OWASP Top 10 MCQ with Answers
OWASP is a non-profit organization that publishes the Top 10 categories of vulnerability types of web applications. This blog lists multiple-choice questions (MCQ) on OWASP Top 10. Solutions of MCQ are available at the end of the blog.
- (1) Which of the category added newly in OWASP Top 10 2021?
- (2) What are the weaknesses included in Cryptographic Failures?
- (3) What are the weaknesses included in Software and Data Integrity Failures?
- (4) Which category of OWASP Top 10 broadly cover SolarWinds malicious update-related issue?
- (5) How to prevent Injection vulnerability in a web application?
- (6) What are the example attacks of Identification and Authentication Failures?
- (7) What are the weaknesses included in Security logging and monitoring?
- (8) Which category includes XSS in OWASP Top 10 2021?
- (9) Which category includes Insecure Deserialization in OWASP Top 10 2021?
- (10) Reusing a Nonce, Key Pair in Encryption cover in which category of OWASP Top 10 2021?
(1) Which of the category added newly in OWASP Top 10 2021?
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Server-Side Request Forgery (SSRF)
(2) What are the weaknesses included in Cryptographic Failures?
(B) Broken or Risky Crypto Algorithm
(C) SQL Injection
(D) Insufficient Entropy
(3) What are the weaknesses included in Software and Data Integrity Failures?
(B) Insufficient Entropy
(C) Deserialization of Untrusted Data
(D) Broken or Risky Crypto Algorithm
(4) Which category of OWASP Top 10 broadly cover SolarWinds malicious update-related issue?
(B) Software and Data Integrity Failures
(C) Server-Side Request Forgery
(D) Security Logging and Monitoring Failures
(5) How to prevent Injection vulnerability in a web application?
(B) Use of safe API
(C) Use HTTPS/TLS protocol
(D) Input validation
(6) What are the example attacks of Identification and Authentication Failures?
(B) Use of Credential Stuffing
(C) Exploiting third party component
(D) Retrieve credit card numbers by exploiting SQL Injection flaw
(7) What are the weaknesses included in Security logging and monitoring?
(B) SQL Injection
(C) Insufficient Entropy
(D) Insertion of Sensitive Information into Log File
(8) Which category includes XSS in OWASP Top 10 2021?
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Injection
(9) Which category includes Insecure Deserialization in OWASP Top 10 2021?
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Injection
(10) Reusing a Nonce, Key Pair in Encryption cover in which category of OWASP Top 10 2021?
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Cryptographic Failure
Solutions:
(1) B, C, D
(2) A, B, D
(3) A, C
(4) B
(5) B, D
(6) B
(7) A, D
(8) D
(9) C
(10) D
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.