🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional80 / 124
Question 80 of 124
A development team is building a cloud-native SaaS application that stores customer payment card numbers and personal data in a managed database. During a security review, an assessor notes that the application transmits session tokens over HTTPS but stores card numbers in the database as plaintext, and the application logs include full card numbers for debugging. Which OWASP Top 10 category best describes this finding, and what is the most appropriate remediation?
Reviewed for accuracy · Report an issueNext question