ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CV0-003 All Questions

View all questions & answers for the CV0-003 exam
Go to Exam

Exam CV0-003 topic 1 question 59 discussion

Actual exam question from CompTIA's CV0-003
Question #: 59
Topic #: 1
[All CV0-003 Questions]

An SQL injection vulnerability was reported on a web application, and the cloud platform team needs to mitigate the vulnerability while it is corrected by the development team. Which of the following controls will BEST mitigate the risk of exploitation?

  • A. DLP
  • B. HIDS
  • C. NAC
  • D. WAF
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by ironman_86 at Sept. 6, 2022, 6:20 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
uzey
11 months, 3 weeks ago
Selected Answer: D
A Web Application Firewall (WAF) is the most effective immediate control to mitigate an SQL injection vulnerability. It can inspect and filter incoming web traffic, detecting and blocking malicious SQL injection attempt
upvoted 1 times
...
yyCherubim
1 year, 8 months ago
HIDS huh? Because it did such a good job at detecting the first SQL Injection, that we should rely on it this time?
upvoted 2 times
reto1
10 months, 3 weeks ago
HIDS (Host Intrusion Detection System): Monitors a single host for malicious activity but may not effectively prevent SQL injection attacks on a web application level.
upvoted 1 times
...
...
maelo
2 years, 3 months ago
Selected Answer: B
WAF = web application FW. Wikipedia: "specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service". This doesn't match SQL type.
upvoted 1 times
kuzummjakk
1 year, 5 months ago
The SQL vulnerability was detected on a WEB APPLICATION. SQL's in the backend, but it's interacted with via HTTP. a HIDS only DETECTS intrusions, it does nothing about it and seeing as the SQL injection is made through interacting with the web application and not intruding the host, it makes even less sense.
upvoted 1 times
...
...
BeauChateau
2 years, 3 months ago
Selected Answer: D
D. WAF (Web Application Firewall) A WAF is the best control to mitigate the risk of SQL injection vulnerabilities while the development team fixes the issue. A WAF can identify and block SQL injection attacks by analyzing the traffic between the application and the user. It can also help to protect against other types of attacks that exploit web application vulnerabilities.
upvoted 4 times
...
bagsik89
2 years, 5 months ago
Selected Answer: D
WAF is the best technical control against SQL Injection
upvoted 1 times
...
JVen
2 years, 8 months ago
Selected Answer: D
This should be D
upvoted 3 times
...
Not_That_Guy
2 years, 9 months ago
Selected Answer: D
Clearly WAF
upvoted 2 times
...
ryanzou
2 years, 10 months ago
Selected Answer: D
DO DOUBT, it is WAF.
upvoted 1 times
...
i_bird
2 years, 10 months ago
Even the nugget of information given with the answer point to WAF...
upvoted 4 times
...
achow26
2 years, 11 months ago
Answer should be D.
upvoted 2 times
...
ironman_86
2 years, 11 months ago
Why not D? HIDS will only detect and will not prevent the exploitation.
upvoted 2 times
maelo
2 years, 3 months ago
HIDS = host-based IDS/IPS - Intrusion Detection/*Prevention* System
upvoted 1 times
Locy333
1 year, 5 months ago
HIDS and HIPS are different systems. HIDS detects only, if the answer stated HIPS then it would be a viable prevention option.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel