CompTIA
SY0-301 · Question #347
SY0-301 Question #347: Real Exam Question with Answer & Explanation
The correct answer is C: Web Application Firewall. A Web Application Firewall (WAF) operates at the application layer and is specifically designed to inspect HTTP traffic and block web-based attacks including cross-site scripting (XSS).
Question
Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?
Options
- AIntrusion Detection System
- BFlood Guard Protection
- CWeb Application Firewall
- DURL Content Filter
Explanation
A Web Application Firewall (WAF) operates at the application layer and is specifically designed to inspect HTTP traffic and block web-based attacks including cross-site scripting (XSS).
Common mistakes.
- A. An Intrusion Detection System monitors and alerts on suspicious network traffic but does not perform application-layer HTTP inspection to actively block XSS attacks.
- B. Flood guard protection mitigates volumetric denial-of-service attacks and does not inspect or filter web application request payloads for embedded scripts.
- D. A URL content filter restricts access to websites by category or URL reputation but does not inspect request and response bodies for embedded XSS payloads.
Concept tested. Web Application Firewall protection against XSS attacks
Reference. https://owasp.org/www-community/Web_Application_Firewall
Community Discussion
No community discussion yet for this question.