Question
Which of the following OWASP Top 10 risks involves
insecure coding practices that allow attackers to gain access to sensitive data, such as usernames and passwords?Solution
Sensitive Data Exposure occurs when sensitive information, such as passwords, credit card details, or personal data, is not properly protected during storage or transmission. Weak encryption, improper key management, or lack of HTTPS for data in transit are common causes. An attacker can intercept such data using tools like packet sniffers or by exploiting vulnerabilities in the system. For example, an application storing user passwords in plain text instead of hashing them exposes users to credential theft if the database is compromised. Proper encryption, secure transmission (e.g., HTTPS), and adherence to best practices mitigate this risk. Why Other Options Are Incorrect :
- Security Misconfiguration : Refers to improper settings, like default credentials or unpatched software, not direct data exposure.
- Broken Authentication : Involves flawed authentication mechanisms, leading to unauthorized access, not sensitive data compromise.
- Insecure Deserialization : Involves execution of malicious code via tampered serialized objects, not direct data leaks.
- Insufficient Logging and Monitoring : Refers to the inability to detect and respond to security breaches, not data exposure.
Which among the following may be defined as the cost of raising an additional rupee of capital?
Interpersonal communication is a soft skill that encompasses how well an individual communicates with others, Interpersonal communication is also known ...
A current account maintained by a domestic bank with a foreign bank, in a foreign country is known as?Â
What facility allows for the daily infusion and absorption of liquidity by utilizing government securities as collateral?
Which of the following are not TRUE about CERSAI?
1.   CERSAI’s full form is Central Registry of Securitization Asset Reconstruction and ...
Collateralized Borrowing and Lending obligation is a money market instrument for the benefit for entities not having access to the interbank call money ...
Which of the following criteria is not true with respect to Stand Up India Scheme?
How does inflation in a country affect its currency's exchange rate?
As per section 47 of Companies Act, 2013, every member of a company limited by shares and holding equity share capital shall have a right to vote on eve...
FIMMDA is a voluntary market body for the bond, money, and derivatives markets, with members representing all major institutional segments. What does FI...
