How can you prevent session fixation attacks in PHP?
A). Regenerate session IDs after successful authentication
B). Use weak session IDs
C). Store session IDs in plaintext
D). Disable session management entirely
What is the recommended approach for handling session data in PHP forms?
A). Use form validation and CSRF tokens
B). Store session data in hidden form fields
C). Use plaintext passwords for form authentication
D). Share session data in URL parameters
What is the primary benefit of salting passwords before hashing?
A). To prevent rainbow table attacks
B). To increase server performance
C). To encrypt session data
D). To generate random session IDs
What is the role of hashing in user authentication?
A). To securely store passwords
B). To encrypt session data
C). To generate random session IDs
D). To validate IP addresses
What is the purpose of using prepared statements in user authentication?
A). To prevent SQL injection attacks
B). To optimize database queries
C). To increase server performance
D). To store session data securely
Which of the following is commonly used for user authentication in PHP?
A). Username and password
B). Session ID
C). IP address
D). URL parameters
How can you handle user authentication in PHP using a database?
A). Query the database to validate user credentials
B). Use session variables to track user sessions
C). Store passwords in plaintext
D). Validate user credentials in URL parameters
How can you securely manage session data in PHP?
A). Store sensitive session data server-side
B). Store session data in plaintext on the client
C). Share session data in URL parameters
D). Store session data in unencrypted cookies
How can you implement remember me functionality in PHP?
A). By using persistent cookies with long expiration times
B). By storing passwords in plaintext
C). By disabling session management
D). By using URL parameters for authentication
How can you destroy a session in PHP?
A). session_destroy()
B). destroy_session()
C). end_session()
D). remove_session()