📚 Topic Summary
Multiple choice questions focusing on the OWASP Top Ten are designed to assess your understanding of common web application vulnerabilities. These questions cover topics like Injection, Broken Authentication, Cross-Site Scripting (XSS), and more. Working through practice questions helps you recognize vulnerabilities and apply secure coding principles, preparing you to build and maintain safer web applications.
🧮 Part A: Vocabulary
Match the term with the correct definition:
| Term |
Definition |
| 1. Injection |
A. Failing to protect user identities and session management. |
| 2. Broken Authentication |
B. Flaws that occur when an application sends untrusted data to an interpreter. |
| 3. XSS (Cross-Site Scripting) |
C. A type of injection where malicious scripts are injected into trusted websites. |
| 4. Security Misconfiguration |
D. Improperly configured security settings, leading to vulnerabilities. |
| 5. Vulnerable and Outdated Components |
E. Using components with known vulnerabilities without patching. |
Match the terms to their definitions. Answers: 1-B, 2-A, 3-C, 4-D, 5-E
✍️ Part B: Fill in the Blanks
Complete the following paragraph with the missing words:
__________ vulnerabilities allow attackers to execute malicious commands on the server. __________ involves flaws in how the application verifies users, potentially granting unauthorized access. Mitigating these risks requires implementing input __________ and using strong __________ methods.
Possible Answers: Injection, Broken Authentication, Validation, Authentication
🤔 Part C: Critical Thinking
Describe a scenario where a web application is vulnerable to Cross-Site Scripting (XSS) and explain the potential impact on users.