CompTIA Security+ (SY0-501) — Question 417

A recent penetration test revealed several issues with a public-facing website used by customers. The testers were able to:
✑ Enter long lines of code and special characters
✑ Crash the system
✑ Gain unauthorized access to the internal application server
✑ Map the internal network
The development team has stated they will need to rewrite a significant portion of the code used, and it will take more than a year to deliver the finished product.
Which of the following would be the BEST solution to introduce in the interim?

Answer options

• A. Content fileting
• B. WAF
• C. TLS
• D. IPS/IDS
• E. UTM

Correct answer: E

Explanation

The best interim solution is UTM (Unified Threat Management) as it offers comprehensive security features, including intrusion prevention, firewall capabilities, and malware protection that can help mitigate the identified vulnerabilities. While a WAF (Web Application Firewall) could also provide protection for web applications, UTM solutions cover a broader range of security needs. Other options like TLS are focused on encryption and do not address the vulnerabilities directly, and IPS/IDS mainly monitor and respond to threats rather than providing a proactive defense.