CS0-003
Vulnerability Management
hard
Question 1 of 27

A penetration test report identifies that the organization's web application is vulnerable to insecure deserialization. The development team asks the security analyst to explain the appropriate mitigation. What should the analyst recommend?

AAvoid deserializing data from untrusted sources and implement integrity checks such as digital signatures on serialized objects
BIncrease web server CPU and memory to handle deserialization errors gracefully
CEnable TLS 1.3 for all web application connections
DApply network-level rate limiting on the application load balancer

More Vulnerability Management Questions

27 questions

Full CompTIA CySA+ Practice Test

All topics covered

All CompTIA CySA+ Questions

Browse by topic

Related Questions

What is the difference between credentialed and non-credentialed vulnerability scanning?...

easy

What does CVSS stand for, and what is its primary purpose?...

easy

Which type of vulnerability scanning is performed without deploying an agent on the target system?...

easy

A vulnerability scanner reports a critical CVE on a server, but the organization's security team det...

medium

An analyst is reviewing the output of a web application scanner and finds a reflected cross-site scr...

medium
View all Vulnerability Management questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account