Certified Cloud Security Professional – CCSP – Question076

Which of the following threat types can occur when baselines are not appropriately applied or unauthorized changes are made?

A.
Insecure direct object references
B. Unvalidated redirects and forwards
C. Security misconfiguration
D. Sensitive data exposure

Correct Answer: C

Explanation:

Explanation: Security misconfigurations occur when applications and systems are not properly configured or maintained in a secure manner. This can be caused from a shortcoming in security baselines or configurations, unauthorized changes to system configurations, or a failure to patch and upgrade systems as the vendor releases security patches.