ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 325 discussion

Actual exam question from ISC's CISSP
Question #: 325
Topic #: 1
[All CISSP Questions]

To minimize the vulnerabilities of a web-based application, which of the following FIRST actions will lock down the system and minimize the risk of an attack?

  • A. Apply the latest vendor patches and updates
  • B. Run a vulnerability scanner
  • C. Review access controls
  • D. Install an antivirus on the server
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by WiDeBarulho at Oct. 25, 2022, 1:15 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Herc1234
Highly Voted 1 year, 5 months ago
Someone explain to me how option A locks down the system? That is the word that is throwing me off.
upvoted 6 times
eboehm
1 year, 2 months ago
locking down a system is just another weird cissp way of say hardening. One of the steps to hardening your system is having the latest security updates
upvoted 2 times
SangSang
5 months, 1 week ago
And where did you find the hardening in the question?
upvoted 1 times
...
...
...
KingsterKok
Most Recent 2 weeks ago
Selected Answer: C
"Lock down" is the key word. If the web application not required external facing, then restrict the web server from internet access can reduce the risk of attack.
upvoted 1 times
...
BigITGuy
3 months ago
Selected Answer: A
Unpatched vulnerabilities are the #1 cause of successful attacks on web-based applications.
upvoted 1 times
...
79cc092
11 months, 1 week ago
Use CrowdStrike Falcon
upvoted 1 times
1460168
11 months ago
Sure, we do. ;)
upvoted 1 times
...
...
Soleandheel
1 year, 6 months ago
A. Apply the latest vendor patches and updates. Regularly applying patches and updates from the vendor is a fundamental security practice to address known vulnerabilities and security issues in software. It helps ensure that your web-based application is running the latest, most secure version of the software.
upvoted 2 times
...
luciusinf
2 years, 4 months ago
Selected Answer: A
It's A
upvoted 3 times
jackdryan
2 years, 1 month ago
A is correct
upvoted 1 times
...
...
DJOEK
2 years, 5 months ago
Selected Answer: A
Patches and updates are the 1st step. Reviewing access controls is useless when they can make use of a known vulnerability and bypass it.
upvoted 3 times
...
omarin25
2 years, 7 months ago
A is the first action
upvoted 1 times
...
Jamati
2 years, 7 months ago
Selected Answer: A
Patches and updates are the 1st step.
upvoted 1 times
...
franbarpro
2 years, 8 months ago
Our home computers are now more secure then work computers for this one simple reason. We get automatic updates...... unless you turned that off. Work computers can't say the samething! So, A
upvoted 1 times
...
WiDeBarulho
2 years, 8 months ago
Selected Answer: C
Option "A" does not "lock down the system". It only ensures some publicly known vulnerabilities and exploits are addressed. Reviewing access controls is the only way to lock down the system.
upvoted 4 times
liledag
2 years, 3 months ago
The way this question is asked, it can be both A or C. ill go with A
upvoted 1 times
...
WiDeBarulho
2 years, 8 months ago
Never mind. The question specifically asks to minimize the impact of vulnerabilities so option "A" is correct.
upvoted 3 times
Jayelv
6 months, 1 week ago
when you mentioned this it all makes sense
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel