101 · Question #393
Network Security personnel are entirely responsible for web application security.
The correct answer is B. False. Web application security is a shared responsibility across development, operations, and security teams, not solely network security personnel.
Question
Network Security personnel are entirely responsible for web application security.
Options
- ATrue
- BFalse
How the community answered
(34 responses)- A9% (3)
- B91% (31)
Why each option
Web application security is a shared responsibility across development, operations, and security teams, not solely network security personnel.
Assigning sole responsibility to network security ignores application-layer vulnerabilities such as SQL injection or XSS that must be addressed by developers and AppSec teams.
Web application security requires collaboration among developers, application owners, security architects, and network security teams. No single group holds complete responsibility because vulnerabilities can be introduced at the code level, infrastructure level, or configuration level. A defense-in-depth model distributes accountability across all stakeholders.
Concept tested: Shared responsibility model for web application security
Source: https://owasp.org/www-project-application-security-verification-standard/
Topics
Community Discussion
No community discussion yet for this question.