Oracle Exam 1Z0-997 Topic 9 Question 25 Discussion

Origin Management

An origin is an endpoint (typically an IP address) of the application protected by the WAF. An origin can be

an Oracle Cloud Infrastructure load balancer public IP address. A load balancer IP address can be used for

high availability to an origin. Multiple origins can be defined, but only a single origin can be active for a WAF. You can set HTTP headers for outbound traffic from the WAF to the origin server. These name value pairs are then available to the application.

Oracle Cloud Infrastructure Web Application Firewall (WAF) is a cloud-based, Payment Card Industry (PCI) compliant, global security service that protects applications from malicious and unwanted internet traffic.

WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications. WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.

Distributed Denial of Service (DDoS)

A DDoS attack is an often intentional attack that consumes an entity's resources, usually using a large number of distributed sources. DDoS can be categorized into either Layer 7 or Layer 3/4 (L3/4)

A layer 7 DDoS attack is a DDoS attack that sends HTTP/S traffic to consume resources and hamper a website's ability to delivery content or to harm the owner of the site. The Web Application Firewall (WAF)

service can protect layer 7 HTTP-based resources from layer 7 DDoS and other web application attack vectors.