Learn the best security control to protect an ecommerce website that allows customers to upload PDF documents. Find out why a web application firewall (WAF) is recommended to block command injection attacks.
Table of Contents
Question
A company allows customers to upload PDF documents to its public e-commerce website. Which of the following would a security analyst most likely recommend?
A. Utilizing attack signatures in an IDS
B. Enabling malware detection through a UTM
C. Limiting the affected servers with a load balancer
D. Blocking command injections via a WAF
Answer
The security analyst would most likely recommend:
D. Blocking command injections via a WAF
Explanation
The key issue here is that the ecommerce website allows users to upload PDF files. PDF documents can potentially contain embedded malicious code or exploit vulnerabilities. If those malicious payloads attempt OS command injection attacks, they could compromise the web servers.
A web application firewall (WAF) is designed to inspect incoming web traffic, including user uploads, and block malicious requests such as command injections before they reach the web servers. A WAF is the most direct and effective control for this particular risk.
The other options are not as suitable:
A. An intrusion detection system (IDS) uses attack signatures to identify threats, but only detects and alerts rather than actively blocking.
B. A unified threat management (UTM) appliance scans for malware but is not specifically tailored to web application attacks like command injection.
C. A load balancer distributes traffic across servers but does not actually block attacks.
Therefore, deploying a WAF configured to prevent command injections and other web attacks is the best recommendation for protecting the ecommerce site that accepts user-supplied PDF uploads.
CompTIA SY0-701 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA SY0-701 exam and earn CompTIA SY0-701 certification.