Which web application attack involves an attacker accessing, and potentially changing, serialized versions of data and objects?
- broken authentication
- insecure deserialization
- security misconfiguration
- cross-site scripting
Explanation: An insecure deserialization attack occurs when an attacker gains access to, and potentially changes, serialized versions of data and objects. This attack can be mitigated by ensuring validation before deserializing objects.
Exam with this question: 6.6.2 Module 6: Application Deployment and Security Quiz
Please login or Register to submit your answer