JavaScript MCQs – Security Best Practices

11.) What is a secure way to handle sensitive API keys in JavaScript?

A) Store them in local storage.
B) Store them in the backend server.
C) Store them in plain text files.
D) Embed them in the HTML file.

Answer: Option B

Explanation: Sensitive keys should be stored securely on the server side to prevent exposure to unauthorized users.

12.) How can you prevent clickjacking attacks?

A) Use HTTPS.
B) Use strong passwords.
C) Avoid using iframes.
D) Use the X-Frame-Options header.

Answer: Option B

Explanation: The X-Frame-Options header prevents a website from being embedded in iframes, mitigating clickjacking attacks.

13.) Why should third-party libraries be used cautiously?

A) They reduce code size.
B) They are harder to debug.
C) They always introduce compatibility issues.
D) They might contain vulnerabilities or malicious code.

Answer: Option D

Explanation: Third-party libraries can have vulnerabilities, so they should be reviewed and updated regularly.

14.) What is a Same-Origin Policy (SOP)?

A) A rule to prevent HTTP requests.
B) A policy restricting how scripts interact with content from different origins.
C) A browser feature to cache data.
D) A method for improving performance.

Answer: Option B

Explanation: SOP ensures that JavaScript can only access resources from the same origin, enhancing security.

15.) What is the purpose of the Secure flag in cookies?

A) To allow cookies to be accessed over HTTP.
B) To encrypt cookie data.
C) To restrict cookies to HTTPS connections only.
D) To prevent cookies from expiring.

Answer: Option C

Explanation: The Secure flag ensures cookies are only transmitted over secure HTTPS connections.

16.) Why is it important to use parameterized queries in JavaScript?

A) To improve code readability.
B) To prevent SQL Injection attacks.
C) To reduce code execution time.
D) To simplify database queries.

Answer: Option B

Explanation: Parameterized queries safely handle user inputs, preventing malicious SQL Injection attacks.

17.) Which JavaScript API helps sanitize user inputs?

A) Sanitizer API
B) DOMParser
C) Fetch API
D) JSON.stringify

Answer: Option A

Explanation: The Sanitizer API provides methods to clean and sanitize user inputs, ensuring safety.

18.) Which type of data should never be stored in client-side storage like localStorage?

A) User preferences
B) API keys
C) Non-sensitive data
D) Caching information

Answer: Option B

Explanation: Sensitive data like API keys should always be stored securely on the server side to prevent unauthorized access.

19.) What is the main security benefit of using modules in JavaScript?

A) Improved performance.
B) Code readability.
C) Isolation of variables and functions.
D) Debugging ease.

Answer: Option C

Explanation: JavaScript modules encapsulate variables and functions, reducing global scope exposure and enhancing security.

20.) What should you do before deploying a JavaScript application?

A) Minify and compress files.
B) Scan for vulnerabilities using automated tools.
C) Perform thorough testing.
D) All of the above.

Answer: Option D

Explanation: A secure deployment involves minification, vulnerability scanning, and thorough testing to ensure reliability and safety.

Pages: 1 2 3

Leave a Reply

Your email address will not be published. Required fields are marked *