Question 12 - Cisco 300-745 Exam Questions [June 2026 Update]

Q: 12

A retail company is facing a series of cyberattacks targeting web servers, which results in disruptions to online services. Upon investigation, the security team identified that these attacks involved invalid HTTP request headers, which were used to exploit vulnerabilities in the web application. To safeguard the company websites against similar threats in the future, the security team must deploy a security solution specifically designed to detect and block such malicious web traffic. Which security product must be used to protect the websites from similar attacks?

Options

Correct Answer:

Explanation

A Web Application Firewall (WAF) is the correct solution as it is specifically designed to operate at the application layer (Layer 7) of the OSI model. It inspects the content of HTTP/HTTPS traffic, including request headers, to identify and block malicious activity targeting web applications. By analyzing the structure and content of headers, a WAF can enforce policies against malformed or invalid requests, effectively mitigating the type of attack described and protecting the web servers from exploitation.

Why Incorrect

A. antivirus software: This software is designed to detect and remove file-based malware on a host system; it does not inspect live network traffic for malformed HTTP headers.

B. traditional firewall: A traditional firewall operates at the network and transport layers (Layers 3 and 4), filtering traffic based on IP addresses and ports, but lacks the capability to inspect application-layer data like HTTP headers.

D. host-based firewall: This firewall runs on an individual server and typically controls network access at Layers 3 and 4 for specific applications, but it does not perform deep packet inspection of HTTP content.

---

References

1. Cisco. (n.d.). What Is a WAF (Web Application Firewall)? Cisco. Retrieved from https://www.cisco.com/c/en/us/products/security/what-is-a-waf-web-application-firewall.html

Reference Point: In the "How does a WAF work?" section, it states, "A WAF sits in front of a web application... and analyzes all HTTP (web) traffic... It works by applying a set of rules, often called policies, to the traffic. These policies can help filter out malicious traffic." This confirms its role in inspecting HTTP traffic to block threats.

2. OWASP Foundation. (n.d.). Web Application Firewall. OWASP. Retrieved from https://owasp.org/www-community/WebApplicationFirewall

Reference Point: The document defines a WAF as a security solution that "monitors, filters or blocks HTTP/S traffic to and from a web service." It further explains that WAFs are "able to detect and prevent many of the most common attacks... by inspecting HTTP traffic." This directly supports the use of a WAF for the described scenario.

3. Cisco. (n.d.). What Is a Firewall? Cisco. Retrieved from https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-firewall.html

Reference Point: The section "Types of firewalls" describes packet-filtering firewalls (traditional firewalls) as operating "at the network layer... They don’t check the payload of the packet." This clarifies why a traditional firewall is an incorrect choice for inspecting HTTP header content.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE