An organization’s internet-facing website was compromised when an attacker exploited a buffer overflow. Which of the following should the organization deploy to best protect against similar attacks in the future?
B is the correct one
B. WAF (Web Application Firewall)
A. NGFW (Next-Generation Firewall)
C. TLS (Transport Layer Security)
D. SD-WAN (Software-Defined Wide Area Network)
A Web Application Firewall (WAF) is for ensuring the security of an HTTP application like WordPress, or Magneto against threats like SQL injection, or XSS.
I can see why the "correct" answer is WAF, but the question is silly. Why use your WAF to try to block buffer overflow attacks? Why not have the application developers add or fix input validation on the web forms, which is what's really needed. How would you know what bit-length to restrict inputs to for your WAF rule without consulting the developers? And if you are consulting the developers about this, just have then fix it at the source. I'm all for defense in depth, but it doesn't seem realistic to try to block this at the WAF or NGFW.
The answer is B and not A because it says "internet-facing website was compromised." That is specifically what WAF's are designed for. Next-Gen's operate at Layer 7 and provide application-level inspection but are designed for network level protection across services.
NGFW is the correct answer.
When it comes to defending against buffer overflow attacks, a Next-Generation Firewall (NGFW) is generally more effective than a Web Application Firewall (WAF). Here's why:
NGFW Capabilities: NGFWs provide deep packet inspection, advanced threat detection, and the ability to identify and block malicious traffic based on patterns and behaviors. They can also enforce security policies at the network level, which helps prevent exploitation attempts before they reach the application.
WAF Limitations: While WAFs are designed to protect web applications by filtering and monitoring HTTP traffic, they primarily focus on application-layer attacks like SQL injection and cross-site scripting (XSS). Buffer overflow attacks, which often target vulnerabilities in software rather than web applications, may not be as effectively mitigated by a WAF.
A NGFW would better protect against buffer overflow attacks thanks to deep packet inspection and IDS/IPS. A WAF would protect better against SQL injections and XSS.
A WAF inspects incoming and outgoing web traffic to detect and block malicious payloads that may exploit application vulnerabilities, such as buffer overflows.
This section is not available anymore. Please use the main Exam Page.SY0-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
CookieChip
Highly Voted 11 months agoAaronR2000
2 months, 1 week agoMehsotopes
Highly Voted 11 months, 1 week agoJackExam2025
Most Recent 1 month, 3 weeks agoHasss
2 months agoAlternateEgo
3 months, 1 week agoFatneck
4 months, 2 weeks agoviktorrdlyi
4 months, 2 weeks agobraveheart22
5 months, 3 weeks agoJoeShmo
5 months, 4 weeks agoMarkeze
6 months, 4 weeks agoMarkeze
6 months, 4 weeks agodbrowndiver
8 months, 2 weeks agoshady23
11 months, 1 week ago