CompTIA PenTest+ PT0-002 Practice Question

When conducting a security assessment of a web application, you discover that the application fails to properly restrict URL access to a function that should only be accessible to users with administrative privileges. Through this functionality, non-admin users can perform sensitive operations which poses a significant security risk. Based on the OWASP Top 10 list, which vulnerability category does this scenario BEST align with?

  • A04:2021-Insecure Direct Object References (IDOR)

  • A01:2021-Broken Access Control

  • A03:2021-Injection

  • A10:2021-Insufficient Logging & Monitoring

CompTIA PenTest+ PT0-002
Attacks and Exploits
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot