nerdexam
(ISC)2

CISSP · Question #1215

Which application type is considered high risk and provides a common way for malware and viruses to enter a network?

The correct answer is C. Peer-to-Peer (P2P) file sharing applications. Peer-to-Peer (P2P) file sharing applications are classified as high-risk because they enable direct file transfers between untrusted hosts, bypassing traditional security controls and acting as a common malware distribution vector.

Submitted by salim_om· Mar 5, 2026Communication and Network Security

Question

Which application type is considered high risk and provides a common way for malware and viruses to enter a network?

Options

  • AInstant messaging or chat applications
  • BE-mail applications
  • CPeer-to-Peer (P2P) file sharing applications
  • DEnd-to-end applications

How the community answered

(58 responses)
  • A
    2% (1)
  • B
    7% (4)
  • C
    88% (51)
  • D
    3% (2)

Why each option

Peer-to-Peer (P2P) file sharing applications are classified as high-risk because they enable direct file transfers between untrusted hosts, bypassing traditional security controls and acting as a common malware distribution vector.

AInstant messaging or chat applications

While instant messaging and chat applications carry some risk (e.g., phishing links or file transfers), they are not primarily classified as the most common high-risk vector for malware and virus entry compared to P2P applications.

BE-mail applications

Email applications are a significant attack vector for phishing and malware attachments, but they are typically protected by centralized mail security gateways and content filtering, making them less categorically 'high risk' than P2P in this context.

CPeer-to-Peer (P2P) file sharing applicationsCorrect

P2P file sharing applications are considered high risk because they create direct connections between endpoints outside normal client-server security models, allowing files-including malware and viruses-to be transferred without centralized inspection. These applications often use dynamic or non-standard ports to evade firewalls, and users frequently download files from unknown, untrusted peers, significantly increasing the chance of introducing malicious content into the network.

DEnd-to-end applications

End-to-end applications is not a standard security classification for a specific high-risk application type, and it does not describe a recognized category associated with common malware distribution methods.

Concept tested: High-risk application types and malware entry vectors

Source: https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/firewall/asa-96-firewall-config/access-acls.html

Topics

#Malware vectors#P2P security risks#Application security#Network threats

Community Discussion

No community discussion yet for this question.

Full CISSP Practice