CompTIA Security Plus Mock Test Q845

Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?

A. Intrusion Detection System
B. Flood Guard Protection
C. Web Application Firewall
D. URL Content Filter


Correct Answer: C
Section: Application, Data and Host Security

Explanation:
Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker injects code into the content sent to website visitors. XSS can be mitigated
by implementing patch management on the web server, using firewalls, and auditing for suspicious activity.

Incorrect Answers:
A: An Intrusion Detection System (IDS) is used to detect attempts to access a system. It cannot be used to detect cross-site scripting attacks where a malicious user is injecting
malicious content into content being downloaded by a user.
B: Flood Guard Protection is used to prevent a network being flooded by data such as DoS, SYN floods, ping floods etc. The flood of data saturates the network and prevents the
successful transmission of valid data across the network. Flood Guard Protection is not used to prevent cross-site scripting attacks.
D. A URL Content Filter is used to permit access to allowed URLs (Websites) only or to block access to URLs that are not allowed according to company policy. For example, a
company might use a URL Content Filter to block access to social networking sites. A URL Content Filter is not used to prevent cross-site scripting attacks.

References:
http://en.wikipedia.org/wiki/Cross-site_scripting
https://www.owasp.org/index.php/Web_Application_Firewall