OWASP Top 10 MCQ with Answers
OWASP is a non-profit organization that publishes the Top 10 categories of vulnerability types of web applications. This blog lists multiple-choice questions (MCQ) on OWASP Top 10. Solutions of MCQ are available at the end of the blog.
(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Server-Side Request Forgery (SSRF)
(A) Use of Hard-coded Password
(B) Broken or Risky Crypto Algorithm
(C) SQL Injection
(D) Insufficient Entropy
(A) Download of Code Without Integrity Check
(B) Insufficient Entropy
(C) Deserialization of Untrusted Data
(D) Broken or Risky Crypto Algorithm
(A) Identification and Authentication Failures
(B) Software and Data Integrity Failures
(C) Server-Side Request Forgery
(D) Security Logging and Monitoring Failures
(A) Use Security Headers
(B) Use of safe API
(C) Use HTTPS/TLS protocol
(D) Input validation
(A) CSRF
(B) Use of Credential Stuffing
(C) Exploiting third party component
(D) Retrieve credit card numbers by exploiting SQL Injection flaw
(A) Omission of Security-relevant Information
(B) SQL Injection
(C) Insufficient Entropy
(D) Insertion of Sensitive Information into Log File
(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Injection
(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Injection
(A) Broken Access Control
(B) Insecure Design
(C) Software and Data Integrity Failure
(D) Cryptographic Failure
Solutions:
(1) B, C, D
(2) A, B, D
(3) A, C
(4) B
(5) B, D
(6) B
(7) A, D
(8) D
(9) C
(10) D
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.
