nerdexam
(ISC)2

CISSP · Question #1479

An input validation and exception handling vulnerability has been discovered on a critical web- based system. Which of the following is MOST suited to quickly implement a control?

The correct answer is A. Add a new rule to the application layer firewall. An application layer firewall (such as a Web Application Firewall, or WAF) can inspect HTTP/HTTPS traffic and block malicious inputs (for example, SQL-injection or XSS patterns) without changing the underlying application code, so it can be deployed quickly as an interim For a cr

Submitted by yasin.bd· Mar 5, 2026Security Architecture and Engineering

Question

An input validation and exception handling vulnerability has been discovered on a critical web- based system. Which of the following is MOST suited to quickly implement a control?

Options

  • AAdd a new rule to the application layer firewall
  • BBlock access to the service
  • CInstall an Intrusion Detection System (IDS)
  • DPatch the application source code

How the community answered

(23 responses)
  • A
    74% (17)
  • B
    9% (2)
  • C
    13% (3)
  • D
    4% (1)

Explanation

An application layer firewall (such as a Web Application Firewall, or WAF) can inspect HTTP/HTTPS traffic and block malicious inputs (for example, SQL-injection or XSS patterns) without changing the underlying application code, so it can be deployed quickly as an interim For a critical system where immediate patching may be risky or time-consuming, adding a new rule to the WAF or application-layer firewall is the fastest way to reduce exposure while the application source-code patch is developed and tested.

Topics

#Input validation#Web application security#WAF#Vulnerability mitigation

Community Discussion

No community discussion yet for this question.

Full CISSP Practice