Practice free →
HomeBCA Cyber SecuritycybersecurityWeb Security — OWASP › Which OWASP Top 10 2021 category occupies the #1…

Which OWASP Top 10 2021 category occupies the #1 position?

AInjection
BSecurity Misconfiguration
CCross-Site Scripting (XSS)
DBroken Access Control
Answer & Solution
Correct answer: D. Broken Access Control
1. OWASP Top 10 2021 ranks BROKEN ACCESS CONTROL as A01 — the #1 risk. 2. Moved up from #5 in 2017 due to its prevalence: 94% of applications tested had some form of broken access control. 3. Examples: a regular user accessing /admin endpoints, IDOR (changing ?id=42 to ?id=43 to see another user's data), missing access checks on API calls. 4. Mitigation: enforce access controls SERVER-SIDE on every request, deny by default, log access control failures. 5. INJECTION (option A) is A03 in 2021. XSS is now grouped INTO Injection. Misconfiguration is A05. _Source: OWASP Top 10 2021 — A01: Broken Access Control._
Solve this in the app — BCA Cyber Security practice & 24k+ MCQs →
Related questions