nerdexam
ExamsCISSPQuestions#502
(ISC)2(ISC)2

CISSP · Question #502

CISSP Question #502: Real Exam Question with Answer & Explanation

The correct answer is B: Application whitelisting. Application whitelisting is the best alternative to anti-malware because it prevents unauthorized code from executing entirely, rather than detecting known threats after the fact.

Submitted by femi9· Mar 5, 2026Security Architecture and Engineering

Question

Which of the following technologies would provide the BEST alternative to anti-malware software?

Options

  • AHost-based Intrusion Detection Systems (HIDS)
  • BApplication whitelisting
  • CHost-based firewalls
  • DApplication sandboxing

Explanation

Application whitelisting is the best alternative to anti-malware because it prevents unauthorized code from executing entirely, rather than detecting known threats after the fact.

Common mistakes.

  • A. HIDS monitors system activity and alerts on suspicious behavior or policy violations, but it is a detection mechanism - it does not inherently prevent malware from executing in the first place.
  • C. Host-based firewalls control inbound and outbound network traffic based on rules, but they do not inspect or block the execution of malicious files or code already resident on the host.
  • D. Application sandboxing isolates a running application to limit the damage it can cause, but it still allows the potentially malicious application to execute; it does not prevent the malware from running as whitelisting does.

Concept tested. Application whitelisting as proactive malware prevention control

Reference. https://csrc.nist.gov/publications/detail/sp/800-167/final

Topics

#Application whitelisting#anti-malware alternative#endpoint security#preventative controls

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISSP PracticeBrowse All CISSP Questions