Which of the following flaws refers to an application using poorly written encryption code to securely encrypt and store sensitive data…?

Today, most organizations would agree that their most valuable IT assets reside within
applications and databases. Most would probably also agree that these are areas that have
the weakest levels of security, thus making them the prime target for malicious activity from
system administrators, DBAs, contractors, consultants, partners, and customers.

Which of the following flaws refers to an application using poorly written encryption code to
securely encrypt and store sensitive data in the database and allows an attacker to steal or
modify weakly protected data such as credit card numbers, SSNs, and other authentication
credentials?

Today, most organizations would agree that their most valuable IT assets reside within
applications and databases. Most would probably also agree that these are areas that have
the weakest levels of security, thus making them the prime target for malicious activity from
system administrators, DBAs, contractors, consultants, partners, and customers.

Which of the following flaws refers to an application using poorly written encryption code to
securely encrypt and store sensitive data in the database and allows an attacker to steal or
modify weakly protected data such as credit card numbers, SSNs, and other authentication
credentials?

A.
SSI injection attack

B.
Insecure cryptographic storage attack

C.
Hidden field manipulation attack

D.
Man-in-the-Middle attack

Show Hint

← Previous question

Next question →