Oracle 1z0-997-22: How would you configure WAF to protect website against wide scale cyber attacks

Question

A new international hacktivist group, based in London, launched wide scale cyber attacks including SQL Injection and Cross-Site Scripting (XSS) across multiple websites hosted in Oracle Cloud Infrastructure (OCI). As an IT consultant, you must configure a Web Application Firewall (WAF) to protect these websites against such attacks. How would you configure your WAF to protect the website against those attacks?

A. Enable an Access Rule to block the IP Address range from London.
B. Enable an Access Rule that contains XSS Filters Categories and SQL Filters Categories.
C. Enable a Protection Rule to block the attacks based on HTTP Headers that contain XSS and SQL strings.
D. Enable a Protection Rule to block requests that came from London.
E. Enable a Protection Rule that contains XSS Filters Categories and SQL Filters Categories.

Answer

E. Enable a Protection Rule that contains XSS Filters Categories and SQL Filters Categories.

Explanation

The correct answer is: E. Enable a Protection Rule that contains XSS Filters Categories and SQL Filters Categories.

To protect the websites hosted in Oracle Cloud Infrastructure (OCI) against SQL Injection and Cross-Site Scripting (XSS) attacks, you should enable a Web Application Firewall (WAF) and configure a Protection Rule that contains XSS Filters Categories and SQL Filters Categories.

1. Web Application Firewall (WAF): A WAF is a security feature that sits between the client and the web server and monitors, filters, and blocks HTTP/HTTPS traffic to and from a web application. It helps protect the web application from various web-based attacks, including SQL Injection and Cross-Site Scripting (XSS).
2. Protection Rules: WAF works based on rules that define how to handle different types of traffic. Protection Rules are the set of rules that you configure on the WAF to protect against specific types of attacks.
3. XSS Filters Categories: Cross-Site Scripting (XSS) is an attack that injects malicious scripts into web pages viewed by other users. To prevent XSS attacks, you should enable a Protection Rule that contains XSS Filters Categories. These filters inspect the HTTP requests and responses for any malicious scripts and block them from reaching the web application.
4. SQL Filters Categories: SQL Injection is an attack that allows an attacker to manipulate a web application’s SQL query by injecting malicious SQL code. To prevent SQL Injection attacks, you should enable a Protection Rule that contains SQL Filters Categories. These filters inspect the HTTP requests for any malicious SQL code and block them from reaching the web application.

By enabling a Protection Rule that contains both XSS Filters Categories and SQL Filters Categories, you provide a robust defense against XSS and SQL Injection attacks for the websites hosted in OCI. This approach helps ensure that malicious requests are filtered out before they reach the web application, protecting the websites from potential damage and data breaches.

The other options are not the best ways to protect against SQL Injection and Cross-Site Scripting (XSS) attacks:

A. Blocking the IP Address range from London (option A) would not be an effective approach as it might block legitimate traffic from that location and not necessarily protect against XSS and SQL Injection attacks.

B. Enabling an Access Rule with XSS Filters and SQL Filters Categories (option B) might provide some protection, but it is not as comprehensive as enabling a Protection Rule specifically designed to handle these types of attacks.

C. Blocking attacks based on HTTP Headers (option C) might help in some scenarios, but it might not be sufficient to protect against all XSS and SQL Injection attack vectors.

D. Blocking requests that come from London (option D) might be an overreaching solution, potentially blocking legitimate traffic from that location, and might not adequately protect against XSS and SQL Injection attacks.

In conclusion, to protect the websites against SQL Injection and Cross-Site Scripting (XSS) attacks, enable a Web Application Firewall (WAF) and configure a Protection Rule that contains both XSS Filters Categories and SQL Filters Categories. This will provide a robust and targeted defense against these specific types of web-based attacks.

Reference

• Overview of Web Application Firewall (oracle.com)
• Web Application Firewall (oracle.com)
• Web Application Firewall (WAF) | Oracle Perú
• Getting Started with Web Application Firewall Policies (oracle.com)
• Oracle Cloud Infrastucture Web Application Firewall

Oracle Cloud Infrastructure 2022 Architect Professional 1z0-997-22 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Oracle Cloud Infrastructure 2022 Architect Professional 1z0-997-22 exam and earn Oracle Cloud Infrastructure 2022 Architect Professional 1z0-997-22 certification.