Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

APISEC - API Penetration Testing > Improper Assets Management > Flashcards

Improper Assets Management Flashcards

1
Q

What is improper assets management?

A

It’s a vulnerability that happens when unsupported or non-production versions of an API are exposed. This versions can be susceptible to other vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain what is a non-production version of an API

A

A non-production version includes any version that is not meant for end-user consumption, like test versions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain what is a unsupported version.

A

These include outdated versions, like a version 1.0 of an API that’s currently in version 2.0.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Where can you check for an API version?

A

Usually the API version will be indicated in the URL, headers, query parameter or request body.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

API:2019 Improper Assets Management is most like which other common vulnerability?

A

OWASP AO6:2021 Vulnerable and Outdated Components

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is most likely a non-production version of an API?
a) api.target.com.v1
b) staging.target.com
c) target.com/v2/users
d) target.com/api/public

A

Letter b. It involves a version that’s not meant for end-user consumption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

APISEC - API Penetration Testing (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions