XML Firewall is an appliance so A and C are eliminated. XML is an application of interest. D places the appliance in the most applicable location in the topology.
The suggestion to put an XML firewall “between the presentation and application layers” (Option C) is not correct. An XML firewall is a network security device, not something that sits between internal software layers of an application. The CCSP guidance explicitly notes that placing an XML firewall at other points (such as between the presentation and application layers, or between an IPS and the firewall, etc.) “would not serve the intended purpose” of intercepting XML attacks​. The proper location is in front of the application server (behind the external firewall), so that all XML traffic can be filtered before it hits the application​. This aligns with best practices for web services security and is the placement recommended by the CCSP curriculum and other authoritative sources.
XML firewalls are specialized appliances that inspect and filter XML-based traffic—such as SOAP messages—in order to detect and block malicious XML content and attacks. They are most commonly deployed as a reverse proxy between the external firewall and the application server. This placement allows them to examine inbound XML traffic before it reaches the application server, thereby providing an additional layer of protection for XML-based web services.
Between the firewall and application server. This placement helps in filtering and securing XML-based communications before they reach the application server.
An XML firewall is designed to manage and secure XML traffic, which is commonly associated with web services and API interactions. The most appropriate deployment for an XML firewall is C
A web application firewall (WAF - protected behind XML and SQL injection) is typically placed between the application and the presentation layers of the OSI (Open Systems Interconnection) model. The OSI model is a framework that is used to describe how data is transmitted over a network. It is divided into seven layers, each of which performs a specific set of functions to enable communication between devices.
For reference, an XML firewall is a specialized device used to protect applications exposed through XML based interfaces like REST and scan XML traffic coming into and going out from an organization. Typically deployed in a DMZ environment an XML Firewall is often used to validate XML traffic, control access to XML based resources, filter XML content and rate limit requests to back-end applications exposed through XML based interfaces.
This section is not available anymore. Please use the main Exam Page.CCSP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Lenell
Highly Voted 2Â years, 3Â months agoMonchel
Most Recent 1Â month, 2Â weeks agoMaciekMT
1Â month, 4Â weeks agoSivath
4Â months, 4Â weeks agosweetykaur
6Â months agoMo22
12Â months agoPika26
1Â year, 12Â months agoPika26
1Â year, 11Â months agoDA95
2Â years, 4Â months agoZeezee2
3Â years, 5Â months agoZeezee2
3Â years, 5Â months agoBanzaaai
3Â years, 6Â months ago