How can you prevent session fixation attacks in PHP?
A). Regenerate session IDs after successful authentication
B). Use weak session IDs
C). Store session IDs in plaintext
D). Disable session management entirely
Which PHP function is commonly used to hash passwords?
A). password_hash()
B). hash_password()
C). encrypt_password()
D). secure_hash()
Which of the following PHP functions is used to destroy a session?
A). session_destroy()
B). destroy_session()
C). end_session()
D). remove_session()
What is the role of hashing in user authentication?
A). To securely store passwords
B). To encrypt session data
C). To generate random session IDs
D). To validate IP addresses
What does the session_regenerate_id() function do in PHP?
A). Regenerates the session ID to prevent session fixation
B). Registers a new session ID with the server
C). Retrieves the session ID from the server
D). Ends the current session and deletes session data
Which PHP function is used to start a new session?
A). session_start()
B). start_session()
C). init_session()
D). new_session()
Which of the following is a security best practice for session management?
A). Use HTTPS to encrypt session data during transmission
B). Store session data in plaintext on the server
C). Set session cookies to expire after every request
D). Share session IDs in URL parameters
What is the purpose of session management in PHP web applications?
A). To maintain stateful information across multiple requests
B). To optimize database queries
C). To handle user authentication
D). To manage server configurations
How can you destroy a session in PHP?
A). session_destroy()
B). destroy_session()
C). end_session()
D). remove_session()
What is the primary benefit of salting passwords before hashing?
A). To prevent rainbow table attacks
B). To increase server performance
C). To encrypt session data
D). To generate random session IDs