nerdexam
CompTIA

CV0-003 · Question #763

A cloud administrator has deployed a website and needs to improve the site security to meet requirements. The website architecture is designed to have a DBaaS in the back end and autoscaling instances

The correct answer is D. A WAF. A WAF can protect web applications from common web-based attacks such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF). Since the website has a DBaaS backend, a WAF can help protect the database from SQL injection attacks. Additionally, since th

Security

Question

A cloud administrator has deployed a website and needs to improve the site security to meet requirements. The website architecture is designed to have a DBaaS in the back end and autoscaling instances in the front end using a load balancer to distribute the request. Which of the following will the cloud administrator MOST likely use?

Options

  • AAn API gateway
  • BAn IPS/IDS
  • CA reverse proxy
  • DA WAF

How the community answered

(19 responses)
  • A
    11% (2)
  • B
    5% (1)
  • D
    84% (16)

Explanation

A WAF can protect web applications from common web-based attacks such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF). Since the website has a DBaaS backend, a WAF can help protect the database from SQL injection attacks. Additionally, since the website architecture is designed to use autoscaling instances in the front end with a load balancer, a WAF can help protect each instance from web-based attacks. An API gateway is used to manage API traffic, while an IPS/IDS (Intrusion Prevention System/Intrusion Detection System) is used to detect and prevent network attacks. A reverse proxy is used to distribute client requests across multiple servers, while also providing an additional layer of security. However, none of these are as well suited as a WAF for protecting web applications from web-based attacks.

Topics

#WAF#web application security#load balancer#DBaaS

Community Discussion

No community discussion yet for this question.

Full CV0-003 Practice