OWASP Top 10 MCQ with Answers

OWASP is a non-profit organization that publishes the Top 10 categories of vulnerability types of web applications. This blog lists multiple-choice questions (MCQ) on OWASP Top 10. Solutions of MCQ are available at the end of the blog.

(2) What are the weaknesses included in Cryptographic Failures?

(A) Use of Hard-coded Password
(B) Broken or Risky Crypto Algorithm
(C) SQL Injection
(D) Insufficient Entropy

(3) What are the weaknesses included in Software and Data Integrity Failures?

(A) Download of Code Without Integrity Check
(B) Insufficient Entropy
(C) Deserialization of Untrusted Data
(D) Broken or Risky Crypto Algorithm
(A) Identification and Authentication Failures
(B) Software and Data Integrity Failures
(C) Server-Side Request Forgery
(D) Security Logging and Monitoring Failures

(5) How to prevent Injection vulnerability in a web application?

(A) Use Security Headers
(B) Use of safe API
(C) Use HTTPS/TLS protocol
(D) Input validation

(6) What are the example attacks of Identification and Authentication Failures?

(A) CSRF
(B) Use of Credential Stuffing
(C) Exploiting third party component
(D) Retrieve credit card numbers by exploiting SQL Injection flaw

(7) What are the weaknesses included in Security logging and monitoring?

(A) Omission of Security-relevant Information
(B) SQL Injection
(C) Insufficient Entropy
(D) Insertion of Sensitive Information into Log File

(8) Which category includes XSS in OWASP Top 10 2021?

(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Injection

(9) Which category includes Insecure Deserialization in OWASP Top 10 2021?

(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Injection

(10) Reusing a Nonce, Key Pair in Encryption cover in which category of OWASP Top 10 2021?

(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Cryptographic Failure

Solutions:

(1) B, C, D

(2) A, B, D

(3) A, C

(4) B

(5) B, D

(6) B

(7) A, D

(8) D

(9) C

(10) D

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

10 Blockchain Security Vulnerabilities OWASP API Top 10 - 2023 7 Facts You Should Know About WormGPT OWASP Top 10 for Large Language Models (LLMs) Applications Top 10 Blockchain Security Issues