Question
Which of the following OWASP Top 10 risks involves
insecure coding practices that allow attackers to gain access to sensitive data, such as usernames and passwords?Solution
Sensitive Data Exposure occurs when sensitive information, such as passwords, credit card details, or personal data, is not properly protected during storage or transmission. Weak encryption, improper key management, or lack of HTTPS for data in transit are common causes. An attacker can intercept such data using tools like packet sniffers or by exploiting vulnerabilities in the system. For example, an application storing user passwords in plain text instead of hashing them exposes users to credential theft if the database is compromised. Proper encryption, secure transmission (e.g., HTTPS), and adherence to best practices mitigate this risk. Why Other Options Are Incorrect :
- Security Misconfiguration : Refers to improper settings, like default credentials or unpatched software, not direct data exposure.
- Broken Authentication : Involves flawed authentication mechanisms, leading to unauthorized access, not sensitive data compromise.
- Insecure Deserialization : Involves execution of malicious code via tampered serialized objects, not direct data leaks.
- Insufficient Logging and Monitoring : Refers to the inability to detect and respond to security breaches, not data exposure.
The pH of blood is primarily regulated by:
Which chemical is used to make artificial rain?
What is the product of the reaction?
CH₃COOH + CH₃OH → (H⁺, heat)
A mobile phone charger is
Insulin is secreted by which organ?
Noise is measured in –
The Weight of an object on Earth is 600 N. What will be its weight on moon?
Which of the following is an unsaturated hydrocarbon ?
The sharpness of a television image is termed as its –
NaOH + HC1 -> NaCl + H₂ O in the given chemical reaction
