ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your e-commerce platform's Linux API servers are fully patched, yet a threat-intelligence alert says attackers are exploiting a previously undocumented buffer-overflow flaw in the open-source JSON parser the application uses. No CVE or vendor fix exists, and the business cannot afford downtime. To reduce exposure to this zero-day while keeping the service online, what is the BEST immediate action?
Disable HTTPS on the API endpoints so inline IDS can inspect all traffic for malicious content.
Schedule frequent antivirus signature updates on the hosts and wait for the official vendor patch.
Create and deploy custom blocking or input-validation rules on the web application firewall to virtually patch the vulnerability.
Lower the parser process priority and monitor for crashes to recover quickly if the exploit triggers.
Because no vendor patch or antivirus signature exists for a zero-day vulnerability, the safest way to maintain availability is to block exploit attempts before they reach the vulnerable code. Deploying custom rules on a web application firewall (or an IPS with virtual-patch capability) can filter malicious payload patterns or enforce strict input validation, effectively mitigating the risk until an official patch is available. Merely updating antivirus signatures will not help when no signature exists. Lowering process priority does not prevent exploitation. Disabling HTTPS to allow plaintext inspection weakens security, exposes data in transit, and still leaves the server vulnerable.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a buffer-overflow vulnerability?
Open an interactive chat with Bash
What is a web application firewall (WAF) and how does it mitigate threats?
Open an interactive chat with Bash
What does 'zero-day vulnerability' mean and why is it dangerous?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .