Skip to Content

CompTIA SY0-701: What Are the Best Security Measures to Protect Web Application Over Port 443?

Learn about the most effective security solutions, like WAFs and SIEMs, to reduce the attack surface and safeguard your organization’s web application running on port 443.

Table of Contents

Question

A security team is addressing a risk associated with the attack surface of the organization’s web application over port 443. Currently, no advanced network security capabilities are in place. Which of the following would be best to set up? (Choose two.)

A. NIDS
B. Honeypot
C. Certificate revocation list
D. HIPS
E. WAF
F. SIEM

Answer

E. WAF
F. SIEM

Explanation

A web application firewall (WAF) and security information and event management (SIEM) system would be the best choices to reduce the attack surface and protect the organization’s web application over port 443:

E. A WAF is designed to inspect incoming HTTP/HTTPS traffic (which uses port 443 for encrypted HTTPS) to detect and block malicious requests targeting web applications. It can protect against common web attacks like SQL injection, cross-site scripting (XSS), and more. A WAF is an essential layer of defense specifically for securing web apps.

F. A SIEM aggregates log data from various systems, including the WAF, to provide centralized security monitoring, event correlation, and incident response. It can detect anomalies, generate alerts, and help identify threats impacting the web application in real-time. The SIEM gives visibility and enables a rapid response to potential web app compromises.

The other options are less suitable for this use case:
A. A NIDS monitors network traffic but lacks the application-layer awareness of a WAF.
B. A honeypot is used to lure and trap attackers but doesn’t actively block threats to production systems.
C. A certificate revocation list is used to invalidate compromised SSL/TLS certificates but doesn’t protect the web app itself.
D. HIPS secure individual hosts but don’t provide specific protection for web applications.

In summary, deploying a WAF backed by a SIEM provides the most direct, effective security controls to reduce risk and safeguard a web application accessible over port 443. The WAF blocks threats while the SIEM enables proactive detection and response.

CompTIA SY0-701 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA SY0-701 exam and earn CompTIA SY0-701 certification.