Comptia Security Plus Mock Test Q94

Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?

A. Protocol filter
B. Load balancer
C. NIDS
D. Layer 7 firewall

Correct Answer: D
Section: Network Security

Explanation:
An application-level gateway firewall filters traffic based on user access, group membership, the application or service used, or even the type of resources being transmitted. This type of firewall operates at the Application layer (Layer 7) of the OSI model.

Incorrect Answers:
A: The Protocol Filter feature is used to block unwanted traffic from your network. The feature is commonly used to make sure employees, students or end users are using their
Internet access for its intended productive use.

B: A load balancer is used to distribute network traffic load across a number of network links or network devices.

C: A network-based IDS (NIDS) watches network traffic in real time, and is reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 6, 10, 82
http://www.clearcenter.com/support/documentation/clearos_enterprise_5.1/user_guide/protocol_filter