Merge pull request #17 from lukasz-a-krol/main

lukasz-a-krol · web-flow · commit 4b01a61bbed0 · 2024-08-15T14:52:33.000+02:00
hiding answers
diff --git a/content/learning-path/4/module-2.en.md b/content/learning-path/4/module-2.en.md
@@ -384,7 +384,7 @@ Explanation:
 A) Incorrect. Failing to implement proper data validation typically does not lead to increased server performance.\
 B) Incorrect. While proper data validation contributes to a better user experience by preventing errors, its absence does not enhance user experience.\
 C) Correct. Without proper data validation, web applications are vulnerable to SQL injection attacks, where attackers can manipulate database queries by injecting malicious SQL code.\
-D) Incorrect. Data validation helps maintain data integrity, but its absence does not improve data integrity*.
+D) Incorrect. Data validation helps maintain data integrity, but its absence does not improve data integrity.
 {{< /question >}}
 
 **Question 2**
diff --git a/content/learning-path/4/module-3.en.md b/content/learning-path/4/module-3.en.md
@@ -389,81 +389,114 @@ B) An exploit that grants unauthorized access to restricted parts of a web appli
 C) A weakness in the authentication mechanism of a web application, leading to compromised user credentials.\
 D) A security flaw that enables attackers to intercept communication between the client and server.
 
-Question 2. What are the potential risks associated with broken authentication vulnerabilities?
+{{< question title="Answer" >}}
+1. B) A weakness in the authentication mechanism of a web application, leading to compromised user credentials.
+
+**Question 2**. What are the potential risks associated with broken authentication vulnerabilities?
 
 A) Unauthorized access to sensitive data and user accounts.\
 B) Exposure of session tokens, leading to session hijacking attacks.\
 C) Compromise of user credentials, including passwords and authentication tokens.\
 D) All of the above.
 
+{{< question title="Answer" >}}
+2. D) All of the above.
+{{< /question >}}
+
 **Question 3**. Which of the following is NOT an example of a mitigation mechanism for broken authentication vulnerabilities?
 
 A) Implementing multi-factor authentication (MFA) for user accounts.\
 B) Enforcing strong password policies, including regular password rotation.\
 C) Disabling HTTPS to prevent interception of authentication credentials.\
 D) Implementing account lockout mechanisms to prevent brute force attacks.
 
+{{< question title="Answer" >}}
+3. C) Disabling HTTPS to prevent interception of authentication credentials.
+{{< /question >}}
+
 **Question 4**. Which type of flaw may lead to compromised authentication mechanisms by allowing attackers to guess or crack user passwords?
 
 A) Session Fixation\
 B) Cross-Site Request Forgery (CSRF)\
 C) Insufficient Password Complexity\
 D) Cross-Site Scripting (XSS)
 
+{{< question title="Answer" >}}
+4. C) Insufficient Password Complexity
+{{< /question >}}
+
 **Question 5**. What is a specific example of a mitigation strategy for addressing the flaw of insufficient password complexity?
 
 A) Implementing CAPTCHA challenges during the login process.\
 B) Enforcing password length and complexity requirements.\
 C) Encrypting authentication tokens to prevent interception.\
 D) Whitelisting trusted IP addresses for accessing the login page.
 
+{{< question title="Answer" >}}
+5. B) Enforcing password length and complexity requirements.
+{{< /question >}}
+
 **Question 6**. Which mitigation strategy aims to prevent attackers from exploiting session fixation vulnerabilities?
 
 A) Implementing session timeout mechanisms.\
 B) Encrypting session cookies using HTTPS.\
 C) Regenerating session identifiers after successful authentication.\
 D) Enforcing strong password policies for user accounts.
 
+{{< question title="Answer" >}}
+6. C) Regenerating session identifiers after successful authentication.
+{{< /question >}}
+
 **Question 7**. What type of flaw may lead to compromised authentication mechanisms by allowing attackers to hijack active user sessions?
 
 A) Insufficient Session Expiration\
 B) Insecure Token Storage\
 C) Cross-Site Scripting (XSS)\
 D) Cross-Site Request Forgery (CSRF)
 
+{{< question title="Answer" >}}
+7. A) Insufficient Session Expiration
+{{< /question >}}
+
 **Question 8**. Which mitigation strategy addresses the flaw of insecure token storage by securely managing authentication tokens?
 
 A) Storing tokens in plaintext within client-side cookies.\
 B) Encrypting tokens using a symmetric encryption algorithm.\
 C) Implementing secure password hashing algorithms.\
 D) Using HTTP headers for transmitting authentication tokens.
 
+{{< question title="Answer" >}}
+8. B) Encrypting tokens using a symmetric encryption algorithm.
+{{< /question >}}
+
 **Question 9**. What is a specific example of a mitigation strategy for preventing session fixation attacks?
 
 A) Rotating session identifiers after a successful login.\
 B) Implementing multi-factor authentication (MFA).\
 C) Using CAPTCHA challenges to verify user authenticity.\
 D) Enforcing strict input validation on the login form.
 
+{{< question title="Answer" >}}
+9. A) Rotating session identifiers after a successful login.
+{{< /question >}}
+
 **Question 10**. What type of flaw may lead to compromised authentication mechanisms by allowing attackers to forge requests to the web application while authenticated as another user?
 
