FlashGenius Logo FlashGenius
Login Sign Up

GWAPT Practice Questions: HTML5, Client-Side & Advanced Attacks Domain

Published: September 28, 2025 | 20 min read

Test your GWAPT knowledge with 10 practice questions from the HTML5, Client-Side & Advanced Attacks domain. Includes detailed explanations and answers.

GWAPT Practice Questions

Master the HTML5, Client-Side & Advanced Attacks Domain

Test your knowledge in the HTML5, Client-Side & Advanced Attacks domain with these 10 practice questions. Each question is designed to help you prepare for the GWAPT certification exam with detailed explanations to reinforce your learning.

Question 1

During a penetration test, you encounter a web application using HTML5's Cross-Origin Resource Sharing (CORS) policy. You notice the following CORS configuration in the server response header: 'Access-Control-Allow-Origin: *'. What is the primary security risk associated with this configuration?

A) It allows any website to perform Cross-Site Request Forgery (CSRF) attacks.

B) It enables attackers to perform Cross-Site Scripting (XSS) attacks more easily.

C) It allows any website to read sensitive data from the application.

D) It permits any website to access the server's source code.

Show Answer & Explanation

Correct Answer: C

Explanation: The primary security risk associated with 'Access-Control-Allow-Origin: *' is that it allows any website to read sensitive data from the application, as it permits cross-origin requests from any domain. This can lead to unauthorized data access if the application exposes sensitive information via CORS. Option A is incorrect because CSRF attacks are not directly related to CORS configurations. Option B is incorrect because XSS is related to script execution, not cross-origin data sharing. Option D is incorrect because CORS does not expose server source code; it controls cross-origin data access.

Question 2

While testing a web application, you identify that it uses local storage to store user session data. Which of the following attacks is most likely to exploit this scenario if the application is vulnerable?

A) Cross-Site Scripting (XSS)

B) SQL Injection

C) Cross-Site Request Forgery (CSRF)

D) Clickjacking

Show Answer & Explanation

Correct Answer: A

Explanation: Cross-Site Scripting (XSS) can exploit vulnerabilities where user input is not properly sanitized, allowing an attacker to inject scripts into web pages viewed by other users. If session data is stored in local storage, a successful XSS attack could allow an attacker to access and potentially steal this data. SQL Injection and CSRF do not directly target local storage, and Clickjacking involves tricking the user into clicking something they didn't intend to, not accessing local storage.

Question 3

While testing a web application, you notice it uses HTML5's Geolocation API. Which of the following attacks could exploit this feature if not properly secured?

A) Cross-Site Scripting (XSS)

B) Clickjacking

C) Location Spoofing

D) SQL Injection

Show Answer & Explanation

Correct Answer: C

Explanation: Location Spoofing is a potential attack on the Geolocation API if the application does not validate or sanitize the location data properly. An attacker could spoof their location to gain unauthorized access to location-based services. XSS (A) and SQL Injection (D) are unrelated to the Geolocation API specifically. Clickjacking (B) is a different type of attack that involves tricking users into clicking on something different than they perceive, which is unrelated to geolocation.

Question 4

You are testing a web application that uses HTML5 local storage to store user session data. Which of the following is a potential security risk associated with this practice?

A) Local storage data can be accessed by any website if the user is logged in.

B) Data stored in local storage is sent to the server with every HTTP request.

C) Local storage data can be accessed by JavaScript running in the same origin, potentially leading to XSS attacks.

D) Local storage automatically encrypts stored data, making it inaccessible to attackers.

Show Answer & Explanation

Correct Answer: C

Explanation: The correct answer is C. Local storage data can be accessed by JavaScript running in the same origin, which means if an attacker can inject JavaScript (via XSS), they can access the stored data. Option A is incorrect because local storage is origin-specific and cannot be accessed by other websites. Option B is incorrect because local storage data is not sent to the server with every HTTP request. Option D is incorrect because local storage does not automatically encrypt data.

Question 5

While testing a web application, you identify that it uses the HTML5 File API to process user-uploaded files. Which of the following best describes a potential security issue with this implementation?

A) The File API allows attackers to upload files larger than the server's maximum file size limit.

B) The File API can be exploited to perform directory traversal attacks.

C) The File API enables attackers to read the contents of local files without user permission.

D) The File API may be used to execute client-side scripts if file types are not properly validated.

Show Answer & Explanation

Correct Answer: D

Explanation: Option D is correct because if the application does not validate file types, an attacker could upload a malicious script that executes on the client-side. Option A is incorrect because the File API does not inherently bypass server-side file size limits. Option B is incorrect as directory traversal typically involves server-side file access, not client-side. Option C is incorrect because the File API cannot read local files without explicit user permission.

Question 6

You are analyzing a web application with a feature that dynamically loads content from other domains using HTML5's CORS (Cross-Origin Resource Sharing). During your testing, you find the following CORS header in the server response: 'Access-Control-Allow-Origin: *'. What is the security implication of this configuration?

