CISSP Question #1252: Real Exam Question with Answer & Explanation

The correct answer is D: Software inventory. The breach occurred due to an exploited open-source component. The FIRST step to prevent this is D. Software inventory, and here's why: CISSP Domain Alignment: Domain 2 (Asset Security) and Domain 8 (Software Development Security) emphasize maintaining a software inventory to tra

Submitted by katya_ua· Mar 5, 2026Asset Security

Question

A breach investigation found a website was exploited through an open source component. What is the FIRST step in the process that could have prevented this breach?

Options

AApplication whitelisting
BWeb application firewall (WAF)
CVulnerability remediation
DSoftware inventory

Explanation

The breach occurred due to an exploited open-source component. The FIRST step to prevent this is D. Software inventory, and here's why: CISSP Domain Alignment: Domain 2 (Asset Security) and Domain 8 (Software Development Security) emphasize maintaining a software inventory to track all components (including open-source libraries). Without knowing what software is in use, vulnerabilities cannot be identified or managed.

Topics

#software inventory#asset management#vulnerability management#open-source security

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions