Certified Cloud Security Professional (CCSP) — Question 255

Which of the following threat types can occur when encryption is not properly applied or insecure transport mechanisms are used?

Answer options

• A. Security misconfiguration
• B. Insecure direct object references
• C. Sensitive data exposure
• D. Unvalidated redirects and forwards

Correct answer: C

Explanation

The correct answer is C, Sensitive data exposure, as it directly relates to the risks associated with improper encryption and insecure transport mechanisms, leading to the potential leakage of sensitive information. The other options, while they are security threats, do not specifically address the consequences of inadequate encryption or insecure transport methods.