 A) Insufficient Session Expiration\
 B) Insufficient Transport Layer Protection\
 C) Cross-Site Scripting (XSS)\
 D) Cross-Site Request Forgery (CSRF)
 
-#### Answer key
-
-1. B) A weakness in the authentication mechanism of a web application, leading to compromised user credentials.
-2. D) All of the above.
-3. C) Disabling HTTPS to prevent interception of authentication credentials.
-4. C) Insufficient Password Complexity
-5. B) Enforcing password length and complexity requirements.
-6. C) Regenerating session identifiers after successful authentication.
-7. A) Insufficient Session Expiration
-8. B) Encrypting tokens using a symmetric encryption algorithm.
-9. A) Rotating session identifiers after a successful login.
+{{< question title="Answer" >}}
 10. D) Cross-Site Request Forgery (CSRF)
+{{< /question >}}
+
+
+
+
+
+
+
 
 
 ## Learning Resources
diff --git a/content/learning-path/4/module-4.en.md b/content/learning-path/4/module-4.en.md
@@ -90,81 +90,112 @@ B) Ensuring data integrity\
 C) Verifying user permissions\
 D) Encrypting sensitive information
 
+{{< question title="Answer" >}}
+C) Verifying user permissions
+{{< /question >}}
+
 **Question 2**. Which category of vulnerability involves developers failing to check if a user is logged in on certain pages?
 
 A) Vertical Privilege Escalation\
 B) Horizontal Privilege Escalation\
 C) Missing Authentication\
 D) Forced Browsing
 
+{{< question title="Answer" >}}
+C) Missing Authentication
+{{< /question >}}
+
 **Question 3**. What is one common pattern of missing authentication vulnerability mentioned in the subtopic text?
 
 A) Failing to check permissions on data-level actions\
 B) Passing user IDs in URL parameters\
 C) Allowing users to modify their own data\
 D) Showing different links based on user login status
 
+{{< question title="Answer" >}}
+D) Showing different links based on user login status
+{{< /question >}}
+
 **Question 4**. What is the result of vertical privilege escalation vulnerability?
 
 A) Users can access unauthorized data\
 B) Less powerful users can perform powerful actions they were not authorized to do\
 C) Users can edit other users' data without permission\
 D) The entire site becomes vulnerable to attacks
 
+{{< question title="Answer" >}}
+B) Less powerful users can perform powerful actions
+{{< /question >}}
+
+
 **Question 5**. In the context of horizontal privilege escalation, what is a common cause of vulnerability according to the subtopic text?
 
 A) Lack of developer awareness\
 B) Inconsistent implementation of controls\
 C) Passing user IDs in URL parameters\
 D) Insufficient encryption protocols
 
+{{< question title="Answer" >}}
+B) Inconsistent implementation of controls
+{{< /question >}}
+
+
 **Question 6**. How can developers prevent authorization vulnerabilities according to the subtopic text?
 
 A) Use complex logic for authorization checks\
 B) Rely solely on framework support\
 C) Implement their own controls consistently\
 D) Ignore data-level permissions checks
 
+{{< question title="Answer" >}}
+C) Implement their own controls consistently
+{{< /question >}}
+
 **Question 7**. Which of the following is NOT a tip mentioned in the text for preventing authorization vulnerabilities?
 
 A) Layer and simplify the process of checking user permissions\
 B) Use separate websites for regular users and administrators\
 C) Rely solely on framework functions for authorization\
 D) Establish consistent developer guidelines for data access
 
+{{< question title="Answer" >}}
+C) Rely solely on framework functions for authorization
+{{< /question >}}
+
 **Question 8**. What is the significance of consistency in implementing authorization controls?
 
 A) It increases the complexity of the system\
 B) It reduces the likelihood of errors\
 C) It limits access to certain users\
 D) It makes authorization checks more difficult
 
+{{< question title="Answer" >}}
+B) It reduces the likelihood of errors
+{{< /question >}}
+
 **Question 9**. What is one example provided in the subtopic text for vertical privilege escalation vulnerability?
 
 A) Modifying URL parameters to escalate privileges\
 B) Allowing users to view other users' data\
 C) Passing user IDs in hidden form fields\
 D) Regular users gaining access to administrative features
 
+{{< question title="Answer" >}}
+D) Regular users gaining access to administrative features
+{{< /question >}}
+
 **Question 10**. Which vulnerability category involves users performing actions on other users' data with the same access level?
 
 A) Missing Authentication\
 B) Vertical Privilege Escalation\
 C) Horizontal Privilege Escalation\
 D) Forced Browsing\
 
-#### Answer key
+{{< question title="Answer" >}}
+C) Horizontal Privilege Escalation
+{{< /question >}}
+
 
-Question 1: C) Verifying user permissions\
-Question 2: C) Missing Authentication\
-Question 3: D) Showing different links based on user login status\
-Question 4: B) Less powerful users can perform powerful actions\
-Question 5: B) Inconsistent implementation of controls\
-Question 6: C) Implement their own controls consistently\
-Question 7: C) Rely solely on framework functions for authorization\
-Question 8: B) It reduces the likelihood of errors\
-Question 9: D) Regular users gaining access to administrative features\
-Question 10: C) Horizontal Privilege Escalation
 
 ### Exercise 3 (optional, only for those comfortable with basic python): code bug finding challenge
 
@@ -211,15 +242,16 @@ print(result)
 
 **Find and fix the vulnerability in the `delete_profile` function.**
 
-#### Answer key and explanation
-
+{{< question title="Answer and explanation" >}}
 The vulnerability lies in the fact that the `delete_profile` function only checks for the current user's write permission but does not verify that the current user is authorized to delete other users' profiles. This allows any user with write permission to delete any other user's profile, regardless of their own permissions.
 
 **To fix the vulnerability, you could:**
 
 1. Check if the current user has the "delete" permission specifically.
 2. Implement role-based access control (RBAC) to restrict deletion based on user roles.
 3. Add additional checks to verify the legitimacy of the deletion request.
+{{< /question >}}
+
 
 ## Learning Resources
 
