CISSP Question #1479: Real Exam Question with Answer & Explanation

The correct answer is A: Add a new rule to the application layer firewall. An application layer firewall (such as a Web Application Firewall, or WAF) can inspect HTTP/HTTPS traffic and block malicious inputs (for example, SQL-injection or XSS patterns) without changing the underlying application code, so it can be deployed quickly as an interim For a cr

Submitted by yasin.bd· Mar 5, 2026Security Architecture and Engineering

Question

An input validation and exception handling vulnerability has been discovered on a critical web- based system. Which of the following is MOST suited to quickly implement a control?

Options

AAdd a new rule to the application layer firewall
BBlock access to the service
CInstall an Intrusion Detection System (IDS)
DPatch the application source code

Explanation

An application layer firewall (such as a Web Application Firewall, or WAF) can inspect HTTP/HTTPS traffic and block malicious inputs (for example, SQL-injection or XSS patterns) without changing the underlying application code, so it can be deployed quickly as an interim For a critical system where immediate patching may be risky or time-consuming, adding a new rule to the WAF or application-layer firewall is the fastest way to reduce exposure while the application source-code patch is developed and tested.

Topics

#Input validation#Web application security#WAF#Vulnerability mitigation

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions