Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam PT0-002 Topic 4 Question 82 Discussion

Actual exam question for CompTIA's PT0-002 exam
Question #: 82
Topic #: 4
[All PT0-002 Questions]

Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, E

A01-Injection

A02-Broken Authentication

A03-Sensitive Data Exposure

A04-XXE

A05-Broken Access Control

A06-Security Misconfiguration

A07-XSS

A08-Insecure Deserialization

A09-Using Components with Known Vulnerabilities

A10-Insufficient Logging & Monitoring


Cross-site scripting (XSS) and injection flaws are two of the web-application security risks that are part of the OWASP Top 10 v2017 list. XSS is a type of attack that injects malicious scripts into web pages or applications that are viewed by other users, resulting in compromised sessions, stolen cookies, or redirected browsers. Injection flaws are a type of attack that exploits a vulnerability in an application's data input or output, such as SQL injection, command injection, or LDAP injection, resulting in unauthorized access, data loss, or remote code execution. The other options are not part of the OWASP Top 10 v2017 list.

by Bulah at May 05, 2025, 06:24 AM

Limited Time Offer

25%

Off

Get Premium PT0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Desiree
1 months ago
I'm not sure about the other options, but I know for sure that Cross-site scripting and Injection flaws are common web-application security risks.
upvoted 0 times
...
Pearlie
2 months ago
I'm with Na and Niesha on this one. B and E are the way to go. Although I have to admit, I'm a little disappointed they didn't include 'dad jokes' as one of the options. That's a web app security risk I deal with every day.
upvoted 0 times
...
Niesha
2 months ago
I agree with Na. B and E seem like the obvious choices here. Can't believe they're still trying to trick us with buffer overflows and zero-day attacks!
upvoted 0 times
Rory
25 days ago
I agree, it's important to stay updated on these risks to protect our web applications.
upvoted 0 times
...
Willard
29 days ago
Yeah, those are definitely part of the OWASP Top 10 v2017. They're classic web security risks.
upvoted 0 times
...
Lisha
1 months ago
User 2: Yeah, buffer overflows and zero-day attacks are old tricks.
upvoted 0 times
...
Dewitt
1 months ago
User 1: I think B and E are the right answers too.
upvoted 0 times
...
Magda
1 months ago
I think B and E are the correct choices too. Buffer overflows and zero-day attacks are old school.
upvoted 0 times
...
...
Jaime
2 months ago
I agree with Margurite, those two are definitely part of the OWASP Top 10.
upvoted 0 times
...
Margurite
3 months ago
I think the answer is B) Cross-site scripting and E) Injection flaws.
upvoted 0 times
...
Na
3 months ago
I think the correct answers are B) Cross-site scripting and E) Injection flaws. Those are definitely part of the OWASP Top 10.
upvoted 0 times
Werner
1 months ago
It's important to be aware of these risks to protect our web applications.
upvoted 0 times
...
Rosenda
1 months ago
I think you're right, those are common web-application security risks.
upvoted 0 times
...
Solange
2 months ago
I agree, Cross-site scripting and Injection flaws are definitely part of the OWASP Top 10.
upvoted 0 times
...
...

Save Cancel