Free Preparation Discussions
MENU
Oracle Exam 1Z0-1084-21 Topic 3 Question 11 Discussion
Topic #: 3
A leading insurance firm is hosting its customer portal in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes with an OCI Autonomous
Database. Their support team discovered a lot of SQL injection attempts and cross-site scripting attacks to the portal, which is starting to affect the production environment.
What should they implement to mitigate this attack?
Web Application Firewall (WAF):
Oracle Cloud InfrastructureWeb Application Firewall(WAF) is a cloud-based, Payment Card Industry (PCI) compliant, global security service that protects applications from malicious and unwanted internet traffic. WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications.
WAF provides you with the ability to create and manage rules for internet threats includingCross-Site Scripting (XSS),SQL Injectionand other OWASP-defined vulnerabilities. Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.
The global Security Operations Center (SOC) will continually monitor the internet threat landscape acting as an extension of your IT infrastructure.
https://docs.cloud.oracle.com/en-us/iaas/Content/WAF/Concepts/overview.htm
Currently there are no comments in this discussion, be the first to comment!