Certified Information Systems Security Professional (CISSP) — Question 66

To minimize the vulnerabilities of a web-based application, which of the following FIRST actions will lock down the system and minimize the risk of an attack?

Answer options

• A. Apply the latest vendor patches and updates
• B. Run a vulnerability scanner
• C. Review access controls
• D. Install an antivirus on the server

Correct answer: A

Explanation

Applying the latest vendor patches and updates is crucial as it addresses known vulnerabilities that could be exploited by attackers, thus providing immediate security improvements. Running a vulnerability scanner, reviewing access controls, and installing antivirus software are all important, but they are secondary actions that do not directly protect the system from already known threats.