. Core Concepts
Q: What is the difference between VA and PT?
A: Vulnerability Assessment (VA) is a passive scan to identify security loopholes without exploiting them. Penetration Testing (PT) is an active, authorized attempt to exploit those loopholes to verify their impact.
Q: What is the OWASP Top 10?
A: It is a standard awareness document representing the most critical security risks to web applications, such as Broken Access Control and Injection.
2. Web Security (The "Must-Knows")
Q: Explain SQL Injection (SQLi) and how to prevent it.
A: SQLi occurs when an attacker inserts malicious SQL code into input fields to manipulate a database. Prevention is done via Parameterized Queries (Prepared Statements) and input validation.
Q: What is the difference between Stored and Reflected XSS?
A: Stored XSS permanently saves the malicious script on the server (e.g., in a comment section). Reflected XSS is "reflected" off a web server through a link or search field and isn't stored.
Q: What is CSRF and how do you mitigate it?
A: Cross-Site Request Forgery tricks a logged-in user into performing unwanted actions. Mitigation involves using unique Anti-CSRF Tokens for every sensitive request.
3. Networking & Tools
Q: What are the stages of a Penetration Test?
A: 1. Reconnaissance, 2. Scanning/Enumeration, 3. Vulnerability Analysis, 4. Exploitation, 5. Post-Exploitation/Reporting.
Q: Name your preferred VAPT tools.
A: Burp Suite (Web Proxy), Nmap (Network Discovery), Metasploit (Exploitation), and Nessus (Vulnerability Scanning