Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CompTIA Exam PT0-002 Topic 4 Question 82 Discussion

Actual exam question for CompTIA's PT0-002 exam
Question #: 82
Topic #: 4
[All PT0-002 Questions]

Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, E

A01-Injection

A02-Broken Authentication

A03-Sensitive Data Exposure

A04-XXE

A05-Broken Access Control

A06-Security Misconfiguration

A07-XSS

A08-Insecure Deserialization

A09-Using Components with Known Vulnerabilities

A10-Insufficient Logging & Monitoring


Cross-site scripting (XSS) and injection flaws are two of the web-application security risks that are part of the OWASP Top 10 v2017 list. XSS is a type of attack that injects malicious scripts into web pages or applications that are viewed by other users, resulting in compromised sessions, stolen cookies, or redirected browsers. Injection flaws are a type of attack that exploits a vulnerability in an application's data input or output, such as SQL injection, command injection, or LDAP injection, resulting in unauthorized access, data loss, or remote code execution. The other options are not part of the OWASP Top 10 v2017 list.

by Bulah at May 05, 2025, 06:24 AM

Limited Time Offer

25%

Off

Get Premium PT0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Desiree
7 days ago
I'm not sure about the other options, but I know for sure that Cross-site scripting and Injection flaws are common web-application security risks.
upvoted 0 times
...
Pearlie
8 days ago
I'm with Na and Niesha on this one. B and E are the way to go. Although I have to admit, I'm a little disappointed they didn't include 'dad jokes' as one of the options. That's a web app security risk I deal with every day.
upvoted 0 times
...
Niesha
12 days ago
I agree with Na. B and E seem like the obvious choices here. Can't believe they're still trying to trick us with buffer overflows and zero-day attacks!
upvoted 0 times
Dewitt
1 days ago
User 1: I think B and E are the right answers too.
upvoted 0 times
...
Magda
1 days ago
I think B and E are the correct choices too. Buffer overflows and zero-day attacks are old school.
upvoted 0 times
...
...
Jaime
24 days ago
I agree with Margurite, those two are definitely part of the OWASP Top 10.
upvoted 0 times
...
Margurite
1 months ago
I think the answer is B) Cross-site scripting and E) Injection flaws.
upvoted 0 times
...
Na
1 months ago
I think the correct answers are B) Cross-site scripting and E) Injection flaws. Those are definitely part of the OWASP Top 10.
upvoted 0 times
Werner
3 days ago
It's important to be aware of these risks to protect our web applications.
upvoted 0 times
...
Rosenda
5 days ago
I think you're right, those are common web-application security risks.
upvoted 0 times
...
Solange
12 days ago
I agree, Cross-site scripting and Injection flaws are definitely part of the OWASP Top 10.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77