CISSP · Question #1479
An input validation and exception handling vulnerability has been discovered on a critical web- based system. Which of the following is MOST suited to quickly implement a control?
The correct answer is A. Add a new rule to the application layer firewall. An application layer firewall (such as a Web Application Firewall, or WAF) can inspect HTTP/HTTPS traffic and block malicious inputs (for example, SQL-injection or XSS patterns) without changing the underlying application code, so it can be deployed quickly as an interim For a cr
Question
An input validation and exception handling vulnerability has been discovered on a critical web- based system. Which of the following is MOST suited to quickly implement a control?
Options
- AAdd a new rule to the application layer firewall
- BBlock access to the service
- CInstall an Intrusion Detection System (IDS)
- DPatch the application source code
How the community answered
(23 responses)- A74% (17)
- B9% (2)
- C13% (3)
- D4% (1)
Explanation
An application layer firewall (such as a Web Application Firewall, or WAF) can inspect HTTP/HTTPS traffic and block malicious inputs (for example, SQL-injection or XSS patterns) without changing the underlying application code, so it can be deployed quickly as an interim For a critical system where immediate patching may be risky or time-consuming, adding a new rule to the WAF or application-layer firewall is the fastest way to reduce exposure while the application source-code patch is developed and tested.
Topics
Community Discussion
No community discussion yet for this question.