PrepAway - Latest Free Exam Questions & Answers

Which of the following technologies was MOST likely bei…

A security engineer is reviewing log data and sees the output below:
POST: /payload.php HTTP/1.1
HOST: localhost
Accept: */*
Referrer: http://localhost/
*******
HTTP/1.1 403 Forbidden
Connection: close
Log: Access denied with 403. Pattern matches form bypass Which of the following technologies was MOST
likely being used to generate this log?

PrepAway - Latest Free Exam Questions & Answers

A.
Host-based Intrusion Detection System

B.
Web application firewall

C.
Network-based Intrusion Detection System

D.
Stateful Inspection Firewall

E.
URL Content Filter

Explanation:
A web application firewall is a device, server add-on, virtual service, or system filter that defines a strict set of
communication rules for a website and all visitors. It’s intended to be an application-specific firewall to prevent
cross-site scripting, SQL injection, and other web application attacks.
Incorrect Answers:
A: A host-based IDS (HIDS) watches the audit trails and log files of a host system. It’s reliable for detecting
attacks directed against a host, whether they originate from an external source or are being perpetrated by a
user locally logged in to the host.
C: NIDS is reliable for detecting attacks directed against a host, whether they originate from an external source
or are being perpetrated by a user locally logged in to the host.
D: A stateful inspection firewall is aware that any valid outbound communication will trigger a corresponding
response or reply from the external entity.
E: URL filtering involves blocking websites (or sections of websites) based solely on the URL, restricting access
to specified websites and certain web-based applications.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 6, 19, 20, 21


Leave a Reply