SY0-701 Threats, Vulnerabilities, and Mitigations • Set 7
SY0-701 Threats, Vulnerabilities, and Mitigations Practice Test 7 — 15 questions with explanations. Free, no signup.
A Java web service accepts a Base64-encoded `profile` object from the browser. During testing, changing a serialized field from `role=user` to `role=admin` causes a deserialization error unless the original signed blob is reused. When a captured valid blob is modified only slightly, the application reconstructs a different class and then exposes an internal admin page. Which attack pattern is most likely?