Which of the following is NOT one of the OWASP Top 10

Solution

The OWASP Top 10 is a list that identifies the most critical security risks to web applications. While SQL Injection, Cross-Site Scripting (XSS), and Insecure Deserialization are recognized as top risks, Denial of Service (DoS) attacks are generally considered more of a network or system-level risk rather than a web application security risk. The OWASP Top 10 focuses primarily on issues that can be exploited through web applications themselves. Option A (SQL Injection) is incorrect because it is one of the most well-known vulnerabilities and is part of the OWASP Top 10. Option B (Cross-Site Scripting) is also incorrect as it is a significant vulnerability included in the OWASP list. Option D (Insufficient Logging & Monitoring) is incorrect since this risk highlights the importance of having robust logging mechanisms to detect and respond to incidents. Option E (Insecure Deserialization) is incorrect because it refers to vulnerabilities arising when untrusted data is deserialized without sufficient validation, making it a critical risk in web applications.