1. Which of the following is the MOST secure approach for handling uploaded files?
A) Storing files in the root directory of the web server
B) Using a separate directory with execution permissions enabled
C) Storing files in a non-public directory with restricted access
D) Allowing all file types to be uploaded without restrictions
β
Answer: C) Storing files in a non-public directory with restricted access
π Explanation: Storing uploaded files in a non-public directory ensures that files cannot be executed directly from the web. Restricting access to only the necessary users/processes further minimizes security risks.
2. Why is restricting file types by extension alone NOT a reliable security measure?
A) File extensions can be faked or changed easily
B) All file extensions are inherently secure
C) Web servers automatically block dangerous file types
D) Users always upload files with correct extensions
β
Answer: A) File extensions can be faked or changed easily
π Explanation: Attackers can rename a malicious file (e.g., .php, .exe) to a benign extension (e.g., .jpg, .txt) and trick the system. A better approach is to validate file signatures (MIME type) and content rather than relying solely on extensions.
3. What is the purpose of Content-Disposition: attachment in file uploads?
A) Forces the file to be downloaded instead of being executed
B) Automatically encrypts uploaded files
C) Prevents files from being stored on the server
D) Blocks all file uploads by default
β
Answer: A) Forces the file to be downloaded instead of being executed
π Explanation: Setting Content-Disposition: attachment in HTTP headers ensures that browsers do not execute the file but rather prompt the user to download it, reducing the risk of executing malicious scripts.
4. What type of vulnerability occurs when an application allows users to upload scripts that can be executed?
A) SQL Injection
B) Remote Code Execution (RCE)
C) Clickjacking
D) Cross-Site Request Forgery (CSRF)
β
Answer: B) Remote Code Execution (RCE)
π Explanation: Remote Code Execution (RCE) occurs when an attacker uploads a malicious script (e.g., PHP, JavaScript, or Shell script) and the server executes it, potentially compromising the system.
5. Which of the following is a recommended way to validate uploaded files?
A) Checking the file extension
B) Checking the MIME type using server-side verification
C) Allowing all file uploads but scanning later
D) Letting users decide if a file is safe
β
Answer: B) Checking the MIME type using server-side verification
π Explanation: The MIME type (Multipurpose Internet Mail Extensions) is a more reliable way to verify file types as opposed to just checking extensions, which can be spoofed.
6. What security risk is posed by uploading and storing user-generated HTML files?
A) SQL Injection
B) Cross-Site Scripting (XSS)
C) Buffer Overflow
D) Denial-of-Service (DoS)
β
Answer: B) Cross-Site Scripting (XSS)
π Explanation: If a user uploads an HTML file with embedded malicious JavaScript, and the server does not properly sanitize it, the script may execute when another user opens the file, leading to XSS attacks.
7. How can file upload vulnerabilities lead to privilege escalation?
A) By allowing an attacker to inject SQL queries
B) By enabling execution of malicious scripts with elevated permissions
C) By automatically deleting admin accounts
D) By modifying the serverβs encryption settings
β
Answer: B) By enabling execution of malicious scripts with elevated permissions
π Explanation: If an attacker uploads a malicious script and executes it with higher privileges, they can gain admin access, modify system files, or escalate privileges within the system.
8. What is the safest way to handle user-uploaded files?
A) Rename files and store them in a restricted directory
B) Allow users to upload any file type and scan them later
C) Enable all file executions on the server
D) Store all uploads in the web root directory
β
Answer: A) Rename files and store them in a restricted directory
π Explanation: Renaming files to randomized names and storing them in a non-public directory ensures that attackers cannot directly access uploaded files.
9. Which of the following is a major security risk when accepting compressed file uploads (e.g., ZIP, TAR)?
A) Directory Traversal
B) Man-in-the-Middle Attack
C) SQL Injection
D) Phishing
β
Answer: A) Directory Traversal
π Explanation: Malicious compressed files can contain filenames like ../../etc/passwd, which can trick the system into extracting files outside the intended directory, leading to Directory Traversal attacks.
10. Why should uploaded files have a strict size limit?
A) To prevent storage overflow and Denial-of-Service (DoS) attacks
B) To reduce the cost of storage
C) To make the website load faster
D) To prevent users from uploading irrelevant content
β
Answer: A) To prevent storage overflow and Denial-of-Service (DoS) attacks
π Explanation: Attackers may upload extremely large files to exhaust server resources (e.g., disk space, memory), leading to a Denial-of-Service (DoS) condition.
11. What is the purpose of checking the file hash of uploaded files?
A) To prevent duplicate uploads
B) To verify file integrity and detect malware
C) To increase server performance
D) To enable automatic file execution
β
Answer: B) To verify file integrity and detect malware
π Explanation: File hashing helps detect malicious file modifications and ensures the uploaded file matches an expected signature, reducing the risk of file-based attacks.
12. Which of the following techniques prevents script execution in uploaded files?
A) Changing the file extension to .txt
B) Removing all uploaded files after a day
C) Disabling execution permissions on the upload directory
D) Allowing only image files
β
Answer: C) Disabling execution permissions on the upload directory
π Explanation: Preventing script execution by disabling execution permissions in the upload directory ensures that even if a malicious script is uploaded, it cannot run.
13. What is the best way to scan uploaded files for malware?
A) Relying on browser-based scanning
B) Using server-side antivirus or malware scanning tools
C) Manually inspecting each uploaded file
D) Trusting that users upload safe files
β
Answer: B) Using server-side antivirus or malware scanning tools
π Explanation: Automated server-side malware scanning ensures that malicious files (e.g., Trojans, ransomware) are detected before they are stored or processed.
14. Which HTTP response code should be returned when an invalid file upload is blocked?
A) 200 OK
B) 404 Not Found
C) 400 Bad Request
D) 500 Internal Server Error
β
Answer: C) 400 Bad Request
π Explanation: Returning 400 Bad Request informs the user that their file upload failed due to an invalid or malicious request.
15. What is a key security risk of allowing user-uploaded .svg files?
A) They can be used for SQL Injection
B) They can contain embedded JavaScript and execute XSS attacks
C) They bypass firewall protections
D) They automatically gain root privileges
β
Answer: B) They can contain embedded JavaScript and execute XSS attacks
π Explanation: SVG (Scalable Vector Graphics) files are XML-based and can contain embedded JavaScript, which may execute within a browser, leading to Cross-Site Scripting (XSS) attacks.
16. Which type of attack exploits weak file upload validation to overwrite critical system files?
A) Path Traversal
B) Clickjacking
C) Session Fixation
D) Subdomain Takeover
β
Answer: A) Path Traversal
π Explanation: Path Traversal attacks occur when an attacker manipulates file paths (e.g., ../../etc/passwd) to overwrite or access restricted files outside the intended directory.
17. Which of the following is the best method to restrict file uploads to only images?
A) Checking the file extension (.jpg, .png, .gif)
B) Checking the MIME type and scanning the fileβs content
C) Allowing only filenames that contain “image”
D) Accepting any file with an “img” prefix
β
Answer: B) Checking the MIME type and scanning the fileβs content
π Explanation: MIME type validation and content analysis ensure that only actual image files (not disguised scripts) are allowed.
18. What is the safest way to generate filenames for uploaded files?
A) Keeping the original filename
B) Using a unique, random string as the filename
C) Prefixing all filenames with “secure_”
D) Appending a timestamp to filenames
β
Answer: B) Using a unique, random string as the filename
π Explanation: Randomizing filenames prevents attackers from predicting or accessing uploaded files, reducing security risks.
19. How can allowing large file uploads lead to a security issue?
A) It can result in a Denial-of-Service (DoS) attack
B) It makes the server run faster
C) It allows attackers to change file permissions
D) It enables SQL Injection
β
Answer: A) It can result in a Denial-of-Service (DoS) attack
π Explanation: Uploading excessively large files consumes server storage and processing power, potentially causing service disruption (DoS attack).
20. Which security mechanism prevents the execution of uploaded files in an upload directory?
A) Disabling script execution (e.g., .htaccess or chmod -x)
B) Encrypting all uploaded files
C) Limiting the number of uploads per user
D) Allowing only authenticated users to upload files
β
Answer: A) Disabling script execution (e.g., .htaccess or chmod -x)
π Explanation: Disabling execution permissions in the upload directory ensures that uploaded scripts cannot run, reducing RCE risks.
21. Why should an application reject files containing null bytes (%00)?
A) Null bytes slow down the application
B) Null bytes can cause code injection vulnerabilities
C) Null bytes encrypt the uploaded file
D) Null bytes prevent images from being uploaded
β
Answer: B) Null bytes can cause code injection vulnerabilities
π Explanation: Attackers may use null bytes (%00) to terminate string parsing early and bypass security checks, leading to code injection attacks.
22. Why is it dangerous to store uploaded files with user-defined filenames?
A) It increases server memory usage
B) Attackers can overwrite system files using malicious filenames
C) It improves file retrieval speed
D) It makes file validation easier
β
Answer: B) Attackers can overwrite system files using malicious filenames
π Explanation: Allowing user-controlled filenames can enable directory traversal or file overwrite attacks where attackers replace system files with malicious ones.
23. Which of the following is an effective way to limit malware uploads?
A) Requiring users to enter a CAPTCHA before uploading
B) Scanning files with an antivirus/malware scanner before processing
C) Allowing only ZIP files
D) Blocking files that contain numbers in their names
β
Answer: B) Scanning files with an antivirus/malware scanner before processing
π Explanation: Automated malware scanning detects and blocks malicious file uploads before they can be executed.
24. How can attackers exploit .htaccess files in file upload vulnerabilities?
A) By modifying server settings to allow script execution
B) By increasing the maximum file upload size
C) By encrypting uploaded files
D) By bypassing network firewalls
β
Answer: A) By modifying server settings to allow script execution
π Explanation: Malicious .htaccess files can be uploaded to alter server configurations, enabling execution of restricted file types (e.g., PHP scripts).
