ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
A development team is deploying a customer-facing microservices application. They need a security control that instruments the running code, watches every database call, and can automatically block a detected SQL injection attempt before it leaves the service. Which runtime protection mechanism best satisfies this requirement?
Container image vulnerability scanner in the CI pipeline
Runtime Application Self-Protection (RASP) embeds security logic directly into the application or its runtime environment, inspecting calls such as database queries with full context and blocking malicious payloads like SQL injection in real time. A Web Application Firewall sits at the network edge and may lack the application context needed for precise blocking. Address Space Layout Randomization hardens process memory layout but does not inspect application-level requests. A CI pipeline image scanner helps find known vulnerabilities before deployment rather than defending the application while it executes.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Runtime Application Self-Protection (RASP)?
Open an interactive chat with Bash
How does RASP differ from a Web Application Firewall (WAF)?
Open an interactive chat with Bash
What is SQL injection, and why is blocking it important?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)