CompTIA
CV0-003 · Question #21
CV0-003 Question #21: Real Exam Question with Answer & Explanation
The correct answer is C: WAF. In an IaaS environment, a WAF uses updated signature files to inspect and block malicious HTTP/HTTPS traffic, making it the appropriate control for preventing web-based malware threats from reaching the network.
Security
Question
In an IaaS environment, the security team issues a new signature file to prevent specific malware threats from infiltrating the company network. Which of the following describes where the security team should deploy the updated signatures?
Options
- AIDS
- BSpam filter
- CWAF
- DNIPS
- EHIPS
Explanation
In an IaaS environment, a WAF uses updated signature files to inspect and block malicious HTTP/HTTPS traffic, making it the appropriate control for preventing web-based malware threats from reaching the network.
Common mistakes.
- A. An IDS is a passive monitoring tool that only detects and alerts on threats without actively blocking traffic, so it cannot prevent malware from infiltrating the network.
- B. A spam filter is designed to filter unsolicited or malicious email messages and does not inspect or block general network traffic carrying malware payloads.
- D. A NIPS operates at the network layer using signatures but is not the primary signature-based control deployed in IaaS environments specifically for inspecting and blocking web-application-layer malware threats.
- E. A HIPS operates at the individual host level to protect a single endpoint rather than at the network perimeter where infiltrating traffic would first arrive.
Concept tested. WAF signature-based malware prevention in IaaS
Reference. https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html
Topics
#IDS/IPS#malware signatures#network security#IaaS security
Community Discussion
No community discussion yet for this question.