25. What is the recommended way to store uploaded files?
A) In the root directory of the application
B) In a dedicated non-web-accessible storage location
C) In the public_html folder
D) In the database as BLOB data
β
Answer: B) In a dedicated non-web-accessible storage location
π Explanation: Storing files outside the web-accessible directory prevents attackers from directly accessing and executing them.
26. Which security control can limit the risk of multiple malicious file uploads?
A) Rate-limiting file uploads per user/session
B) Allowing anonymous users to upload files
C) Removing uploaded files after 30 days
D) Sending email alerts for every uploaded file
β
Answer: A) Rate-limiting file uploads per user/session
π Explanation: Rate-limiting uploads prevents automated scripts from flooding the server with malicious files.
27. Which of the following is a correct method to validate an uploaded fileβs content?
A) Verifying the file size
B) Checking the fileβs hash against known signatures
C) Accepting all .txt files as safe
D) Allowing only files uploaded by admins
β
Answer: B) Checking the fileβs hash against known signatures
π Explanation: File hashing allows checking uploaded files against a list of known malware signatures to detect potential threats.
28. What is a primary benefit of requiring authentication before file uploads?
A) It prevents unauthorized file uploads
B) It makes the website load faster
C) It removes the need for antivirus scanning
D) It reduces the cost of cloud storage
β
Answer: A) It prevents unauthorized file uploads
π Explanation: Requiring authentication ensures that only authorized users can upload files, reducing the risk of spam or malicious uploads.
29. Why should you remove metadata from uploaded images before storing them?
A) To reduce the file size
B) To prevent sensitive information leaks (e.g., GPS coordinates)
C) To increase upload speed
D) To improve database performance
β
Answer: B) To prevent sensitive information leaks (e.g., GPS coordinates)
π Explanation: Image metadata (e.g., EXIF data) can contain personal details, GPS locations, or device information, which may be exploited.
30. What is the best way to handle file upload errors?
A) Return a detailed error message with server logs
B) Use generic error messages to avoid information disclosure
C) Allow users to retry unlimited times
D) Send all error logs to public forums
β
Answer: B) Use generic error messages to avoid information disclosure
π Explanation: Detailed error messages may expose server paths, configurations, or vulnerabilities, aiding attackers.
31. What is a critical security risk of allowing .php, .jsp, or .aspx file uploads?
A) They take longer to load in the browser
B) They may contain executable code leading to Remote Code Execution (RCE)
C) They improve website performance
D) They allow users to edit website content
β
Answer: B) They may contain executable code leading to Remote Code Execution (RCE)
π Explanation: Uploading server-side script files (.php, .jsp, .aspx) allows an attacker to execute malicious code on the server, leading to Remote Code Execution (RCE) and system compromise.
32. Which of the following attack techniques can be used to manipulate the file upload functionality?
A) SQL Injection
B) HTTP Parameter Pollution
C) File Extension Spoofing
D) DNS Spoofing
β
Answer: C) File Extension Spoofing
π Explanation: Attackers can rename files to disguise them as harmless (.jpg, .png) when they actually contain malicious scripts (.php, .exe).
33. Why is it important to disable symbolic links in upload directories?
A) To prevent users from modifying other usersβ files
B) To improve file download speed
C) To allow multiple files with the same name
D) To prevent unauthorized access to system files
β
Answer: D) To prevent unauthorized access to system files
π Explanation: Attackers may exploit symbolic links to redirect uploaded files to sensitive system files, leading to privilege escalation or data leaks.
34. What is the purpose of a Content Security Policy (CSP) in handling uploaded files?
A) To prevent unauthorized downloads
B) To block the execution of malicious scripts from uploaded files
C) To encrypt uploaded files
D) To allow only verified users to upload files
β
Answer: B) To block the execution of malicious scripts from uploaded files
π Explanation: A Content Security Policy (CSP) can restrict script execution from user-uploaded files, mitigating XSS and RCE attacks.
35. How can attackers bypass simple file extension validation?
A) By uploading files with spaces in the filename
B) By using double extensions (e.g., shell.php.jpg)
C) By changing the file size
D) By compressing the file before uploading
β
Answer: B) By using double extensions (e.g., shell.php.jpg)
π Explanation: Some systems only check the last extension, allowing attackers to upload a file like malicious.php.jpg, which may still be executed as PHP.
36. Why should an application limit concurrent file uploads per user?
A) To reduce network traffic
B) To prevent brute-force or flood attacks
C) To improve file download speed
D) To allow users to upload as many files as possible
β
Answer: B) To prevent brute-force or flood attacks
π Explanation: Limiting concurrent uploads prevents attackers from flooding the server with requests, which could lead to denial-of-service (DoS) attacks.
37. What is the security risk of allowing users to rename uploaded files?
A) Users might choose names that are difficult to remember
B) Users might use misleading names to bypass file restrictions
C) Users might accidentally delete their files
D) Renaming does not affect security
β
Answer: B) Users might use misleading names to bypass file restrictions
π Explanation: Attackers might rename a file like malware.exe to document.pdf to trick users into executing it.
38. Why should an application not rely solely on JavaScript for file validation?
A) JavaScript is too slow for validation
B) JavaScript can be disabled or bypassed by attackers
C) JavaScript does not support file uploads
D) JavaScript does not work with certain file formats
β
Answer: B) JavaScript can be disabled or bypassed by attackers
π Explanation: Client-side validation using JavaScript can be disabled or manipulated, so server-side validation is essential.
39. How can an attacker exploit a poorly secured file upload feature to gain access to other users’ files?
A) By executing SQL Injection
B) By exploiting Directory Traversal vulnerabilities
C) By modifying the browserβs cache settings
D) By uploading a large file
β
Answer: B) By exploiting Directory Traversal vulnerabilities
π Explanation: Attackers can manipulate file paths (e.g., ../../etc/passwd) to access or overwrite sensitive files.
40. Why should file upload forms implement a maximum execution time?
A) To prevent script timeouts
B) To reduce the risk of denial-of-service (DoS) attacks
C) To limit storage space usage
D) To prevent users from uploading duplicate files
β
Answer: B) To reduce the risk of denial-of-service (DoS) attacks
π Explanation: Unrestricted execution time allows attackers to upload extremely large files, consuming system resources.
41. What type of attack can occur if an application does not correctly validate uploaded archive files (e.g., ZIP, TAR)?
A) SQL Injection
B) File Inclusion
C) Zip Slip Attack
D) Cross-Site Scripting (XSS)
β
Answer: C) Zip Slip Attack
π Explanation: The Zip Slip vulnerability occurs when an attacker crafts a malicious archive that extracts files outside the intended directory.
42. Why should an application reject files with overly long filenames?
A) Long filenames make the application slower
B) They can be used for buffer overflow attacks
C) They are difficult to read
D) They reduce disk space
β
Answer: B) They can be used for buffer overflow attacks
π Explanation: Very long filenames can overflow buffers, potentially leading to arbitrary code execution.
43. Why is logging and monitoring important for file uploads?
A) To track and analyze suspicious upload activity
B) To prevent file downloads
C) To delete user files periodically
D) To improve file upload speeds
β
Answer: A) To track and analyze suspicious upload activity
π Explanation: Logging upload attempts helps detect and respond to malicious file uploads.
44. How can an attacker use race conditions to exploit a file upload process?
A) By uploading two files simultaneously
B) By renaming a file before the system validates it
C) By filling out multiple upload forms
D) By increasing the file size after validation
β
Answer: B) By renaming a file before the system validates it
π Explanation: Race condition attacks occur when an attacker rapidly modifies a file before it is fully processed, bypassing security checks.
45. What type of malware is often distributed via insecure file uploads?
A) Ransomware
B) SQL Injection
C) DDoS Scripts
D) Session Hijacking
β
Answer: A) Ransomware
π Explanation: Attackers use file uploads to distribute ransomware, encrypting user files and demanding payment.
46. Why is it important to validate files even if they are uploaded over an encrypted (HTTPS) connection?
A) HTTPS prevents file corruption but not malicious uploads
B) HTTPS encrypts files
C) HTTPS automatically blocks malware
D) HTTPS prevents all attacks
β
Answer: A) HTTPS prevents file corruption but not malicious uploads
π Explanation: HTTPS secures data in transit but does not inspect file content for malware.
47. Why is it essential to sanitize filenames before storing uploaded files?
A) To prevent duplicate file names
B) To remove special characters that could be used in an attack
C) To improve searchability of uploaded files
D) To speed up file processing
β
Answer: B) To remove special characters that could be used in an attack
π Explanation: Filenames with special characters (e.g., ../../, ;, |, or &) can be exploited in Directory Traversal, Command Injection, or Remote Code Execution (RCE) attacks.
48. What is the primary purpose of using a Web Application Firewall (WAF) for file uploads?
A) To encrypt uploaded files
B) To filter and detect malicious file uploads
C) To reduce the load on the file server
D) To improve file storage efficiency
β
Answer: B) To filter and detect malicious file uploads
π Explanation: A Web Application Firewall (WAF) can help detect and block malicious file uploads, preventing web shell and malware injections.
49. How can an attacker use MIME type manipulation to bypass file upload security?
A) By changing the MIME type to an allowed type while keeping the malicious content
B) By increasing the file size beyond limits
C) By encrypting the file before uploading
D) By using a strong password for the upload request
β
Answer: A) By changing the MIME type to an allowed type while keeping the malicious content
π Explanation: Attackers can spoof the MIME type (e.g., changing application/x-php to image/png) to bypass security while still executing malicious code.
50. What is the best practice for restricting file uploads to specific formats?
A) Checking the file extension only
B) Checking both file extension and MIME type
C) Allowing only .txt files for security
D) Using JavaScript for validation only
β
Answer: B) Checking both file extension and MIME type
π Explanation: Both file extension validation and MIME type validation should be used to prevent spoofing attempts.
51. What is a potential risk when allowing users to upload .json or .xml files?
A) The files can be converted into images
B) They may contain embedded malicious scripts
C) They automatically execute on the server
D) The files can slow down the system
β
Answer: B) They may contain embedded malicious scripts
π Explanation: Attackers may inject malicious JavaScript or XML External Entity (XXE) payloads into .json or .xml files to exploit vulnerabilities.
52. Which security control should be used to prevent overwriting of existing files?
A) Allowing users to set custom filenames
B) Using unique, randomized filenames for uploaded files
C) Allowing duplicate filenames but storing them in separate folders
D) Using only uppercase letters in filenames
β
Answer: B) Using unique, randomized filenames for uploaded files
π Explanation: Randomized filenames prevent file overwriting attacks, where an attacker could replace legitimate files with malicious ones.
53. Why should file upload handling use a separate subdomain or external storage?
A) To make file access easier
B) To prevent direct execution of uploaded files
C) To improve website design
D) To allow users to download files faster
β
Answer: B) To prevent direct execution of uploaded files
π Explanation: Storing uploaded files on a separate subdomain (e.g., uploads.example.com) ensures that even if an attacker uploads a malicious file, it cannot be executed in the primary web application.
54. Which of the following is a common attack using .rar or .zip file uploads?
A) Cross-Site Request Forgery (CSRF)
B) Zip Bomb Attack
C) SQL Injection
D) Session Hijacking
β
Answer: B) Zip Bomb Attack
π Explanation: A Zip Bomb is a highly compressed file that, when extracted, expands to an enormous size, consuming system resources and potentially crashing the server.
55. How can an attacker use HTTP headers to bypass file upload restrictions?
A) By modifying the Content-Type header to match an allowed type
B) By sending multiple requests at once
C) By using an HTTP proxy
D) By adding JavaScript to the upload request
β
Answer: A) By modifying the Content-Type header to match an allowed type
π Explanation: Some applications trust the Content-Type header, allowing attackers to spoof it (e.g., changing application/x-php to image/png) to bypass security checks.
56. Why is client-side file validation (e.g., JavaScript-based checks) not enough?
A) JavaScript validation is too slow
B) Attackers can modify requests and bypass JavaScript validation
C) JavaScript cannot handle large files
D) File validation should be done on mobile devices only
β
Answer: B) Attackers can modify requests and bypass JavaScript validation
π Explanation: Client-side validation can be easily bypassed using browser developer tools or custom scripts, making server-side validation essential.
57. What is the risk of allowing users to upload executable files (.exe, .bat, .sh)?
A) Users may use too much storage
B) The server may automatically execute malicious programs
C) Users may forget their uploaded files
D) The files may become corrupted
β
Answer: B) The server may automatically execute malicious programs
π Explanation: If executable files are uploaded and somehow executed, they can compromise the entire system.
58. How does using a Content Delivery Network (CDN) help secure file uploads?
A) It improves website speed
B) It caches uploaded files
C) It isolates file storage from the main web application
D) It removes malware from uploaded files
β
Answer: C) It isolates file storage from the main web application
π Explanation: CDNs help isolate file uploads, ensuring that even if malicious files are uploaded, they cannot directly affect the core application.
59. What is the best way to prevent users from uploading executable scripts disguised as images?
A) Checking the first few bytes (file signature) of the uploaded file
B) Allowing only .jpg and .png files
C) Storing files in a separate folder
D) Using a CAPTCHA before file uploads
β
Answer: A) Checking the first few bytes (file signature) of the uploaded file
π Explanation: Magic numbers (file signatures) are the most reliable way to verify actual file content, preventing MIME-type spoofing attacks.
60. What security feature helps prevent unauthorized users from accessing uploaded files?
A) Implementing proper file permissions and access controls
B) Allowing files to be accessed only via a direct link
C) Storing all files in a public folder
D) Encrypting files using weak encryption
β
Answer: A) Implementing proper file permissions and access controls
π Explanation: Access control policies ensure that only authorized users can view or download uploaded files, preventing unauthorized access.
61. Why should file uploads be handled asynchronously in a web application?
A) To reduce server response time and improve user experience
B) To allow users to upload multiple files simultaneously
C) To prevent attackers from modifying uploaded files
D) To encrypt uploaded files automatically
β
Answer: A) To reduce server response time and improve user experience
π Explanation: Asynchronous file uploads prevent web applications from blocking user interaction while a file is being uploaded, improving performance and user experience.
62. How can attackers exploit an application that stores uploaded files in a public directory?
A) By uploading a large file to slow down the server
B) By directly accessing and executing malicious files
C) By modifying file permissions after uploading
D) By renaming their uploaded files to match system files
β
Answer: B) By directly accessing and executing malicious files
π Explanation: If uploaded files are stored in a public, web-accessible directory, attackers may execute web shells or retrieve sensitive data.
63. What is a key reason to enforce file size limits on uploaded files?
A) To prevent users from uploading low-quality files
B) To reduce the risk of Denial-of-Service (DoS) attacks
C) To force users to compress their files before uploading
D) To ensure uploaded files are displayed correctly
β
Answer: B) To reduce the risk of Denial-of-Service (DoS) attacks
π Explanation: Large file uploads can consume server bandwidth and storage, potentially leading to DoS attacks.
64. Why is it essential to log file upload activities?
A) To track malicious attempts and investigate security incidents
B) To ensure all users follow the same upload process
C) To improve file transfer speed
D) To automatically delete files after a certain period
β
Answer: A) To track malicious attempts and investigate security incidents
π Explanation: Logging file uploads helps detect unusual activity, brute force attacks, and malicious uploads for security analysis.
65. How can an attacker abuse a file upload feature to execute Server-Side Request Forgery (SSRF)?
A) By uploading a file that requests internal server resources
B) By sending multiple upload requests at the same time
C) By uploading a file larger than the allowed size
D) By modifying the file extension before uploading
β
Answer: A) By uploading a file that requests internal server resources
π Explanation: SSRF attacks exploit insecure file processing by tricking the server into making unauthorized internal network requests.
66. Why should file uploads be scanned with an antivirus before storage?
A) To remove any unnecessary metadata from files
B) To detect and block malicious files before they are executed
C) To compress the files for faster storage
D) To improve database indexing
β
Answer: B) To detect and block malicious files before they are executed
π Explanation: Scanning uploaded files for malware helps prevent trojans, ransomware, and backdoor scripts from being stored on the server.
67. What is the primary reason to use multi-factor authentication (MFA) for file uploads?
A) To prevent unauthorized users from uploading malicious files
B) To ensure all users have unique upload permissions
C) To improve file encryption
D) To allow users to rename uploaded files
β
Answer: A) To prevent unauthorized users from uploading malicious files
π Explanation: MFA ensures only authorized users can upload files, reducing the risk of unauthorized or automated malicious uploads.
68. How can rate limiting help prevent file upload abuse?
A) By restricting the number of files a user can upload within a timeframe
B) By reducing the file size of uploaded documents
C) By limiting users to specific file formats
D) By preventing duplicate file names
β
Answer: A) By restricting the number of files a user can upload within a timeframe
π Explanation: Rate limiting helps mitigate automated bulk uploads that could be part of a spam, DDoS, or brute-force attack.
69. Which security issue can arise if file upload paths are predictable?
A) Attackers can bypass authentication
B) Attackers can directly access or overwrite uploaded files
C) Files become corrupted during upload
D) The server becomes slow over time
β
Answer: B) Attackers can directly access or overwrite uploaded files
π Explanation: Predictable upload paths allow attackers to guess filenames and access or modify uploaded files, leading to data leaks or code execution.
70. How can an attacker exploit file upload functionality to conduct phishing attacks?
A) By uploading a misleading file with a deceptive filename
B) By increasing the upload speed of phishing files
C) By modifying the file size before uploading
D) By using JavaScript to hide the file from the user
β
Answer: A) By uploading a misleading file with a deceptive filename
π Explanation: Attackers may upload files with names like “Invoice.pdf” containing malicious content to trick users into opening them.
71. Why is it recommended to remove EXIF data from uploaded images?
A) To prevent metadata-based attacks that expose sensitive information
B) To improve image resolution
C) To make the files load faster
D) To reduce file storage size
β
Answer: A) To prevent metadata-based attacks that expose sensitive information
π Explanation: EXIF metadata may contain GPS coordinates, device details, and timestamps, which attackers could exploit.
72. Why should file uploads be handled over HTTPS?
A) To encrypt files before they are stored
B) To prevent attackers from intercepting uploaded data
C) To reduce upload times
D) To block unauthorized file downloads
β
Answer: B) To prevent attackers from intercepting uploaded data
π Explanation: HTTPS encrypts file transfers, preventing Man-in-the-Middle (MitM) attacks where attackers could intercept and modify uploads.
73. What is the risk of allowing users to upload .csv files without validation?
A) They can contain malicious macros leading to Remote Code Execution (RCE)
B) They increase server load
C) They cannot be processed by a web application
D) They require additional server storage
β
Answer: A) They can contain malicious macros leading to Remote Code Execution (RCE)
π Explanation: CSV files can contain formula injection (e.g., =cmd|'/C calc.exe'!A1), leading to RCE when opened in spreadsheet applications.
74. How can a Content Delivery Network (CDN) help secure file uploads?
A) By offloading file storage from the main application
B) By encrypting all uploaded files automatically
C) By scanning files for malware before they are uploaded
D) By reducing file sizes for faster upload
β
Answer: A) By offloading file storage from the main application
π Explanation: CDNs isolate file storage from the main application, reducing risks of direct code execution or unauthorized file access.
75. Why is it important to disable inline file execution in an upload directory?
A) To prevent Remote Code Execution (RCE) attacks
B) To make the files load faster
C) To reduce the serverβs workload
D) To allow only images to be uploaded
β
Answer: A) To prevent Remote Code Execution (RCE) attacks
π Explanation: Disabling inline execution prevents malicious scripts from running directly from the upload directory.
76. What is the primary security concern with allowing .docx and .pdf file uploads?
A) They consume too much storage
B) They can contain embedded macros or scripts leading to malware execution
C) They take longer to download
D) They are difficult to scan for viruses
β
Answer: B) They can contain embedded macros or scripts leading to malware execution
π Explanation: Microsoft Office files (.docx, .xlsm) may contain macros, and PDFs may have embedded JavaScript, both of which can execute malicious code upon opening.
