A leading insurancefirm is hosting its customer portal in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes with an OCI Autonomous Database. Their support team discovered a lot of SQL injection attempts and cross-site scripting attacks to the portal, which isstarting to affect the production environment.
What should they implement to mitigate this attack?
What should they implement to mitigate this attack?
Correct Answer: D
Explanation
Web Application Firewall (WAF):
Oracle Cloud Infrastructure Web Application Firewall (WAF) is a cloud-based, Payment Card Industry (PCI) compliant, global security service that protects applications from malicious and unwanted internet traffic.
WAF can protect any internet facing endpoint,providing consistent rule enforcement across a customer’s applications.
WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwantedbots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.
The global Security Operations Center (SOC) will continually monitor the internet threat landscape acting asan extension of your IT infrastructure.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/WAF/Concepts/overview.htm
Web Application Firewall (WAF):
Oracle Cloud Infrastructure Web Application Firewall (WAF) is a cloud-based, Payment Card Industry (PCI) compliant, global security service that protects applications from malicious and unwanted internet traffic.
WAF can protect any internet facing endpoint,providing consistent rule enforcement across a customer’s applications.
WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwantedbots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.
The global Security Operations Center (SOC) will continually monitor the internet threat landscape acting asan extension of your IT infrastructure.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/WAF/Concepts/overview.htm
%20Container){kind=link}