CISSP · Question #1215
Which application type is considered high risk and provides a common way for malware and viruses to enter a network?
The correct answer is C. Peer-to-Peer (P2P) file sharing applications. Peer-to-Peer (P2P) file sharing applications are classified as high-risk because they enable direct file transfers between untrusted hosts, bypassing traditional security controls and acting as a common malware distribution vector.
Question
Options
- AInstant messaging or chat applications
- BE-mail applications
- CPeer-to-Peer (P2P) file sharing applications
- DEnd-to-end applications
How the community answered
(58 responses)- A2% (1)
- B7% (4)
- C88% (51)
- D3% (2)
Why each option
Peer-to-Peer (P2P) file sharing applications are classified as high-risk because they enable direct file transfers between untrusted hosts, bypassing traditional security controls and acting as a common malware distribution vector.
While instant messaging and chat applications carry some risk (e.g., phishing links or file transfers), they are not primarily classified as the most common high-risk vector for malware and virus entry compared to P2P applications.
Email applications are a significant attack vector for phishing and malware attachments, but they are typically protected by centralized mail security gateways and content filtering, making them less categorically 'high risk' than P2P in this context.
P2P file sharing applications are considered high risk because they create direct connections between endpoints outside normal client-server security models, allowing files-including malware and viruses-to be transferred without centralized inspection. These applications often use dynamic or non-standard ports to evade firewalls, and users frequently download files from unknown, untrusted peers, significantly increasing the chance of introducing malicious content into the network.
End-to-end applications is not a standard security classification for a specific high-risk application type, and it does not describe a recognized category associated with common malware distribution methods.
Concept tested: High-risk application types and malware entry vectors
Source: https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/firewall/asa-96-firewall-config/access-acls.html
Topics
Community Discussion
No community discussion yet for this question.