A cloud administrator needs to implement a solution that will inspect and manage web application traffic to protect against threats, such as cross-site scripting and SQL injection, without modifying the back-end infrastructure. Which of the following options is the BEST to achieve this?
A Web Application Firewall (WAF) is specifically designed to monitor, filter, and block data packets as they travel to and from a web application or website. It provides protection from a variety of application-layer attacks, such as cross-site scripting (XSS), SQL injection, and others, by inspecting HTTP traffic. Unlike traditional firewalls, a WAF works at the application layer and is able to understand and analyze the content of web traffic, which is why it is the best solution in this scenario. Proxy servers can provide anonymity and may protect against some threats, but they don't offer the same level of protection for web applications. Network Access Control (NAC) manages access to network resources by devices and users, which is not specifically related to web application threats. Data Loss Prevention (DLP) systems monitor, detect, and block data breaches/data exfiltration transmissions, which is a different focus from what is required in the scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What types of attacks can a WAF protect against?
Open an interactive chat with Bash
How does a WAF differ from a traditional firewall?
Open an interactive chat with Bash
What are some key features of a Web Application Firewall?