nerdexam
EC-Council

312-50V10 · Question #26

Firewalls are the software or hardware systems that are able to control and monitor the traffic coming in and out the target network based on pre-defined set of rules. Which of the following types of

The correct answer is D. Web application firewall. A Web Application Firewall (WAF) operates at the application layer and inspects HTTP/S request content, enabling it to detect and block SQL injection payloads before they reach the database.

Evading IDS, Firewalls, and Honeypots

Question

Firewalls are the software or hardware systems that are able to control and monitor the traffic coming in and out the target network based on pre-defined set of rules. Which of the following types of firewalls can protect against SQL injection attacks?

Options

  • AData-driven firewall
  • BStateful firewall
  • CPacket firewall
  • DWeb application firewall

How the community answered

(26 responses)
  • A
    4% (1)
  • B
    4% (1)
  • C
    4% (1)
  • D
    88% (23)

Why each option

A Web Application Firewall (WAF) operates at the application layer and inspects HTTP/S request content, enabling it to detect and block SQL injection payloads before they reach the database.

AData-driven firewall

A data-driven firewall is not a recognized standard firewall category and has no defined mechanism for parsing SQL syntax within web requests.

BStateful firewall

A stateful firewall tracks TCP/UDP connection state but only inspects packet headers, not application-layer payload content, so it cannot detect SQL injection strings embedded in HTTP requests.

CPacket firewall

A packet (stateless) firewall filters based on IP addresses and ports alone and has no capability to inspect or parse application-layer data such as SQL statements within request bodies.

DWeb application firewallCorrect

A WAF analyzes traffic at OSI Layer 7 (application layer), parsing HTTP request parameters, headers, and body content against rule sets designed to identify malicious patterns such as SQL injection strings. Because it understands application-layer semantics, it can block or sanitize injection attempts that lower-layer firewalls cannot see.

Concept tested: Web Application Firewall protection against SQL injection

Source: https://owasp.org/www-community/Web_Application_Firewall

Topics

#web application firewall#WAF#SQL injection protection#firewall types

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice