What is the recommended approach for handling session data in PHP forms?
A). Use form validation and CSRF tokens
B). Store session data in hidden form fields
C). Use plaintext passwords for form authentication
D). Share session data in URL parameters
Which of the following is a security best practice for session management?
A). Use HTTPS to encrypt session data during transmission
B). Store session data in plaintext on the server
C). Set session cookies to expire after every request
D). Share session IDs in URL parameters
How can you prevent session fixation attacks in PHP?
A). Regenerate session IDs after successful authentication
B). Use weak session IDs
C). Store session IDs in plaintext
D). Disable session management entirely
What is the purpose of session management in PHP web applications?
A). To maintain stateful information across multiple requests
B). To optimize database queries
C). To handle user authentication
D). To manage server configurations
What is the purpose of using prepared statements in user authentication?
A). To prevent SQL injection attacks
B). To optimize database queries
C). To increase server performance
D). To store session data securely
What is the primary benefit of salting passwords before hashing?
A). To prevent rainbow table attacks
B). To increase server performance
C). To encrypt session data
D). To generate random session IDs
Which of the following PHP functions is used to destroy a session?
A). session_destroy()
B). destroy_session()
C). end_session()
D). remove_session()
Which PHP function is used to start a new session?
A). session_start()
B). start_session()
C). init_session()
D). new_session()
Which of the following is commonly used for user authentication in PHP?
A). Username and password
B). Session ID
C). IP address
D). URL parameters
What does the $_SESSION superglobal array store in PHP?
A). Session data
B). User credentials
C). Database queries
D). HTML markup