Free GIAC GWAPT Exam Dumps Questions & Answers

You discover that a web application stores passwords in plaintext. What is the recommended remediation?

• A.  Implement hashed and salted storage for passwords
• B.  Increase session timeout duration
• C.  Encrypt all HTTP traffic
• D.  Disable user authentication

Which configurations can help enhance web application security? (Choose two)

• A.  Enabling error message logging
• B.  Restricting IP addresses that can access admin portals
• C.  Setting file permissions to restrict access
• D.  Disabling caching for all pages

During a security assessment, you find that verbose error messages are enabled. What is the immediate action you should recommend?

• A.  Running additional port scans to identify vulnerabilities
• B.  Disabling all authentication mechanisms
• C.  Disabling verbose error messages and replacing them with generic ones
• D.  Flooding the server with HTTP requests

Which HTTP response code is MOST likely returned after successful authentication?

• A.  403
• B.  401
• C.  302
• D.  200

What actions can mitigate the risk of authentication bypass vulnerabilities? (Choose two)

• A.  Implementing two-factor authentication
• B.  Disabling all user accounts
• C.  Avoiding the use of CAPTCHA
• D.  Requiring strong password policies