A) It securely allows cross-origin requests only from trusted domains.

B) It exposes the application to Cross-Site Scripting (XSS) attacks.

C) It allows any website to access the application's resources, leading to potential data leaks.

D) It prevents the application from being accessed by unauthorized users.

Show Answer & Explanation

Correct Answer: C

Explanation: The 'Access-Control-Allow-Origin: *' header allows any domain to access the application's resources, which can lead to data leaks and unauthorized access. This configuration does not restrict access to trusted domains, making it insecure. It does not directly relate to XSS attacks or user authorization.

Question 7

During an assessment, you find that a web application uses HTML5 forms with the 'autocomplete' attribute set to 'on'. What is the primary risk associated with this configuration?

A) It may allow attackers to perform CSRF attacks more easily.

B) Sensitive information may be stored in the browser, accessible to unauthorized users.

C) It enables attackers to inject malicious scripts directly into the form fields.

D) It increases the risk of SQL injection vulnerabilities in the application.

Show Answer & Explanation

Correct Answer: B

Explanation: B is correct because when autocomplete is set to 'on', sensitive information such as usernames or passwords may be stored in the browser, potentially accessible to unauthorized users if the device is compromised. A is incorrect because autocomplete does not directly facilitate CSRF attacks. C is incorrect because autocomplete does not relate to script injection. D is incorrect because autocomplete does not increase the risk of SQL injection vulnerabilities.

Question 8

While performing a penetration test on a web application, you encounter an HTML5 web storage vulnerability. Which of the following scenarios best demonstrates a potential security risk associated with this vulnerability?

A) An attacker exploits local storage to inject a persistent XSS payload.

B) An attacker uses session storage to store encrypted user credentials securely.

C) An attacker modifies the HTML5 manifest file to change the application's offline behavior.

D) An attacker uses HTML5 geolocation API to track user location without consent.

Show Answer & Explanation

Correct Answer: A

Explanation: Option A is correct because local storage can be accessed by scripts running on the same origin, making it a vector for persistent XSS if not properly sanitized. Option B is incorrect because session storage is cleared when the page session ends, and encryption alone does not guarantee security. Option C is incorrect because modifying the manifest file is unrelated to web storage vulnerabilities. Option D is incorrect because it concerns privacy, not a web storage vulnerability.

Question 9

You are using OWASP ZAP to identify vulnerabilities in a web application. Which HTML5 feature could be exploited to perform a cross-domain attack if CORS is improperly configured?

A) HTML5 Drag and Drop

B) HTML5 Canvas

C) HTML5 WebSockets

D) HTML5 Cross-Origin Resource Sharing (CORS)

Show Answer & Explanation

Correct Answer: D

Explanation: The correct answer is D. HTML5 Cross-Origin Resource Sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain. If CORS is improperly configured, it can be exploited to perform cross-domain attacks. Option A, Drag and Drop, is unrelated to cross-domain requests. Option B, Canvas, is used for drawing graphics. Option C, WebSockets, is used for full-duplex communication over a single TCP connection, not specifically for cross-domain resource sharing.

Question 10

During a penetration test, you identify a Cross-Origin Resource Sharing (CORS) misconfiguration. Which scenario best demonstrates a potential exploitation of this vulnerability?

A) An attacker can execute arbitrary SQL commands on the server.

B) An attacker can read sensitive data from the victim's browser using a malicious website.

C) An attacker can inject scripts into the web application via a form input.

D) An attacker can redirect users to a phishing site using a crafted URL.

Show Answer & Explanation

Correct Answer: B

Explanation: Option B is correct because a CORS misconfiguration can allow an attacker to use a malicious website to make requests to the vulnerable application and read sensitive data from the victim's browser. Option A describes SQL injection, which is unrelated to CORS. Option C pertains to cross-site scripting (XSS), not CORS. Option D describes open redirect vulnerabilities, which are also unrelated to CORS.

Ready to Accelerate Your GWAPT Preparation?

Join thousands of professionals who are advancing their careers through expert certification preparation with FlashGenius.

  • ✅ Unlimited practice questions across all GWAPT domains
  • ✅ Full-length exam simulations with real-time scoring
  • ✅ AI-powered performance tracking and weak area identification
  • ✅ Personalized study plans with adaptive learning
  • ✅ Mobile-friendly platform for studying anywhere, anytime
  • ✅ Expert explanations and study resources
Start Free Practice Now

Already have an account? Sign in here

About GWAPT Certification

The GWAPT certification validates your expertise in html5, client-side & advanced attacks and other critical domains. Our comprehensive practice questions are carefully crafted to mirror the actual exam experience and help you identify knowledge gaps before test day.

Practice Tests — Focused, timed, domain-based

Sharpen skills with domain-specific practice questions and timed exam simulations tailored for GWAPT on FlashGenius. Below pages have some sample questions

Tip: use the domain practice tests for targeted drilling and the cheat sheet for quick remediation notes after each mock.