ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CV0-003 All Questions

View all questions & answers for the CV0-003 exam
Go to Exam

Exam CV0-003 topic 1 question 233 discussion

Actual exam question from CompTIA's CV0-003
Question #: 233
Topic #: 1
[All CV0-003 Questions]

A cloud administrator has deployed a website and needs to improve the site security to meet requirements. The website architecture is designed to have a DBaaS in the back end and autoscaling instances in the front end using a load balancer to distribute the request. Which of the following will the cloud administrator MOST likely use?

  • A. An API gateway
  • B. An IPS/IDS
  • C. A reverse proxy
  • D. A WAF
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Markedexam at March 9, 2023, 12:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pongsathorn
10 months, 2 weeks ago
Selected Answer: D
To improve the security of a website in the described architecture, which includes a DBaaS backend and autoscaling instances in the front end using a load balancer, the cloud administrator would likely use a Web Application Firewall (WAF). **D. A WAF (Web Application Firewall)** is designed to protect web applications from various online threats, including common vulnerabilities like SQL injection, cross-site scripting (XSS), and other malicious attacks. It's particularly valuable in front of web applications that are accessible over the internet. In this case, placing a WAF in front of the autoscaling instances and load balancer can help filter and block malicious traffic and protect the website from web-based attacks. Here's a brief explanation of the other options: - **A. An API Gateway** is used for managing and routing API requests, not typically for security purposes related to web application protection.
upvoted 3 times
Pongsathorn
10 months, 2 weeks ago
- **B. An IPS/IDS (Intrusion Prevention System/Intrusion Detection System)** is more focused on network-level threats and intrusion detection, while WAF is designed specifically for web application protection. - **C. A reverse proxy** can provide some level of security, but it's primarily used for load balancing, caching, and routing traffic to backend servers. It doesn't offer the same level of application-specific protection as a WAF. For enhanced web application security in a cloud environment, especially when dealing with internet-facing applications, deploying a Web Application Firewall (WAF) is a common and recommended approach.
upvoted 1 times
...
...
SecPlus2022
1 year, 1 month ago
Selected Answer: D
Going with "D". While a reverse proxy does assist with security, it's not as comprehensive with regard to what it protects against. A WAF, in my opinion, would be more appropriate here. I agree with "ACunningPlan".
upvoted 3 times
...
ACunningPlan
1 year, 4 months ago
Selected Answer: D
WAF is best because all traffic is coming in LB to website and DB is already in back end.
upvoted 1 times
ACunningPlan
1 year, 4 months ago
D. A WAF (Web Application Firewall) is the most likely security measure that the cloud administrator will use to improve the website's security. A WAF can protect web applications from common web-based attacks such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF). Since the website has a DBaaS backend, a WAF can help protect the database from SQL injection attacks. Additionally, since the website architecture is designed to use autoscaling instances in the front end with a load balancer, a WAF can help protect each instance from web-based attacks. An API gateway is used to manage API traffic, while an IPS/IDS (Intrusion Prevention System/Intrusion Detection System) is used to detect and prevent network attacks. A reverse proxy is used to distribute client requests across multiple servers, while also providing an additional layer of security. However, none of these are as well suited as a WAF for protecting web applications from web-based attacks.
upvoted 4 times
...
...
Markedexam
1 year, 4 months ago
Selected Answer: C
This question is about security - Google: "What does a reverse proxy hide? A reverse proxy hides the identities of servers. An Internet-based attacker would find it considerably more difficult to acquire data found in those file transfer servers than if he didn't have to deal with a reverse proxy" Surely obfuscation of a network increases security.... Voting Reverse Proxy.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel