A financial services company is launching a website on a leading cloud provider and is concerned about defending against typical internet threats, such as site scripting and database manipulation attacks. Which service should they implement to fortify their site against these specific attack vectors?
The service commonly recommended for protecting web applications from internet threats including site scripting and database manipulation attacks (such as SQL injection) is a web application firewall. This service enables rules to be configured that filter out malicious traffic based on predefined conditions.
A DDoS protection service is more aligned with defending against high-volume traffic attacks that aim to make a service unavailable, not for filtering specific attack types like SQL injection or cross-site scripting.
A threat detection service focuses on identifying suspicious activity within an environment but does not act as a barrier against application-level exploits.
An automated security assessment tool is designed for scanning and assessing potential security issues within an environment but doesn't directly intercept or filter incoming traffic to stop application-level attacks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Web Application Firewall (WAF)?
Open an interactive chat with Bash
What are SQL injection and cross-site scripting (XSS)?
Open an interactive chat with Bash
How does a WAF differ from traditional firewalls?
Open an interactive chat with Bash
AWS Cloud Practitioner CLF-C02
Security and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access