An SQL injection vulnerability was reported on a web applica

An sql injection vulnerability was reported on a web applica - CompTIA Cloud+ CV0-004

Question

An SQL injection vulnerability was reported on a web application, and the cloud platform team needs to mitigate the vulnerability while it is corrected by the development team.
Which of the following controls will BEST mitigate the risk of exploitation?

Answers

DLP
HIDS
NAC
correct

WAF

Explanation

The Correct Answer is: D. WAF (Web Application Firewall)
A Web Application Firewall (WAF) is specifically designed to protect web applications from common threats like SQL injection, cross-site scripting (XSS), and other OWASP Top 10 vulnerabilities. A WAF filters and monitors HTTP traffic between the web application and the Internet, blocking malicious requests before they reach the application. While the development team works on fixing the underlying code, a WAF provides an immediate and effective mitigation.

Why the other options are incorrect:

A. DLP (Data Loss Prevention)
DLP is used to prevent sensitive data from being leaked or exfiltrated, not to detect or block attacks like SQL injection. It’s more about data protection than application-layer attack mitigation.
B. HIDS (Host-Based Intrusion Detection System)
HIDS can detect unusual behavior on a server, such as a successful SQL injection, but it is reactive and does not block the malicious traffic before it reaches the application.
C. NAC (Network Access Control)
NAC is used to control device access to a network based on policies like device health and user roles. It is not designed to analyze or block HTTP traffic targeting web apps, so it won’t mitigate an SQL injection risk.

Easy way to pass your test within a week with prepsaret

You don’t need one month to study and pass your test.
With Prepsaret, it takes you a few days to grasp all the concepts needed to pass your exams

View Courses Offered