[&] Why is the OWASP Top 10 list periodically updated?
- To maintain funding for OWASP
- To increase web developers' coding complexity
- To stay relevant with the evolving threat landscape -- Correct
- To reflect changes in web development technologies

[&] Which of the following are considered common injection attacks?
- NoSQL injection and OS command injection
- SQL injection and cross-site scripting
- All of the above -- Correct
- LDAP injection and ORM injection

[&] Which of the following is a benefit of the OWASP Top 10 for web app pen testers?
- It offers automated vulnerability detection tools.
- It offers a full curriculum for certification.
- It provides step-by-step coding tutorials.
- It helps prioritize common security risks. -- Correct

[&] How does the OWASP Top 10 benefit organizations adopting it?
- By incentivizing better code through awards
- By helping to reduce vulnerabilities by focusing on common and impactful risks -- Correct
- By mandating the use of specific development tools
- By certifying their web applications as secure automatically

[&] What is the primary purpose of the OWASP Top 10 list?
- To serve as a coding standard for developers
- To offer a classification of the most critical web application security risks -- Correct
- To provide a comprehensive methodology for securing web applications
- To predict the evolution of web development

[&] What was a significant change in the OWASP Top 10 2021 release?
- Inclusion of mobile application security risks
- Shift to entirely AI-based risk rankings
- Removal of the injection vulnerability category
- Introduction of three new categories and four naming/scoping changes -- Correct