77. Which HTTP header can be used to prevent uploaded files from being executed in the browser?
A) Content-Type: application/octet-stream
B) Content-Disposition: attachment
C) Cache-Control: no-store
D) Server: Secure
β
Answer: B) Content-Disposition: attachment
π Explanation: Setting Content-Disposition: attachment forces files to be downloaded rather than executed in the browser, preventing XSS and drive-by download attacks.
78. Why should a web application reject file uploads containing hidden characters (e.g., U+202E Right-to-Left Override)?
A) They can alter file behavior and trick users into opening malicious files
B) They increase server load
C) They interfere with the file system
D) They are difficult to index in a database
β
Answer: A) They can alter file behavior and trick users into opening malicious files
π Explanation: Attackers can use hidden Unicode characters like Right-to-Left Override (U+202E) to disguise file extensions, tricking users into executing malicious files.
79. How does limiting accepted file types reduce security risks?
A) It reduces the number of files stored on the server
B) It ensures that only necessary file formats are allowed, reducing attack vectors
C) It speeds up file processing
D) It prevents duplicate file uploads
β
Answer: B) It ensures that only necessary file formats are allowed, reducing attack vectors
π Explanation: Allowing only necessary file types (e.g., images, PDFs, etc.) reduces the risk of malicious file uploads, such as executable scripts or web shells.
80. Why should uploaded files be stored outside the web root directory?
A) To prevent unauthorized access and execution of malicious files
B) To make file retrieval faster
C) To allow only admin users to upload files
D) To reduce database storage requirements
β
Answer: A) To prevent unauthorized access and execution of malicious files
π Explanation: Storing uploaded files outside the web root prevents direct access to them, reducing the risk of code execution and remote attacks.
81. How does checking the file magic number improve file upload security?
A) It helps identify the true file type regardless of its extension
B) It speeds up file uploads
C) It allows larger files to be uploaded
D) It ensures file encryption
β
Answer: A) It helps identify the true file type regardless of its extension
π Explanation: The magic number is a signature within a file that indicates its true type, preventing attackers from disguising executable files as harmless formats.
82. Why should session expiration policies be enforced for file uploads?
A) To prevent unauthorized users from completing abandoned upload sessions
B) To increase file storage efficiency
C) To improve website speed
D) To limit the number of files a user can upload
β
Answer: A) To prevent unauthorized users from completing abandoned upload sessions
π Explanation: If sessions do not expire, attackers could hijack unfinished upload requests, gaining access to stored files or uploading malicious content.
83. What is a potential risk of allowing users to upload .apk or .ipa files?
A) They contain compressed data
B) They can be repackaged with malware and used for app distribution attacks
C) They are difficult to scan for viruses
D) They slow down server performance
β
Answer: B) They can be repackaged with malware and used for app distribution attacks
π Explanation: Android Package (.apk) and iOS Application (.ipa) files can contain malicious code, enabling attackers to spread malware via mobile apps.
84. Why is it important to enforce strong authentication for file uploads?
A) To prevent unauthorized users from uploading malicious files
B) To allow users to upload more files at once
C) To speed up the upload process
D) To increase server storage capacity
β
Answer: A) To prevent unauthorized users from uploading malicious files
π Explanation: Enforcing authentication ensures only trusted users can upload files, reducing the risk of automated attacks and malicious file uploads.
85. Why should uploaded files have a strict permission policy (e.g., chmod 600 on Linux)?
A) To prevent unauthorized execution or access
B) To speed up file retrieval
C) To make the files publicly accessible
D) To enable automatic backups
β
Answer: A) To prevent unauthorized execution or access
π Explanation: Restricting file permissions ensures that uploaded files cannot be executed by unauthorized users or scripts.
86. What is the risk of allowing .bat and .cmd file uploads?
A) They can execute commands on the system, leading to Remote Code Execution (RCE)
B) They require too much storage space
C) They slow down the file upload process
D) They are difficult to detect in file directories
β
Answer: A) They can execute commands on the system, leading to Remote Code Execution (RCE)
π Explanation: Batch files (.bat, .cmd) can execute system commands, allowing attackers to gain full control over the system.
87. Why should multipart file uploads be validated carefully?
A) They may contain additional hidden files or malicious payloads
B) They reduce server performance
C) They make file retrieval difficult
D) They increase the file upload time
β
Answer: A) They may contain additional hidden files or malicious payloads
π Explanation: Multipart file uploads can include hidden fields or extra files, which may bypass traditional file validation mechanisms.
88. What is a security risk of allowing file uploads over unencrypted HTTP?
A) Attackers can intercept and modify uploaded files using a Man-in-the-Middle (MitM) attack
B) Files take longer to upload
C) Users cannot upload images
D) Files become corrupted during transfer
β
Answer: A) Attackers can intercept and modify uploaded files using a Man-in-the-Middle (MitM) attack
π Explanation: Without HTTPS encryption, uploaded files can be intercepted, modified, or replaced by attackers.
89. How can an attacker exploit insufficient logging of file uploads?
A) By uploading malicious files without detection
B) By increasing the file upload speed
C) By preventing other users from uploading files
D) By renaming their uploaded files
β
Answer: A) By uploading malicious files without detection
π Explanation: Without proper logging, security teams cannot detect or investigate suspicious file uploads.
90. What is the risk of allowing file uploads without a rate limit?
A) Attackers can flood the server with requests, causing a Denial-of-Service (DoS) attack
B) Users may upload too few files
C) Files will take longer to process
D) The upload speed will increase
β
Answer: A) Attackers can flood the server with requests, causing a Denial-of-Service (DoS) attack
π Explanation: Unrestricted file uploads allow attackers to flood the server with requests, exhausting resources and causing a DoS condition.
91. What is a primary reason for enforcing a quarantine period for newly uploaded files?
A) To delay file availability for performance reasons
B) To allow security systems to scan and verify the fileβs safety before use
C) To ensure the user does not upload the same file twice
D) To improve file compression
β
Answer: B) To allow security systems to scan and verify the fileβs safety before use
π Explanation: Quarantining uploaded files allows antivirus scanners and security tools to inspect them before making them accessible to users.
92. Why should an application use a Content Security Policy (CSP) with uploaded files?
A) To block execution of malicious scripts embedded in uploaded files
B) To allow users to download files faster
C) To prevent file corruption during upload
D) To store files in a secure location
β
Answer: A) To block execution of malicious scripts embedded in uploaded files
π Explanation: A CSP helps prevent malicious JavaScript execution by enforcing security policies on uploaded files.
93. What is a potential risk when allowing .eml (email) file uploads?
A) They can contain phishing attempts and malicious attachments
B) They take longer to process
C) They are difficult to open
D) They cannot be scanned by antivirus programs
β
Answer: A) They can contain phishing attempts and malicious attachments
π Explanation: Email files (.eml, .msg) can include phishing content, embedded malware, and harmful attachments, making them a security risk.
94. What type of attack is possible if user-uploaded files are directly accessible via a predictable URL?
A) Broken Access Control
B) SQL Injection
C) XML External Entity (XXE) Attack
D) Wi-Fi Spoofing
β
Answer: A) Broken Access Control
π Explanation: If uploaded files are accessible via predictable URLs, attackers may enumerate file names and access unauthorized content.
95. Why should temporary files created during file upload be securely deleted?
A) To prevent an attacker from recovering sensitive data
B) To reduce disk usage
C) To improve file processing speed
D) To allow users to upload more files
β
Answer: A) To prevent an attacker from recovering sensitive data
π Explanation: Temporary files may contain sensitive information, and if not securely deleted, attackers can retrieve them.
96. How can attackers abuse .wav or .mp3 file uploads?
A) By embedding malicious payloads inside metadata or hidden data sections
B) By modifying the audio frequency
C) By increasing the file size
D) By reducing the bit rate
β
Answer: A) By embedding malicious payloads inside metadata or hidden data sections
π Explanation: Malware can be embedded in audio file metadata, which may be executed when processed by vulnerable software.
97. Why should an application check for hidden file extensions (e.g., .php.jpg)?
A) To prevent disguised executable files from running
B) To improve image rendering speed
C) To allow only authenticated users to upload files
D) To enforce strict image resizing
β
Answer: A) To prevent disguised executable files from running
π Explanation: Attackers may use double extensions (.php.jpg) to bypass filters and upload malicious scripts.
98. What is a major security risk associated with allowing .exe file uploads?
A) They can execute arbitrary code on the system
B) They are difficult to scan for malware
C) They require too much disk space
D) They do not work on mobile devices
β
Answer: A) They can execute arbitrary code on the system
π Explanation: Executable files (.exe, .msi) can run arbitrary commands, leading to malware infections or system compromise.
99. Why should file upload forms use a secure token or CSRF protection?
A) To prevent unauthorized users from triggering unintended file uploads
B) To make file uploads faster
C) To allow users to retry failed uploads
D) To reduce the size of uploaded files
β
Answer: A) To prevent unauthorized users from triggering unintended file uploads
π Explanation: Cross-Site Request Forgery (CSRF) protection ensures that malicious websites cannot trick authenticated users into uploading files without their knowledge.
100. What is the advantage of using cloud-based antivirus scanning for uploaded files?
A) It offloads scanning to an external service, reducing server load
B) It makes files download faster
C) It prevents users from uploading duplicate files
D) It increases storage efficiency
β
Answer: A) It offloads scanning to an external service, reducing server load
π Explanation: Cloud-based antivirus scanning ensures files are scanned in real-time without consuming local server resources.
101. Why should an application avoid storing uploaded files in a database?
A) To prevent excessive database size and performance degradation
B) To allow users to rename uploaded files
C) To make searching for files easier
D) To improve server uptime
β
Answer: A) To prevent excessive database size and performance degradation
π Explanation: Storing files in a database can cause performance issues; instead, storing them in a file system or object storage is more efficient.
