CompTIA CySA+ (CS0-003) — Question 445

An analyst wants to ensure that users only leverage web-based software that has been pre-approved by the organization. Which of the following should be deployed?

Answer options

• A. Blocklisting
• B. Allowlisting
• C. Graylisting
• D. Webhooks

Correct answer: B

Explanation

The correct answer is B, Allowlisting, which permits only approved software, ensuring that users cannot access unapproved applications. A, Blocklisting, would deny access to specific software but does not prevent the use of unlisted applications. C, Graylisting, is a temporary measure that can allow access after certain checks, and D, Webhooks, are not related to controlling access to software.