Free CompTIA PenTest+ PT0-002 Practice Question

When conducting a security assessment of a web application, you discover that the application fails to properly restrict URL access to a function that should only be accessible to users with administrative privileges. Through this functionality, non-admin users can perform sensitive operations which poses a significant security risk. Based on the OWASP Top 10 list, which vulnerability category does this scenario BEST align with?

  • A04:2021-Insecure Direct Object References (IDOR)

  • A03:2021-Injection

  • A10:2021-Insufficient Logging & Monitoring

  • A01:2021-Broken Access Control

This question's topic:
CompTIA PenTest+ PT0-002 / 
Attacks and Exploits
Your Score:

Check or uncheck an objective to set which questions you will receive.