102. What is the risk of allowing .svg files to be uploaded without sanitization?
A) They can contain embedded JavaScript leading to XSS attacks
B) They take up too much storage space
C) They cannot be previewed in a web browser
D) They slow down the website
β
Answer: A) They can contain embedded JavaScript leading to XSS attacks
π Explanation: SVG files are XML-based, and attackers can embed malicious JavaScript, leading to Cross-Site Scripting (XSS) attacks.
103. Why should file uploads be restricted to specific user roles?
A) To prevent unauthorized users from uploading malicious files
B) To make the file upload interface less cluttered
C) To improve image quality
D) To ensure all files are compressed before uploading
β
Answer: A) To prevent unauthorized users from uploading malicious files
π Explanation: Restricting file uploads to specific user roles (e.g., admins only) reduces the risk of unauthorized or malicious file uploads.
104. Why is it a security risk to store uploaded files with their original filenames?
A) Attackers can guess file names and access sensitive information
B) It reduces file retrieval speed
C) It makes database indexing difficult
D) It prevents users from renaming files
β
Answer: A) Attackers can guess file names and access sensitive information
π Explanation: Predictable filenames allow attackers to enumerate files and access sensitive data.
105. What type of malware attack can be hidden within an .iso or .img file?
A) Bootkit or malware loaders that execute when mounted
B) SQL Injection
C) Phishing emails
D) URL redirection
β
Answer: A) Bootkit or malware loaders that execute when mounted
π Explanation: Attackers can embed malware inside .iso or .img disk images, which may execute when mounted.
106. How can an attacker exploit insecure error messages related to file uploads?
A) By gathering information about security mechanisms and bypassing them
B) By increasing the file upload speed
C) By modifying other users’ files
D) By preventing other users from uploading
β
Answer: A) By gathering information about security mechanisms and bypassing them
π Explanation: Detailed error messages can reveal security mechanisms, such as allowed file types or server configurations, aiding attackers.
107. What is the purpose of scanning an uploaded file against a known hash database?
A) To verify if the file is already uploaded
B) To check if the file matches known malware signatures
C) To increase upload speed
D) To compress the file before storage
β
Answer: B) To check if the file matches known malware signatures
π Explanation: Hash comparison ensures that uploaded files do not match known malware hashes, preventing infected files from being stored.
108. How can attackers use MIME sniffing to bypass file upload security?
A) By forcing the browser to interpret the file as a different type
B) By increasing the upload speed
C) By modifying file permissions
D) By preventing the file from being displayed
β
Answer: A) By forcing the browser to interpret the file as a different type
π Explanation: MIME sniffing attacks trick the browser into treating a file as executable content even if it was uploaded as a harmless file.
109. What security control can be used to prevent browsers from executing uploaded files?
A) X-Content-Type-Options: nosniff
B) Cache-Control: no-cache
C) Server: SecureUpload
D) X-Frame-Options: DENY
β
Answer: A) X-Content-Type-Options: nosniff
π Explanation: Setting X-Content-Type-Options: nosniff prevents browsers from guessing file types, reducing the risk of MIME sniffing attacks.
110. Why should file uploads be restricted to HTTPS connections?
A) To prevent attackers from intercepting uploaded files via MITM attacks
B) To increase file upload speed
C) To make files public after uploading
D) To prevent file duplication
β
Answer: A) To prevent attackers from intercepting uploaded files via MITM attacks
π Explanation: Without HTTPS, attackers can intercept and modify uploaded files, leading to data leaks or malware injection.
111. What is the risk of storing uploaded files in a temporary directory without proper cleanup?
A) Attackers may access sensitive temporary files
B) It improves file processing efficiency
C) It reduces the size of uploaded files
D) It increases file upload speed
β
Answer: A) Attackers may access sensitive temporary files
π Explanation: Temporary files must be securely deleted to prevent attackers from recovering sensitive data.
112. Why should an application verify file integrity after upload?
A) To ensure that the file was not altered or corrupted during transfer
B) To allow users to rename their files
C) To improve database indexing
D) To reduce file processing time
β
Answer: A) To ensure that the file was not altered or corrupted during transfer
π Explanation: Verifying file integrity (e.g., using hashes) ensures no data tampering occurred during upload.
113. Why is it important to track user IP addresses during file uploads?
A) To detect and block repeated malicious upload attempts
B) To allow users to delete their files remotely
C) To make files load faster
D) To encrypt file names
β
Answer: A) To detect and block repeated malicious upload attempts
π Explanation: Tracking IP addresses helps detect automated attack attempts, such as brute-force or malware uploads.
114. What security risk exists if uploaded files are stored with 777 permissions on a Linux server?
A) Anyone can read, write, and execute the file, leading to potential code execution
B) The file takes longer to process
C) The file cannot be renamed
D) It prevents the file from being downloaded
β
Answer: A) Anyone can read, write, and execute the file, leading to potential code execution
π Explanation: Setting 777 permissions allows anyone to execute the file, creating a serious security risk.
115. What is a potential attack vector when allowing .json file uploads?
A) Exploiting JSONP-based Cross-Site Scripting (XSSI)
B) Buffer Overflow attacks
C) SQL Injection attacks
D) Brute-force attacks
β
Answer: A) Exploiting JSONP-based Cross-Site Scripting (XSSI)
π Explanation: Attackers may use JSON files in combination with JSONP callbacks to steal sensitive data, leading to Cross-Site Script Inclusion (XSSI) attacks.
116. What is the best way to prevent unauthorized users from accessing uploaded files?
A) Using proper access controls and authentication mechanisms
B) Allowing file access only from specific IP addresses
C) Storing all files in a single directory
D) Allowing users to download files without authentication
β
Answer: A) Using proper access controls and authentication mechanisms
π Explanation: Access controls ensure that only authorized users can retrieve uploaded files, preventing unauthorized access.
117. How can attackers exploit weak file upload validation to conduct a phishing attack?
A) By uploading a file disguised as a legitimate document with malicious links
B) By increasing the file upload speed
C) By modifying the fileβs metadata
D) By using multiple file extensions
β
Answer: A) By uploading a file disguised as a legitimate document with malicious links
π Explanation: Attackers can upload documents containing phishing links, tricking users into revealing credentials.
118. Why should an application restrict the number of concurrent uploads per user?
A) To prevent denial-of-service (DoS) attacks and resource exhaustion
B) To make file downloads faster
C) To prevent duplicate file names
D) To improve file retrieval speed
β
Answer: A) To prevent denial-of-service (DoS) attacks and resource exhaustion
π Explanation: Restricting concurrent uploads prevents attackers from overloading the server, leading to DoS conditions.
119. How can an attacker exploit a lack of logging in file upload mechanisms?
A) By uploading malicious files without detection
B) By modifying the upload form
C) By increasing the file size
D) By renaming uploaded files
β
Answer: A) By uploading malicious files without detection
π Explanation: Without proper logging, security teams cannot detect or investigate malicious uploads, increasing the risk of file-based attacks.
120. What is a common attack against applications that allow .tar.gz file uploads?
A) Path Traversal via malicious file extraction
B) Cross-Site Request Forgery (CSRF)
C) SQL Injection
D) Wi-Fi Spoofing
β
Answer: A) Path Traversal via malicious file extraction
π Explanation: Maliciously crafted archive files may include ../../../etc/passwd, which can extract files outside the intended directory, leading to Path Traversal attacks.
121. What is a risk of allowing .pptx (PowerPoint) file uploads without validation?
A) They may contain embedded macros that execute malicious code
B) They take too much storage space
C) They are difficult to scan for viruses
D) They can corrupt the database
β
Answer: A) They may contain embedded macros that execute malicious code
π Explanation: PowerPoint files can contain embedded macros, which attackers can use to execute malicious code when opened.
122. How can attackers exploit file upload APIs with missing authentication?
A) By uploading arbitrary files without restrictions
B) By improving the file processing speed
C) By bypassing MIME-type validation
D) By making file downloads faster
β
Answer: A) By uploading arbitrary files without restrictions
π Explanation: Missing authentication in file upload APIs allows attackers to upload malicious files, leading to security breaches.
123. What security risk is associated with allowing .dll file uploads?
A) Attackers can execute malicious dynamic link libraries (DLLs) on the server
B) .dll files take too much disk space
C) They slow down the file upload process
D) They are difficult to compress
β
Answer: A) Attackers can execute malicious dynamic link libraries (DLLs) on the server
π Explanation: DLL files can be loaded into running processes, enabling code injection attacks.
124. Why should applications use “Allow-List” validation for file types instead of “Deny-List” validation?
A) It explicitly allows only safe file types, reducing attack vectors
B) It prevents duplicate file names
C) It speeds up file processing
D) It enables automatic file compression
β
Answer: A) It explicitly allows only safe file types, reducing attack vectors
π Explanation: Allow-list validation ensures only specific, verified file types are accepted, whereas deny-list validation can be bypassed.
125. What is the impact of a large-scale file upload vulnerability?
A) It can lead to unauthorized access, malware hosting, and server resource exhaustion
B) It reduces file retrieval speed
C) It prevents users from downloading files
D) It improves database performance
β
Answer: A) It can lead to unauthorized access, malware hosting, and server resource exhaustion
π Explanation: File upload vulnerabilities can be exploited to store malware, execute remote code, or overwhelm server resources.
126. How can an attacker bypass client-side file upload validation?
A) By modifying the upload request using browser developer tools or intercepting it with a proxy
B) By using a slow internet connection
C) By encrypting the uploaded file
D) By renaming the file before upload
β
Answer: A) By modifying the upload request using browser developer tools or intercepting it with a proxy
π Explanation: Client-side validation is easily bypassed using tools like Burp Suite or browser developer tools.
127. What is the purpose of scanning files for steganographic content?
A) To detect hidden malware or data within images or other files
B) To improve image resolution
C) To reduce the file size
D) To validate the MIME type
β
Answer: A) To detect hidden malware or data within images or other files
π Explanation: Steganography is used to hide malicious data inside files, such as encoded scripts in images.
