issue which affects the log in mechanism of an application is termed as Broken Authentication . It allows the attacker to compromise with the passwords and number of sessions