Exam CISSP topic 1 question 82 discussion

Unlikely able to detect and mitigate zero-day attacks. Libraries may contain scripts that APTs can use to perform malicious activities

C. Zero day attacks. A zero day attack means the vulnerability was present from day 0. The only thing that would prevent it is constantly checking your open source libraries to see if there are updates because of a vulnerability. Same as patches and updates.

Zero-day attacks exploit vulnerabilities that are unknown to the software vendor and for which no patch is available. Open-source libraries, being widely used, are often targets for zero-day exploits. Monitoring these libraries for newly discovered vulnerabilities allows organizations to proactively mitigate the risk of zero-day attacks by: Quickly identifying when a vulnerability is disclosed. Applying patches or workarounds as soon as they become available. Potentially implementing mitigations even before an official patch is released if details of the vulnerability are known.

Zero-day attacks exploit unknown or unpatched vulnerabilities in software. By monitoring and regularly updating open source libraries for known vulnerabilities, organizations can reduce the risk of zero-day exploits, ensuring that any discovered vulnerabilities are promptly addressed before they can be exploited by attackers.

I would go with C and here is why: monitoring libraries won’t typically prevent the full spectrum of an APT, which includes social engineering, lateral movement, and other methods beyond just exploiting software vulnerabilities.

Monitoring assets containing open source libraries for vulnerabilities is most effective in mitigating zero-day attacks. Zero-day attacks exploit vulnerabilities that are unknown to the software vendor and for which no patch exists. By tracking open-source libraries and their associated vulnerabilities, organizations can identify and address potential risks before they are exploited. The other options are less likely to be directly impacted by monitoring open source libraries: DDoS attacks target network availability, not specific vulnerabilities. APTs are persistent threats that may or may not involve exploiting software vulnerabilities. While monitoring open source libraries won't prevent all zero-day attacks, it significantly reduces the risk of exploitation.

B is the best answer out of all choices.

A Zero Day means exploiting those vulnerabilities for what there are no solutions yet. And these could be that it was not discovered and known to vendors yet. So you can’t take action for threats that are unknown, so the answer most likely is B. But anyone has confirmed answer pls confirm. Thx

You are never going to beat 0day or apt. Come on.

Well, I think you will never be able to mitigate apt risk, because they've got to get you. It's just a question of time. And APT does possessed and developed lots of Zero-day vulnerabilities as well.

I agree with C as well.

The answer is C. As stated earlier by thanhlb, C includes B.. or part of B.. APTs use zero days.. but also employ Social Engineering, which wouldn't be covered in a vulnerability library

From the v.9th OSG - One of the key differences between APT attackers and other malware authors is that these malware developers often have access to zero-day exploits that are not known to software vendors. So, B includes C

Zero day attacks means nobody know this weak point at current time. So even you check the code you still don't know . But you can improve your code to prevent the knowed APT attacks.

is Zero Days, the most likely in open source is Zero Day attacks, instead the APTs, can compromise a organization no just by monitoring the assets with open source, the TTPs used by APTs can process more than assets in open source.

Reading how many people say Zero Attack makes me not want to open the comment section ever again!!

C include B