Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Oracle Exam 1Z0-1104-23 Topic 3 Question 22 Discussion

Actual exam question for Oracle's 1Z0-1104-23 exam
Question #: 22
Topic #: 3
[All 1Z0-1104-23 Questions]

Challenge 4 - Task 3 of 6

Configure Web Application Firewall to Protect Web Server Against XSS Attack

Scenario

You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.

To ensure that the configured WAF blocks the XSS attack, run the following script:[http:///index.html?

/index.html?

)

To complete this deployment, you have to perform the following tasks in the environment provisioned for you:

Configure a Virtual Cloud Network (VCN)

Create a Compute Instance and install the Web Server

Create a Load Balancer and update Security List

Create a WAF policy

Configure Protection Rules against XSS attacks

Verify the created environment against XSS attacks

Note:You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.

Complete the following task in the provisioned OCI environment:

Go to the VCN IAD-WAF-PBT-VCN-01.

Create a Security List with the name IAD-SP-PBT-LB-SL-01.

Create a Public subnet named LB-Subnet-IAD-SP-PBT-SNET-02 and attach the above-created security list.

Create a Load Balancer with the name IAD-SP-PBT-LB-01.

Create a Listener Name with the name IAD_SP_PBT_LB_LISN_01.

Add appropriate Ingress and Egress rules to IAD-SP-PBT-LB-SL-01, to allow http traffic to the Load Balancer subnet.

Show Suggested Answer Hide Answer
Suggested Answer: A

SOLUTION:

From the navigation menu, select Networking and then click Virtual Cloud Network.

In the left navigation pane, under List Scope, select <your assigned compartment> from the drop-down menu.

Click IAD-WAF-PBT-VCN-01 from the list of VCNs.

In the left navigation pane, under Resources, click Security Lists.

Click Create Security List.

In the Create Security List dialogue box, enter the following:a) Name: IAD-SP-PBT-LB-SL-01 b) Do not add any ingress or egress rules. c) Click Create Security List.

In the left navigation pane, under Resources, click Subnets.

Click Create Subnet.

In the Create Subnet dialogue box, enter the following:a) Name: LB-Subnet-IAD-SP-PBT-SNET-02 b) Create in Compartment: <your working compartment name> c) Subnet Type: Regional d) IPv4 CIDR Block: 10.0.4.0/24 e) Security List: From the drop-down menu, select the Security List you had created earlier, IAD-SP-PBT-LB-SL-01.

Click Create Subnet.

You now see that the subnet has been created successfully.

Note:You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.


Contribute your Thoughts:

Carmela
5 months ago
Hmm, I wonder if the WAF can also detect more sophisticated XSS attacks, or just the simple ones. Guess I'll have to see.
upvoted 0 times
...
Shizue
5 months ago
Woah, that script in the URL is like a cheat code for XSS attacks. Good thing we have the WAF to protect against that nonsense.
upvoted 0 times
...
Isaac
5 months ago
Yes, and verifying the environment against XSS attacks is important to ensure the protection is working effectively.
upvoted 0 times
...
Charlette
5 months ago
Alright, time to put my WAF skills to the test! Gotta remember to use the right compartment and region.
upvoted 0 times
Shaniqua
3 months ago
Verify the environment against XSS attacks after configuring the WAF.
upvoted 0 times
...
Beula
3 months ago
Make sure to configure the Protection Rules against XSS attacks in the WAF policy.
upvoted 0 times
...
Jolene
3 months ago
Don't forget to create a Security List and attach it to the Public subnet for the Load Balancer.
upvoted 0 times
...
Sarah
4 months ago
Make sure to add the appropriate Ingress and Egress rules to allow http traffic to the Load Balancer subnet.
upvoted 0 times
...
Lisha
4 months ago
Don't forget to create a Security List and attach it to the Public subnet for the Load Balancer.
upvoted 0 times
...
Deandrea
4 months ago
I'm ready to configure the WAF and protect against XSS attacks!
upvoted 0 times
...
...
Kattie
5 months ago
Haha, 'javascript:alert(1)' in the URL? That's a classic XSS payload. Let's see if the WAF can catch that one.
upvoted 0 times
Filiberto
4 months ago
I'm curious to see if the WAF can actually catch it.
upvoted 0 times
...
Delsie
5 months ago
I know right, that payload is a classic one for XSS attacks.
upvoted 0 times
...
...
Tran
5 months ago
Ah, so we need to set up the WAF to return a 503 error if it detects an XSS attack. Gotta make sure I don't miss any of the required steps.
upvoted 0 times
Paris
4 months ago
Finally, we have to create a WAF policy and configure Protection Rules against XSS attacks.
upvoted 0 times
...
Annamae
4 months ago
Next, we need to create a Load Balancer and update the Security List.
upvoted 0 times
...
Amos
4 months ago
After that, we have to create a Compute Instance and install the Web Server.
upvoted 0 times
...
Yan
5 months ago
I think we need to start by configuring a Virtual Cloud Network (VCN).
upvoted 0 times
...
...
Bulah
5 months ago
I believe creating a WAF policy with protection rules is the key to preventing XSS attacks.
upvoted 0 times
...
Danilo
5 months ago
I agree, XSS attacks can be very harmful to web applications.
upvoted 0 times
...
Iluminada
5 months ago
Hmm, this XSS attack scenario looks tricky. I need to make sure I understand how to configure the WAF rules properly to block those malicious scripts.
upvoted 0 times
Leonora
4 months ago
Yes, make sure to test the environment against XSS attacks after configuring the WAF. It's crucial to verify that the protection rules are working effectively.
upvoted 0 times
...
Latrice
5 months ago
Don't worry, just follow the steps provided in the scenario. It's important to create the WAF policy and configure the protection rules correctly.
upvoted 0 times
...
...
Isaac
5 months ago
I think configuring a Web Application Firewall is crucial for protecting against XSS attacks.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77