SY0-701 • Practice Test 17
Free SY0-701 practice test — 15 questions with explanations. Set 17. No signup required.
A Java web service accepts a Base64-encoded `profile` object from the browser. During testing, changing a serialized field from `role=user` to `role=admin` causes a deserialization error unless the original signed blob is reused. When a captured valid blob is modified only slightly, the application reconstructs a different class and then exposes an internal admin page. Which attack pattern is most likely?