A new international hacktivist group, based in London, launched wide scale cyber attacks including SQL Injection and Cross-Site Scripting (XSS) across multiple websites which are hosted in Oracle Cloud Infrastructure (OCI)
As an IT consultant, you must configure a Web Application Firewall (WAF) to protect these websites against the attacks.
How should you configure your WAF to protect the website against those attacks? (Choose the best answer.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.C.
https://docs.cloud.oracle.com/en-us/iaas/Content/WAF/Reference/protectionruleids.htmThe best approach to protect the websites against the mentioned attacks is to use a Web Application Firewall (WAF) which can inspect and filter the incoming web traffic based on predefined security rules. Among the provided options, option (C) is the best answer.
Option (A) suggests blocking attacks based on HTTP headers that contain XSS and SQL strings. However, this approach may not be effective as attackers can easily modify HTTP headers or use other techniques to bypass header-based protection.
Option (B) suggests blocking the IP Address range from London, which is not a good approach as it can result in blocking legitimate traffic from London. Hackers can also use proxy servers or other techniques to obfuscate their location and bypass IP-based blocking.
Option (D) suggests blocking requests that came from London. Like option (B), it suffers from the same limitations and can result in blocking legitimate traffic from London.
Option (E) suggests enabling an Access Rule that contains XSS Filters Categories and SQL Filters Categories. While this approach may provide some protection, it is not as effective as using a WAF that can inspect and filter traffic based on more advanced rules.
Option (C) suggests enabling a Protection Rule to block requests based on XSS Filters Categories and SQL Filters Categories. This approach is the best option among the provided options as it allows the WAF to inspect the incoming traffic and block requests that contain XSS and SQL strings. XSS Filters Categories include rules that detect and block various types of XSS attacks, such as Reflected XSS, Stored XSS, and DOM-based XSS. SQL Filters Categories include rules that detect and block SQL Injection attacks, such as SQL keywords, operators, and other patterns commonly used in SQL Injection attacks.
In summary, the best approach to protect the websites against the mentioned attacks is to use a WAF and enable a Protection Rule that can inspect and filter incoming traffic based on advanced rules such as XSS and SQL Filters Categories.