CISSP Question #934: Real Exam Question with Answer & Explanation

The correct answer is A: Minimizing attack surface area. Minimizing the attack surface area is a core principle of application security. The attack surface refers to the various points (e.g., interfaces, inputs, and code paths) where an attacker could potentially gain access to a system. By minimizing the attack surface, you reduce the

Submitted by deeparc· Mar 5, 2026Software Development Security

Question

Proven application security principles include which of the following?

Options

AMinimizing attack surface area
BHardening the network perimeter
CAccepting infrastructure security controls
DDeveloping independent modules

Explanation

Minimizing the attack surface area is a core principle of application security. The attack surface refers to the various points (e.g., interfaces, inputs, and code paths) where an attacker could potentially gain access to a system. By minimizing the attack surface, you reduce the number of opportunities available for attackers to exploit vulnerabilities. This can be achieved by: Removing unnecessary functionality. Limiting user inputs. Reducing the number of exposed services or components. Ensuring that only essential parts of the application are accessible. This principle is part of a broader approach to making applications more secure by focusing on reducing the exposure to threats.

Topics

#application security#attack surface reduction#secure design principles

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions