Preventing Zero-Day Exploits: Best Practices for Network Security

Preventing Zero-Day Exploits

Prev Question Next Question

Question

A computer on a company network was infected with a zero-day exploit after an employee accidently opened an email that contained malicious content.

The employee recognized the email as malicious and was attempting to delete it, but accidently opened it.

Which of the following should be done to prevent this scenario from occurring again in the future?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

B.

The scenario described in the question involves a zero-day exploit that infected a computer on the company network after an employee accidentally opened an email that contained malicious content. The employee recognized the email as malicious and attempted to delete it, but accidentally opened it, resulting in the infection. To prevent this scenario from happening again, the following solutions can be considered:

A. Install host-based firewalls on all computers that have an email client installed Host-based firewalls are designed to protect individual computers from unauthorized access and malicious attacks. Installing host-based firewalls on all computers that have an email client installed can help prevent unauthorized access to the email client and protect against malicious attacks. However, it may not be effective in preventing zero-day exploits as they are unknown and not yet detected by security vendors.

B. Set the email program default to open messages in plain text Setting the email program default to open messages in plain text can help prevent malicious content from executing when the email is opened. However, this solution may not be effective in preventing zero-day exploits as they may not be executed via email content.

C. Install endpoint protection on all computers that access web email Endpoint protection is a comprehensive security solution that provides multiple layers of defense against a variety of threats. It includes antivirus, antimalware, firewall, intrusion detection and prevention, and other security features. Installing endpoint protection on all computers that access web email can help protect against known and unknown threats, including zero-day exploits.

D. Create new email spam filters to delete all messages from that sender. Creating new email spam filters to delete all messages from that sender can help prevent the employee from accidentally opening malicious emails from that sender again. However, this solution may not be effective if the attacker uses a different email address or if the email content is disguised to bypass spam filters.

In summary, option C - Installing endpoint protection on all computers that access web email is the most comprehensive solution to prevent zero-day exploits and other types of threats. However, a combination of different solutions may be necessary to provide effective protection against various attack vectors.