[&] Why is the OWASP Web Security Testing Guide useful in authentication testing?
- It provides a list of encrypted protocols
- It offers standardized methodology and guidance on testing steps
- It supplies server configuration scripts
- It generates automated penetration test reports

[&] What is the purpose of testing for weak lockout mechanisms?
- To test the response time of the application
- To evaluate vulnerability to brute force attacks
- To check for SQL injection points
- To identify excess memory usage

[&] What is the primary focus of authentication testing?
- Optimizing server performance
- Testing for SQL injection
- Analyzing network traffic
- Probing authentication vulnerabilities

[&] Which of the following is an example of an authentication vulnerability?
- Default credentials still being used
- Unpatched server software
- Improper caching of web pages
- Unsecured physical server location

[&] What type of vulnerabilities does authentication testing primarily target?
- Access control vulnerabilities
- Authentication mechanism vulnerabilities
- Memory leak vulnerabilities
- SQL injection vulnerabilities

[&] Why is session management an important aspect of authentication testing?
- It provides encryption for data in transit
- It offers real-time monitoring of user activity
- It prevents unauthorized session hijacking
- It ensures server load balancing