CompTIA Security Plus Mock Test Q850

Which of the following should a company implement to BEST mitigate from zero-day malicious code executing on employees’ computers?

A. Least privilege accounts
B. Host-based firewalls
C. Intrusion Detection Systems
D. Application white listing

Correct Answer: D
Section: Application, Data and Host Security

Explanation:
Application whitelisting is a security stance that prohibits unauthorized software from being able to execute unless it is on the preapproved exception list: the whitelist. This prevents
any and all software, including malware, from executing unless it is on the whitelist. This can help block zero-day attacks, which are new attacks that exploit flaws or vulnerabilities in
targeted systems and applications that are unknown or undisclosed to the world in general.

Incorrect Answers:
A: Least privilege is a security stance in which users are granted the minimum necessary access, permissions, and privileges that they require to accomplish their work tasks. It does
not mitigate from zero-day exploits
B: A host-based firewall is designed to protect the host from network based attack by using filters to limit the network traffic that is allowed to enter or leave the host. The action of a
filter is to allow, deny, or log the network packet. Allow enables the packet to continue toward its destination. Deny blocks the packet from going any further and effectively discarding it.
Log records information about the packet into a log file. Filters can be based on protocol and ports.
C: Intrusion detection systems (IDSs) are designed to detect suspicious activity based on a database of known attacks. It does not detect zero-day exploits that are new attacks that
exploit flaws or vulnerabilities in targeted systems and applications that are unknown or undisclosed to the world in general.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 5-8, 12, 22, 82, 121, 241
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 26, 221, 236,338