Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.

Which one of the following security controls is most effective against zero-day attacks?


A. Application control
B. Signature-based antivirus
C. Vulnerability scans
D. Intrusion prevention systems


Correct Answer: A.


Zero-day attacks are attacks that are not previously known to the security community. Therefore, signature based controls, such as vulnerability scans, antivirus software, and intrusion prevention systems are not effective against these attacks. Application control software may use whitelisting to limit software running on a system to a list of known good applications. This technique may prevent zero-day malware from running on the protected system.