nerdexam
GIAC

GSLC · Question #348

GSLC Question #348: Real Exam Question with Answer & Explanation

The correct answer is A. Implement the IPP printing capability.. Implementing IPP (Internet Printing Protocol) printing capability does not prevent IIS buffer overflow attacks - it actually introduces an additional attack surface and was historically associated with IIS vulnerabilities.

Question

All of the following steps should be taken to prevent a Web server from IIS buffer overflow attacks except for which one?

Options

  • AImplement the IPP printing capability.
  • BConduct frequent scans for server vulnerabilities.
  • CInstall the upgrades of Microsoft service packs.
  • DImplement effective firewalls.

Explanation

Implementing IPP (Internet Printing Protocol) printing capability does not prevent IIS buffer overflow attacks - it actually introduces an additional attack surface and was historically associated with IIS vulnerabilities.

Common mistakes.

  • B. Frequent vulnerability scanning identifies unpatched weaknesses before attackers can exploit them, directly supporting buffer overflow prevention.
  • C. Installing Microsoft service packs applies security patches that fix known buffer overflow vulnerabilities in IIS components.
  • D. Effective firewalls restrict inbound traffic and can block exploit payloads targeting IIS, reducing the likelihood of a successful buffer overflow attack.

Concept tested. IIS hardening and buffer overflow prevention

Reference. https://learn.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-023

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSLC Practice
All of the following steps should be taken to prevent a Web server... | GSLC Q#348 Answer | NerdExam