Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Road To Freelancing > Top 10 OWASP > Flashcards

Top 10 OWASP Flashcards

1
Q

What does OWASP stand for?

A

Open Web Application Security Project

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the purpose of the OWASP Top 10?

A

To raise awareness about the most critical security risks to web applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

True or False: The OWASP Top 10 is updated every year.

A

False, it is updated periodically, but not necessarily every year.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the first item on the OWASP Top 10 list?

A

Injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Fill in the blank: _____ is a type of attack where malicious code is injected into an application.

A

Injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the second item on the OWASP Top 10 list?

A

Broken Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Multiple Choice: Which of the following is a common example of sensitive data exposure?

A

Not encrypting sensitive data at rest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the third item on the OWASP Top 10 list?

A

Sensitive Data Exposure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

True or False: Security Misconfiguration is the fourth item on the OWASP Top 10 list.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does ‘Broken Access Control’ refer to?

A

Failures in restricting user permissions to access resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the fifth item on the OWASP Top 10 list?

A

Broken Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Fill in the blank: _____ refers to the improper handling of user input leading to security vulnerabilities.

A

Security Misconfiguration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the sixth item on the OWASP Top 10 list?

A

Security Misconfiguration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Multiple Choice: Which of the following is an example of ‘Cross-Site Scripting’ (XSS)?

A

Injecting malicious scripts into web pages viewed by other users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the seventh item on the OWASP Top 10 list?

A

Cross-Site Scripting (XSS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

True or False: ‘Insecure Deserialization’ is the eighth item on the OWASP Top 10 list.

17
Q

What does ‘Insufficient Logging & Monitoring’ refer to?

A

Failures to log and monitor activities within an application, hindering incident detection.

18
Q

What is the ninth item on the OWASP Top 10 list?

A

Insufficient Logging & Monitoring

19
Q

What is the tenth item on the OWASP Top 10 list?

A

Server-Side Request Forgery (SSRF)

20
Q

Fill in the blank: _____ can lead to unauthorized actions being performed on behalf of the user.

A

Broken Authentication

21
Q

Multiple Choice: Which of the following is a best practice to mitigate injection attacks?

A

Using parameterized queries

22
Q

What is a common consequence of Sensitive Data Exposure?

A

Data breaches and identity theft

23
Q

True or False: Using strong passwords is a mitigation strategy for Broken Authentication.

24
Q

What is one way to prevent Cross-Site Scripting (XSS)?

A

Sanitizing user inputs

25
What does SSRF stand for?
Server-Side Request Forgery

Road To Freelancing (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions