What is one of the most widely exposed vulnerabilities listed by the Open Web Applications Security Project (OWASP)?
- single-factor authentication
- weak passwords
Explanation: According to Open Web Applications Security Project (OWASP), the most widely exposed vulnerabilities are these:
Username enumeration – The threat actor is able to find valid usernames through the authentication application.
Weak passwords – The threat actor uses default passwords which have not been changed or is able to set account passwords that the threat actor chooses.
Account lockout – The threat actor finds a way to attempt to authenticate many times after multiple failed attempts.
Lack of multi-factor authentication – It is easier for a threat actor to gain access when only one form of authentication is required.
Insecure 3rd party components – As vulnerabilities are discovered, they often become patched. When components such as Secure Shell (SSH), BusyBox, or web servers are not kept up to date, the threat actor might expose these vulnerabilities and gain access.
More Questions: IoT Security 1.1 Chapter 5 Quiz Answers
More Questions: IoT Sec 1.1 Fundamentals: IoT Security Final Exam Answers