101 · Question #646
Which security model provides protection from unknown attacks?
The correct answer is D. Positive security model. The positive security model protects against unknown attacks because it only allows explicitly defined and approved traffic, blocking anything not on the allowlist including novel or zero-day threats.
Question
Which security model provides protection from unknown attacks?
Options
- AACL Security model
- Bclosed security model
- CNegative security model
- DPositive security model
How the community answered
(25 responses)- B4% (1)
- C4% (1)
- D92% (23)
Why each option
The positive security model protects against unknown attacks because it only allows explicitly defined and approved traffic, blocking anything not on the allowlist including novel or zero-day threats.
ACL security models filter on network-layer attributes like IP and port and have no mechanism to detect or block unknown application-layer attack patterns.
'Closed security model' is not a standard recognized security model classification in this context.
The negative security model only blocks known bad patterns via a blacklist, meaning unknown or novel attacks that are not yet catalogued will pass through undetected.
The positive security model enforces a default-deny posture by maintaining a strict allowlist of acceptable requests. Because unknown or novel attack patterns are by definition not on the allowlist, they are automatically blocked without requiring any prior knowledge of the attack. This is its key advantage over blacklist-based approaches.
Concept tested: Positive security model protection against unknown threats
Source: https://owasp.org/www-community/controls/Positive_Security_Model
Topics
Community Discussion
No community discussion yet for this question.