OWASP Top 10 MCQ with Answers

OWASP is a non-profit organization that publishes the Top 10 category of vulnerability types of web applications. This blog list out multiple-choice questions (MCQ) on OWASP Top 10. Solutions of MCQ are available at the end of the blog.

(1) Which of the category added newly in OWASP Top 10 2021?

(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Server-Side Request Forgery (SSRF)

(2) What are the weaknesses included in Cryptographic Failures?

(A) Use of Hard-coded Password
(B) Broken or Risky Crypto Algorithm
(C) SQL Injection
(D) Insufficient Entropy

(3) What are the weaknesses included in Software and Data Integrity Failures?

(A) Download of Code Without Integrity Check
(B) Insufficient Entropy
(C) Deserialization of Untrusted Data
(D) Broken or Risky Crypto Algorithm

(4) Which category of OWASP Top 10 broadly cover SolarWinds malicious update-related issue?

(A) Identification and Authentication Failures
(B) Software and Data Integrity Failures
(C) Server-Side Request Forgery
(D) Security Logging and Monitoring Failures

(5) How to prevent Injection vulnerability in a web application?

(A) Use Security Headers
(B) Use of safe API
(C) Use HTTPS/TLS protocol
(D) Input validation

(6) What are the example attacks of Identification and Authentication Failures?

(A) CSRF
(B) Use of Credential Stuffing
(C) Exploiting third party component
(D) Retrieve credit card numbers by exploiting SQL Injection flaw

(7) What are the weaknesses included in Security logging and monitoring?

(A) Omission of Security-relevant Information
(B) SQL Injection
(C) Insufficient Entropy
(D) Insertion of Sensitive Information into Log File

(8) Which category includes XSS in OWASP Top 10 2021?

(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Injection

(9) Which category includes Insecure Deserialization in OWASP Top 10 2021?

(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Injection

(10) Reusing a Nonce, Key Pair in Encryption cover in which category of OWASP Top 10 2021?

(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Cryptographic Failure

Solutions:

(1) B, C, D

(2) A, B, D

(3) A, C

(4) B

(5) B, D

(6) B

(7) A, D

(8) D

(9) C

(10) D

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

You may also like...

Leave a Reply

Your email address will not be published.