312-50V10 · Question #26
Firewalls are the software or hardware systems that are able to control and monitor the traffic coming in and out the target network based on pre-defined set of rules. Which of the following types of
The correct answer is D. Web application firewall. A Web Application Firewall (WAF) operates at the application layer and inspects HTTP/S request content, enabling it to detect and block SQL injection payloads before they reach the database.
Question
Firewalls are the software or hardware systems that are able to control and monitor the traffic coming in and out the target network based on pre-defined set of rules. Which of the following types of firewalls can protect against SQL injection attacks?
Options
- AData-driven firewall
- BStateful firewall
- CPacket firewall
- DWeb application firewall
How the community answered
(26 responses)- A4% (1)
- B4% (1)
- C4% (1)
- D88% (23)
Why each option
A Web Application Firewall (WAF) operates at the application layer and inspects HTTP/S request content, enabling it to detect and block SQL injection payloads before they reach the database.
A data-driven firewall is not a recognized standard firewall category and has no defined mechanism for parsing SQL syntax within web requests.
A stateful firewall tracks TCP/UDP connection state but only inspects packet headers, not application-layer payload content, so it cannot detect SQL injection strings embedded in HTTP requests.
A packet (stateless) firewall filters based on IP addresses and ports alone and has no capability to inspect or parse application-layer data such as SQL statements within request bodies.
A WAF analyzes traffic at OSI Layer 7 (application layer), parsing HTTP request parameters, headers, and body content against rule sets designed to identify malicious patterns such as SQL injection strings. Because it understands application-layer semantics, it can block or sanitize injection attempts that lower-layer firewalls cannot see.
Concept tested: Web Application Firewall protection against SQL injection
Source: https://owasp.org/www-community/Web_Application_Firewall
Topics
Community Discussion
No community discussion yet for this question.