Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?
A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP
conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL
injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to
perform this customization can be significant and needs to be maintained as the application is modified.
As the protocols used to access a web server (typically HTTP and HTTPS) run in layer 7 of the OSI model, then
web application firewall (WAF) is the correct answer.
B: A NIDS (Network Intrusion Detection System) operates in layer 2 of the OSI model, not layer 7.
C: Routers operate in layer 3 of the OSI model, not layer 7.
D: Switches operate in layer 2 of the OSI model, not layer 7.