nerdexam
(ISC)2

CISSP · Question #1398

To minimize the vulnerabilities of a web-based application, which of the following FIRST actions will lock down the system and minimize the risk of an attack?

The correct answer is D. Apply the latest vendor patches and updates. Applying the latest vendor patches and updates is the first action that will lock down the system and minimize the risk of an attack, because it will fix any known vulnerabilities or bugs that could be exploited by attackers. Installing an antivirus on the server, running a vulne

Submitted by stefanr· Mar 5, 2026Security Operations

Question

To minimize the vulnerabilities of a web-based application, which of the following FIRST actions will lock down the system and minimize the risk of an attack?

Options

  • AInstall an antivirus on the server
  • BRun a vulnerability scanner
  • CReview access controls
  • DApply the latest vendor patches and updates

How the community answered

(56 responses)
  • A
    7% (4)
  • B
    2% (1)
  • C
    11% (6)
  • D
    80% (45)

Explanation

Applying the latest vendor patches and updates is the first action that will lock down the system and minimize the risk of an attack, because it will fix any known vulnerabilities or bugs that could be exploited by attackers. Installing an antivirus on the server, running a vulnerability scanner, and reviewing access controls are also important security measures, but they are not the first actions to take. An antivirus may not detect all types of malware, a vulnerability scanner may not find all the flaws in the system, and access controls may not prevent all unauthorized access.

Topics

#Patch management#Vulnerability management#System hardening#Web application security

Community Discussion

No community discussion yet for this question.

Full CISSP Practice