Mitigating Unauthorized Requests from Southeast Asia | Exam Answer

How to Mitigate Unauthorized Requests from Southeast Asia | Oracle Exam

Question

A hospital in Austin has hosted its web-based medical records portal entirely in Oracle Cloud Infrastructure (OCI) using compute instances for its web-tier and DB System database for its data tier.

To validate compliance with Health Insurance Portability and Accountability (HIPAA), the hospital hired an IT security professional to check their systems.

It was found that there were a lot of unauthorized requests coming from a set of IP addresses originating from a county in Southeast Asia.

Which option can mitigate this type of attack? (Choose the best answer.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

The best option to mitigate unauthorized requests coming from a set of IP addresses originating from a county in Southeast Asia would be to implement an OCI Web Application Firewall (WAF) policy using Access Control Rules.

Explanation:

A. Blocking the attacking IP addresses by creating a Security List rule to deny access to the subnet where the web server is running is not the best option. Security lists are stateful, and their primary function is to control traffic in and out of a subnet. While it can block the attacking IP addresses, it would also block legitimate traffic coming from that subnet.

B. Blocking the attacking IP addresses by creating a Network Security Group (NSG) rule to deny access to the compute instance where the web server is running is also not the best option. NSGs are used to control network traffic by filtering traffic based on protocol, port, and source/destination IP addresses. However, it is not the best solution to mitigate web-based attacks like DDoS attacks, SQL injection, and cross-site scripting (XSS).

C. Implementing an OCI Web Application Firewall Bot Management policy to identify the attacking IP addresses and mitigate the threat is a good option, but not the best one. Bot Management policy can help to identify and mitigate bot traffic, but it may not be effective against a coordinated attack coming from a set of IP addresses.

D. Block the attacking IP addresses by implementing an OCI Web Application Firewall policy using Access Control Rules is the best option. A WAF is a security solution that provides protection against web-based attacks by monitoring and filtering traffic between a web application and the internet. Access control rules can be configured to block traffic from specific IP addresses, user agents, or countries. It also provides protection against DDoS attacks, SQL injection, and cross-site scripting (XSS). The WAF service also includes bot protection, content inspection, and threat intelligence to help mitigate a wide range of attacks.

Therefore, option D is the best option to mitigate unauthorized requests coming from a set of IP addresses originating from a county in Southeast Asia.