CompTIA SecurityX (CAS-005) — Question 11

While performing mandatory monthly patch updates on a production application server, the security analyst reports an instance of buffer overflow for a new application that was migrated to the cloud and is also publicly exposed. Security policy requires that only internal users have access to the application. Which of the following should the analyst implement to mitigate the issues reported? (Choose two.)

Answer options

• A. Configure firewall rules to block all external traffic.
• B. Enable input validation for all fields.
• C. Enable automatic updates to be installed on all servers.
• D. Configure the security group to enable external traffic.
• E. Set up a DLP policy to alert for exfiltration on all application servers.
• F. Enable nightly vulnerability scans.

Correct answer: A, B

Explanation

The correct answers, A and B, address the identified security risks by blocking external access and ensuring that all input is validated to prevent buffer overflow attacks. Options C, D, E, and F do not directly mitigate the immediate risks associated with the buffer overflow and unauthorized access as outlined in the scenario.