128. Why should temporary uploaded files have short expiration times?
A) To prevent attackers from retrieving or executing malicious files
B) To improve database performance
C) To allow users to re-upload files easily
D) To reduce the upload speed
β
Answer: A) To prevent attackers from retrieving or executing malicious files
π Explanation: Temporary files should be automatically deleted to prevent unauthorized access or malicious use.
129. What is a potential risk when allowing .iso (disk image) file uploads?
A) Attackers can store malware in the disk image that executes when mounted
B) They take too much bandwidth
C) They slow down the file upload process
D) They cannot be opened by users
β
Answer: A) Attackers can store malware in the disk image that executes when mounted
π Explanation: ISO files can contain bootable malware, allowing attackers to compromise systems when mounted.
130. What is a key security risk of allowing .txt file uploads without validation?
A) They can contain phishing scams or social engineering payloads
B) They cannot be processed by a server
C) They take up too much storage
D) They slow down the database
β
Answer: A) They can contain phishing scams or social engineering payloads
π Explanation: TXT files may contain malicious links or phishing messages that trick users into visiting harmful websites.
131. Why should session tokens be invalidated after file uploads?
A) To prevent attackers from hijacking an active upload session
B) To make file retrieval faster
C) To allow users to download files quicker
D) To increase upload speed
β
Answer: A) To prevent attackers from hijacking an active upload session
π Explanation: Invalidating session tokens ensures that attackers cannot reuse stolen session IDs to upload malicious files.
132. What is the security benefit of chunked file uploads?
A) It prevents large file uploads from consuming excessive server resources
B) It speeds up the file download process
C) It allows multiple users to upload files at the same time
D) It improves database indexing
β
Answer: A) It prevents large file uploads from consuming excessive server resources
π Explanation: Chunked file uploads break large files into smaller pieces, preventing Denial-of-Service (DoS) attacks.
133. How can an attacker exploit file upload race conditions?
A) By modifying a fileβs contents between validation and storage
B) By renaming the uploaded file
C) By uploading a large number of files at once
D) By slowing down the server
β
Answer: A) By modifying a fileβs contents between validation and storage
π Explanation: Race condition attacks occur when an attacker alters a file between the upload validation step and its final storage.
134. What is a potential risk when allowing .psd (Photoshop) file uploads?
A) They may contain embedded scripts or metadata with hidden malware
B) They slow down image rendering
C) They are too large to store efficiently
D) They cannot be opened by non-Adobe software
β
Answer: A) They may contain embedded scripts or metadata with hidden malware
π Explanation: Photoshop (.psd) files can contain metadata that may be manipulated for malicious purposes.
135. How can attackers use DNS rebinding attacks in file uploads?
A) By uploading files that trick the server into making unintended network requests
B) By encrypting the uploaded file
C) By modifying the fileβs metadata
D) By changing the file extension
β
Answer: A) By uploading files that trick the server into making unintended network requests
π Explanation: DNS rebinding can manipulate file uploads to trick the server into making unauthorized requests.
136. Why should metadata removal be enforced for uploaded documents?
A) To prevent leakage of sensitive information like author names or tracked edits
B) To reduce file size
C) To improve file searchability
D) To allow users to upload files faster
β
Answer: A) To prevent leakage of sensitive information like author names or tracked edits
π Explanation: Metadata may contain sensitive details that could lead to privacy breaches.
137. What is the best way to prevent attackers from embedding malware inside images (.jpg, .png)?
A) Use deep content inspection to analyze file contents beyond headers
B) Allow only low-resolution images to be uploaded
C) Convert all images to grayscale before storage
D) Store images in a zip file before processing
β
Answer: A) Use deep content inspection to analyze file contents beyond headers
π Explanation: Attackers may embed malicious code within images; deep content inspection verifies if the image contains hidden scripts or executable payloads.
138. Why should uploaded video files (.mp4, .avi) be processed before serving to users?
A) To detect and remove embedded exploits or malicious payloads
B) To improve streaming quality
C) To reduce file storage requirements
D) To increase the upload speed
β
Answer: A) To detect and remove embedded exploits or malicious payloads
π Explanation: Attackers can hide malware inside video metadata or manipulate codec vulnerabilities, requiring security analysis before distribution.
139. What is a potential risk of allowing .zip or .rar file uploads without scanning?
A) Attackers can hide malware inside archives to bypass security filters
B) Users will not be able to download files correctly
C) The server will reject the file upload request
D) The file extraction process will take too long
β
Answer: A) Attackers can hide malware inside archives to bypass security filters
π Explanation: Malicious files hidden inside compressed archives may bypass antivirus detection and execute when extracted.
140. What is the main reason for restricting uploaded files to a specific storage directory?
A) To prevent unauthorized access and execution of uploaded files
B) To allow faster indexing of files
C) To improve database performance
D) To increase upload speeds
β
Answer: A) To prevent unauthorized access and execution of uploaded files
π Explanation: Storing uploaded files in a restricted directory prevents direct execution or unauthorized access.
141. How can an attacker exploit a file upload feature to perform a local file inclusion (LFI) attack?
A) By uploading a file with a path that references system files
B) By renaming the uploaded file after processing
C) By embedding an image inside a PDF file
D) By reducing the file size to bypass scanning
β
Answer: A) By uploading a file with a path that references system files
π Explanation: LFI attacks occur when an attacker manipulates file paths to access restricted system files.
142. Why is it important to scan metadata in uploaded document files (.docx, .xlsx)?
A) Metadata can contain hidden malicious scripts or sensitive user information
B) It improves file indexing
C) It increases upload speed
D) It allows file previews
β
Answer: A) Metadata can contain hidden malicious scripts or sensitive user information
π Explanation: Document metadata may contain hidden scripts, author details, and sensitive internal data that could be exploited by attackers.
143. What type of attack can be conducted using .vbs (VBScript) file uploads?
A) Remote Code Execution (RCE)
B) SQL Injection
C) Cross-Site Scripting (XSS)
D) Clickjacking
β
Answer: A) Remote Code Execution (RCE)
π Explanation: VBScript files (.vbs) can execute malicious commands on Windows systems, leading to RCE attacks.
144. What is the risk of allowing .cfg or .ini configuration file uploads?
A) Attackers may modify system configurations to enable vulnerabilities
B) They take too long to process
C) They cause system crashes when uploaded
D) They cannot be scanned by antivirus software
β
Answer: A) Attackers may modify system configurations to enable vulnerabilities
π Explanation: Configuration files can contain settings that impact security, such as database credentials or application settings.
145. Why should duplicate file uploads be handled with caution?
A) Attackers may use duplicate file uploads to store malware under different names
B) Duplicate files slow down processing
C) The database might not recognize duplicate files
D) Users might accidentally overwrite their own files
β
Answer: A) Attackers may use duplicate file uploads to store malware under different names
π Explanation: By uploading the same malicious file under different names, attackers may attempt to bypass security filters.
146. How can attackers exploit a lack of file upload logging?
A) By repeatedly uploading malicious files without detection
B) By modifying their file extension
C) By encrypting their uploaded files
D) By decreasing the upload speed
β
Answer: A) By repeatedly uploading malicious files without detection
π Explanation: Without logging, security teams cannot track malicious activity, allowing attackers to continue uploading harmful files.
147. What is a major concern when allowing .bat (batch script) file uploads?
A) They can execute system commands, leading to full system compromise
B) They slow down the file upload process
C) They increase file storage size
D) They can only run on Linux systems
β
Answer: A) They can execute system commands, leading to full system compromise
π Explanation: Batch files (.bat) can run arbitrary system commands, making them dangerous if uploaded and executed.
148. How can attackers bypass antivirus scanning on uploaded files?
A) By encrypting the file or modifying file signatures to evade detection
B) By using a faster internet connection
C) By uploading smaller files
D) By uploading files with special characters in the name
β
Answer: A) By encrypting the file or modifying file signatures to evade detection
π Explanation: Attackers use obfuscation, encryption, or file signature modification to bypass antivirus detection.
149. Why should an application block .hta file uploads?
A) .hta files can execute arbitrary code on Windows, leading to system compromise
B) They slow down web applications
C) They are too large to process
D) They cannot be opened on mobile devices
β
Answer: A) .hta files can execute arbitrary code on Windows, leading to system compromise
π Explanation: HTML Application (.hta) files are executable scripts that can be used to launch malware.
150. What is a security risk of allowing users to rename uploaded files?
A) Attackers may disguise malicious files as legitimate ones
B) It slows down the file processing time
C) It increases server storage usage
D) It prevents users from retrieving files quickly
β
Answer: A) Attackers may disguise malicious files as legitimate ones
π Explanation: Allowing users to rename uploaded files enables attackers to modify file names to bypass security filters.
151. What is a potential risk of allowing .log file uploads?
A) Attackers can inject malicious logs to manipulate system behavior
B) They slow down the file upload process
C) They increase storage costs
D) They can only be opened on Linux systems
β
Answer: A) Attackers can inject malicious logs to manipulate system behavior
π Explanation: Attackers may upload .log files containing manipulated system logs to mislead security monitoring tools or inject malicious commands.
152. How can attackers use .reg (Windows Registry) file uploads maliciously?
A) By modifying system registry settings to enable vulnerabilities
B) By encrypting the uploaded file
C) By renaming the file before uploading
D) By using a slow internet connection
β
Answer: A) By modifying system registry settings to enable vulnerabilities
π Explanation: Windows Registry files (.reg) can change system settings, allowing attackers to weaken security controls or enable persistence.
153. What is a risk of allowing .torrent file uploads?
A) Attackers can distribute malware through peer-to-peer sharing
B) They take up too much storage space
C) They slow down the database
D) They cannot be opened on mobile devices
β
Answer: A) Attackers can distribute malware through peer-to-peer sharing
π Explanation: Torrent files can be used to share illegal or malicious content, potentially spreading malware through peer-to-peer networks.
154. Why should an application remove metadata from uploaded images (.jpg, .png)?
A) To prevent exposure of sensitive information such as GPS location or device details
B) To improve image quality
C) To increase file storage efficiency
D) To reduce file download time
β
Answer: A) To prevent exposure of sensitive information such as GPS location or device details
π Explanation: EXIF metadata may contain GPS coordinates, usernames, and other sensitive data, which can be exploited for privacy attacks.
155. How can an attacker exploit an application that allows .py file uploads?
A) By uploading a Python script that executes arbitrary commands on the server
B) By modifying the file name to bypass validation
C) By using a large file to slow down processing
D) By encrypting the script before uploading
β
Answer: A) By uploading a Python script that executes arbitrary commands on the server
π Explanation: Allowing .py files could lead to Remote Code Execution (RCE) if the script is executed on the server.
156. Why should file upload error messages be generic?
A) To prevent attackers from gaining insights into security mechanisms
B) To make debugging easier for developers
C) To allow users to retry file uploads easily
D) To reduce log file size
β
Answer: A) To prevent attackers from gaining insights into security mechanisms
π Explanation: Detailed error messages can reveal information about security defenses, such as allowed file types or validation mechanisms.
157. What is a risk of allowing .bat and .cmd file uploads on Windows servers?
A) Attackers can execute system commands remotely
B) They take longer to upload
C) They slow down the system
D) They cannot be opened on Linux
β
Answer: A) Attackers can execute system commands remotely
π Explanation: Batch script files (.bat, .cmd) can run system commands, leading to Remote Code Execution (RCE) if improperly handled.
158. How can attackers use .htaccess file uploads maliciously?
A) By modifying server configurations to enable script execution
B) By renaming the uploaded file
C) By embedding an image inside the file
D) By using hidden Unicode characters
β
Answer: A) By modifying server configurations to enable script execution
π Explanation: Malicious .htaccess files can alter server behavior, allowing execution of scripts in restricted directories.
159. Why should cloud storage access be restricted for uploaded files?
A) To prevent unauthorized access and potential data leaks
B) To improve file retrieval speed
C) To allow users to download files faster
D) To increase the upload success rate
β
Answer: A) To prevent unauthorized access and potential data leaks
π Explanation: Cloud storage access should be controlled using authentication mechanisms, ensuring only authorized users can access uploaded files.
160. How can an attacker abuse the lack of rate limiting on file uploads?
A) By overwhelming the server with excessive upload requests (Denial-of-Service attack)
B) By modifying the upload form
C) By changing the file extension
D) By using an encrypted connection
β
Answer: A) By overwhelming the server with excessive upload requests (Denial-of-Service attack)
π Explanation: Without rate limiting, attackers can flood the server with upload requests, causing service disruption.
161. Why should uploaded .apk and .ipa files be treated with caution?
A) They can be modified to include hidden malware or spyware
B) They slow down the web server
C) They are difficult to open on desktop computers
D) They require too much storage space
β
Answer: A) They can be modified to include hidden malware or spyware
π Explanation: Mobile application files (.apk, .ipa) can be repackaged with malware, leading to compromised devices.
162. What is a common risk of allowing users to upload .csv files?
A) Formula Injection attacks (CSV Injection)
B) Memory corruption errors
C) XML External Entity (XXE) attacks
D) Slow file downloads
β
Answer: A) Formula Injection attacks (CSV Injection)
π Explanation: Attackers can embed formulas inside .csv files, causing commands to execute when opened in spreadsheet applications.
163. Why should a web application reject .exe and .msi file uploads?
A) They can install and execute malicious software on the user’s system
B) They increase bandwidth consumption
C) They are too large to process
D) They slow down the web page
β
Answer: A) They can install and execute malicious software on the user’s system
π Explanation: Executable files (.exe, .msi) can be used to distribute malware, leading to system compromise.
164. How can attackers use .json file uploads for attacks?
A) By injecting malicious payloads into API responses (JSON Injection)
B) By making file processing slower
C) By renaming the uploaded file
D) By modifying the fileβs MIME type
β
Answer: A) By injecting malicious payloads into API responses (JSON Injection)
π Explanation: Attackers can insert malicious JavaScript into JSON responses, leading to data theft or cross-site scripting attacks.
165. Why should large file uploads be monitored?
A) To detect possible Denial-of-Service (DoS) or resource exhaustion attacks
B) To improve file indexing
C) To prevent duplicate file names
D) To increase file compression efficiency
β
Answer: A) To detect possible Denial-of-Service (DoS) or resource exhaustion attacks
π Explanation: Unusually large file uploads can indicate an attack, where attackers try to consume all available storage.
166. How can attackers abuse the .dll file upload feature in Windows environments?
A) By loading malicious Dynamic Link Libraries to inject code into legitimate processes
B) By renaming .dll files to .jpg before uploading
C) By increasing the upload size limit
D) By making the upload process slower
β
Answer: A) By loading malicious Dynamic Link Libraries to inject code into legitimate processes
π Explanation: Malicious .dll files can be loaded into legitimate Windows processes, allowing attackers to execute arbitrary code.
167. What is the primary risk of allowing .ps1 (PowerShell script) file uploads?
A) They can be used to execute system commands and gain unauthorized access
B) They slow down the upload speed
C) They require too much disk space
D) They make file indexing difficult
β
Answer: A) They can be used to execute system commands and gain unauthorized access
π Explanation: PowerShell scripts (.ps1) can execute system commands, potentially allowing remote access or privilege escalation.
168. Why should a web application implement a maximum file upload limit?
A) To prevent resource exhaustion and denial-of-service (DoS) attacks
B) To speed up the file retrieval process
C) To allow users to upload more files at once
D) To improve file compression
β
Answer: A) To prevent resource exhaustion and denial-of-service (DoS) attacks
π Explanation: Attackers can upload extremely large files to consume server resources, leading to DoS attacks.
169. What is a major security risk of allowing .html file uploads?
A) Attackers can execute stored Cross-Site Scripting (XSS) attacks
B) HTML files require additional storage space
C) HTML files cannot be compressed
D) Users may upload blank HTML pages
β
Answer: A) Attackers can execute stored Cross-Site Scripting (XSS) attacks
π Explanation: Uploading .html files allows attackers to embed malicious JavaScript, which may be executed when other users view the file.
170. Why should uploaded .pl (Perl script) files be blocked on web servers?
A) They can execute system commands leading to Remote Code Execution (RCE)
B) They slow down the web application
C) They are difficult to store in databases
D) They require too much memory
β
Answer: A) They can execute system commands leading to Remote Code Execution (RCE)
π Explanation: Perl scripts (.pl) can be executed on certain web servers, leading to unauthorized system access.
171. What type of attack can occur if a web application allows .cfm file uploads?
A) Remote Code Execution (RCE) in ColdFusion environments
B) Cross-Site Request Forgery (CSRF)
C) XML External Entity (XXE) attacks
D) JSON Injection
β
Answer: A) Remote Code Execution (RCE) in ColdFusion environments
π Explanation: ColdFusion Markup Language (.cfm) files can execute server-side code if uploaded to a vulnerable ColdFusion server.
172. How can an attacker exploit .cgi file uploads in a web application?
A) By executing arbitrary code on the server through improperly handled CGI scripts
B) By encrypting the .cgi files before upload
C) By modifying the file’s extension to bypass validation
D) By making the file upload slower
β
Answer: A) By executing arbitrary code on the server through improperly handled CGI scripts
π Explanation: CGI scripts (.cgi) can execute commands on the server, allowing attackers to gain control over the system.
173. Why should an application block .sh file uploads?
A) Shell script files (.sh) can execute arbitrary system commands
B) They are difficult to store in databases
C) They slow down file processing
D) They are too large for most web servers
β
Answer: A) Shell script files (.sh) can execute arbitrary system commands
π Explanation: Shell scripts can contain commands that, when executed, allow an attacker to control the system remotely.
174. How can attackers exploit .java file uploads?
A) By uploading Java source files that, when compiled, execute malicious code
B) By renaming .java files to .txt before uploading
C) By making the uploaded files larger
D) By modifying the fileβs hash value
β
Answer: A) By uploading Java source files that, when compiled, execute malicious code
π Explanation: Java files (.java) can contain malicious code that, once compiled and executed, can lead to system compromise.
175. Why should file uploads be subjected to behavior-based malware scanning?
A) To detect hidden or obfuscated threats that signature-based scanning might miss
B) To make file retrieval faster
C) To improve file indexing
D) To allow users to download files quicker
β
Answer: A) To detect hidden or obfuscated threats that signature-based scanning might miss
π Explanation: Behavior-based scanning detects suspicious activities, even when the file has never been seen before.
176. What is a risk of allowing .ini and .conf configuration file uploads?
A) Attackers can manipulate system settings and gain unauthorized access
B) They slow down the upload process
C) They are difficult to process in web applications
D) They require additional storage space
β
Answer: A) Attackers can manipulate system settings and gain unauthorized access
π Explanation: Configuration files (.ini, .conf) can contain system settings that, if modified, may weaken security controls.
177. How can attackers use .mdb (Microsoft Access database) file uploads maliciously?
A) By embedding malicious SQL queries to extract sensitive data
B) By making the uploaded file larger than usual
C) By modifying the fileβs permissions
D) By reducing the database performance
β
Answer: A) By embedding malicious SQL queries to extract sensitive data
π Explanation: Microsoft Access database files (.mdb) can contain embedded SQL queries, potentially leading to SQL Injection attacks.
178. Why should a web application enforce strict file naming conventions for uploaded files?
A) To prevent directory traversal and command injection attacks
B) To allow users to rename files easily
C) To improve database storage efficiency
D) To make file downloads faster
β
Answer: A) To prevent directory traversal and command injection attacks
π Explanation: Uncontrolled file naming can allow attackers to manipulate paths, leading to directory traversal and injection attacks.
179. How can an attacker abuse .asp file uploads?
A) By executing server-side ASP scripts to gain control over a vulnerable IIS server
B) By modifying the fileβs metadata
C) By making the file unreadable
D) By increasing the server’s disk space
β
Answer: A) By executing server-side ASP scripts to gain control over a vulnerable IIS server
π Explanation: ASP files (.asp) can execute on IIS servers, allowing Remote Code Execution (RCE) if improperly handled.
180. What is a best practice to prevent attackers from directly executing uploaded files?
A) Store uploaded files in a non-public directory and disable execution permissions
B) Allow execution but log all access attempts
C) Encrypt all uploaded files
D) Rename all uploaded files to .tmp
β
Answer: A) Store uploaded files in a non-public directory and disable execution permissions
π Explanation: Keeping uploaded files outside the web root directory prevents direct execution, reducing the risk of RCE attacks.
181. What is a potential risk of allowing .class (Java compiled class) file uploads?
A) Attackers can execute Java bytecode to perform malicious actions
B) They slow down the file processing speed
C) They cannot be opened on Linux systems
D) They increase file storage costs
β
Answer: A) Attackers can execute Java bytecode to perform malicious actions
π Explanation: Java .class files contain executable bytecode that, if uploaded and executed, could lead to arbitrary code execution.
182. Why should a web application avoid accepting .psm1 (PowerShell module) file uploads?
A) They can contain PowerShell functions that execute malicious commands
B) They slow down file uploads
C) They increase database indexing time
D) They are too large for most web servers
β
Answer: A) They can contain PowerShell functions that execute malicious commands
π Explanation: PowerShell modules (.psm1) can define scripts and functions that, if executed, can compromise the system.
183. What is the security concern with allowing .ics (calendar event) file uploads?
A) They can contain phishing links that automatically invite users to malicious events
B) They require too much processing power
C) They cannot be opened in most browsers
D) They slow down file transfers
β
Answer: A) They can contain phishing links that automatically invite users to malicious events
π Explanation: Attackers can embed malicious URLs in .ics calendar event files, tricking users into clicking harmful links.
184. Why should a web application block .wsf (Windows Script File) uploads?
A) They can execute JavaScript and VBScript to control the system
B) They slow down the server
C) They cannot be compressed properly
D) They are not compatible with Linux systems
β
Answer: A) They can execute JavaScript and VBScript to control the system
π Explanation: Windows Script Files (.wsf) can execute VBScript and JavaScript commands, leading to system compromise.
185. How can attackers abuse .scf (Shell Command File) uploads?
A) By triggering authentication hash theft through automatic execution
B) By modifying the fileβs metadata
C) By embedding an image inside the file
D) By changing the file extension
β
Answer: A) By triggering authentication hash theft through automatic execution
π Explanation: Shell Command Files (.scf) can trick Windows Explorer into sending NTLM hashes to an attacker-controlled server, leading to credential theft.
186. What is the main risk of allowing .url file uploads?
A) They can redirect users to phishing websites or malware-infected pages
B) They take too long to process
C) They consume too much disk space
D) They slow down the server
β
Answer: A) They can redirect users to phishing websites or malware-infected pages
π Explanation: Attackers can upload .url shortcut files containing links to malicious websites, leading to phishing or malware infections.
187. How can attackers exploit .scr (Windows screensaver) file uploads?
A) By executing the screensaver as an EXE file, leading to malware infections
B) By modifying the fileβs icon to hide its purpose
C) By embedding phishing content inside the file
D) By slowing down the server
β
Answer: A) By executing the screensaver as an EXE file, leading to malware infections
π Explanation: Windows screensaver files (.scr) are actually executables, meaning they can be used to execute malware.
188. What is a security risk of allowing .chm (Compiled HTML Help) file uploads?
A) They can contain embedded JavaScript or VBScript that executes automatically
B) They cannot be indexed by search engines
C) They take up too much storage space
D) They slow down the application
β
Answer: A) They can contain embedded JavaScript or VBScript that executes automatically
π Explanation: Attackers can embed malicious scripts inside .chm help files, which execute when the file is opened.
189. Why should web applications avoid allowing .hta (HTML Application) file uploads?
A) They can execute as standalone applications with system-level access
B) They slow down the server
C) They take too much disk space
D) They are difficult to process
β
Answer: A) They can execute as standalone applications with system-level access
π Explanation: HTML Application files (.hta) run outside the browser with full system access, making them dangerous if executed.
190. What is a common risk of allowing .lnk (Windows shortcut) file uploads?
A) They can be used to launch malicious scripts or executables
B) They require too much processing power
C) They increase database storage costs
D) They cannot be compressed
β
Answer: A) They can be used to launch malicious scripts or executables
π Explanation: Attackers can upload .lnk shortcut files pointing to malware, tricking users into executing harmful programs.
191. What is the security concern with .cab (Windows Cabinet) file uploads?
A) They can contain malicious compressed executables that extract upon opening
B) They are difficult to transfer over a network
C) They take longer to decompress
D) They slow down server responses
β
Answer: A) They can contain malicious compressed executables that extract upon opening
π Explanation: Windows Cabinet (.cab) files can store multiple compressed files, including malware that executes upon extraction.
192. How can .reg file uploads be exploited by attackers?
A) By modifying Windows Registry settings to weaken security
B) By embedding phishing links in the file
C) By making the file upload process slower
D) By modifying system fonts
β
Answer: A) By modifying Windows Registry settings to weaken security
π Explanation: Windows Registry files (.reg) can modify security settings, allowing malware persistence or system compromise.
193. Why should .msi (Windows Installer) files be restricted in file uploads?
A) They can install malware onto a system when executed
B) They slow down file processing
C) They cannot be indexed by search engines
D) They require too much disk space
β
Answer: A) They can install malware onto a system when executed
π Explanation: Windows Installer (.msi) files can contain malicious software, leading to silent malware installations.
194. How can attackers exploit .inf (Setup Information) file uploads?
A) By modifying system settings and launching malware during installation
B) By reducing the file size to bypass detection
C) By embedding phishing content in the file
D) By renaming the file after upload
β
Answer: A) By modifying system settings and launching malware during installation
π Explanation: Attackers can modify .inf setup files to execute malware, leading to system compromise.
195. Why is it dangerous to allow .desktop file uploads on Linux systems?
A) They can contain command execution payloads when opened
B) They slow down the server
C) They cannot be compressed
D) They require too much memory
β
Answer: A) They can contain command execution payloads when opened
π Explanation: .desktop files can contain commands that execute automatically, leading to potential system compromise.
196. What is the security risk of allowing .msg (Outlook email message) file uploads?
A) They can contain malicious attachments and phishing content
B) They take longer to process
C) They slow down email clients
D) They cannot be opened on Linux
β
Answer: A) They can contain malicious attachments and phishing content
π Explanation: Outlook .msg files can contain email attachments, links, or phishing messages that lead to malware infections or credential theft.
197. Why should .bashrc and .bash_profile file uploads be blocked?
A) Attackers can modify shell environment settings to execute commands on login
B) They slow down file indexing
C) They require too much disk space
D) They make file retrieval difficult
β
Answer: A) Attackers can modify shell environment settings to execute commands on login
π Explanation: Uploading and modifying .bashrc or .bash_profile files can allow attackers to execute malicious commands whenever a user logs in.
198. How can .dmg (macOS disk image) file uploads be exploited?
A) They can contain embedded malware that executes when mounted
B) They take longer to process
C) They cannot be scanned by antivirus software
D) They are only compatible with Linux systems
β
Answer: A) They can contain embedded malware that executes when mounted
π Explanation: .dmg files can include malicious payloads that execute automatically when opened on macOS, leading to system infections.
199. What is a security concern with allowing .properties file uploads?
A) They may contain sensitive application configuration data
B) They slow down file transfers
C) They require manual processing
D) They are too large for most web servers
β
Answer: A) They may contain sensitive application configuration data
π Explanation: Properties files often contain application settings, API keys, and database credentials, making them a target for attackers.
200. Why should web applications prevent .xpi file uploads?
A) .xpi files can contain malicious Firefox browser extensions
B) They are difficult to process
C) They cannot be opened outside of Firefox
D) They slow down the web application
β
Answer: A) .xpi files can contain malicious Firefox browser extensions
π Explanation: Attackers can distribute .xpi files containing malicious extensions that steal user data or modify browser behavior.
201. How can .qbw (QuickBooks company file) uploads be abused?
A) They may contain sensitive financial and business data
B) They take too long to process
C) They increase server load
D) They require additional encryption
β
Answer: A) They may contain sensitive financial and business data
π Explanation: QuickBooks (.qbw) files store sensitive financial records, making them a target for data theft and fraud.
202. Why should uploaded .dat files be carefully handled?
A) They may contain encoded malware or sensitive data
B) They cannot be indexed by databases
C) They require extra memory to process
D) They are difficult to open
β
Answer: A) They may contain encoded malware or sensitive data
π Explanation: .dat files can store encoded data, which attackers may use to conceal malware or sensitive user information.
203. What is the security concern with allowing .asp file uploads?
A) Attackers can execute malicious Active Server Pages (ASP) scripts
B) They increase file retrieval times
C) They require additional storage space
D) They slow down the web application
β
Answer: A) Attackers can execute malicious Active Server Pages (ASP) scripts
π Explanation: ASP files can contain server-side code that, if executed, can lead to Remote Code Execution (RCE) attacks.
204. Why should .regtrans-ms (Windows registry transaction) file uploads be blocked?
A) They can contain unauthorized registry modifications that impact system security
B) They slow down server performance
C) They cannot be compressed
D) They require administrator privileges
β
Answer: A) They can contain unauthorized registry modifications that impact system security
π Explanation: Windows registry transaction files can store registry changes, which attackers may use to weaken system security.
205. How can an attacker abuse .vhd or .vmdk file uploads?
A) By storing a complete malicious virtual machine inside the uploaded file
B) By slowing down file transfer speeds
C) By encrypting the uploaded files
D) By modifying the fileβs metadata
β
Answer: A) By storing a complete malicious virtual machine inside the uploaded file
π Explanation: Virtual disk files (.vhd, .vmdk) can contain fully configured operating systems with pre-installed malware, allowing attackers to deploy infected VMs on target systems.