ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-501 All Questions

View all questions & answers for the SY0-501 exam
Go to Exam

Exam SY0-501 topic 1 question 704 discussion

Actual exam question from CompTIA's SY0-501
Question #: 704
Topic #: 1
[All SY0-501 Questions]

A recent penetration test revealed several issues with a public-facing website used by customers. The testers were able to:
✑ Enter long lines of code and special characters
✑ Crash the system
✑ Gain unauthorized access to the internal application server
✑ Map the internal network
The development team has stated they will need to rewrite a significant portion of the code used, and it will take more than a year to deliver the finished product.
Which of the following would be the BEST solution to introduce in the interim?

  • A. Content fileting
  • B. WAF
  • C. TLS
  • D. IPS/IDS
  • E. UTM
Show Suggested Answer Hide Answer
Suggested Answer: E 🗳️
by Meredith at May 28, 2020, 8:23 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
nerp10
Highly Voted 5 years ago
Unified Threat Management device
upvoted 7 times
...
Sugarbear_01
Most Recent 4 years, 3 months ago
A unified threat management (UTM) system/Device is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.
upvoted 4 times
...
mdsabbir
4 years, 5 months ago
UTM as "Map the internal network" otherwise WAF is good to protect other issues
upvoted 4 times
...
wazards
4 years, 6 months ago
I like to Fillet my content.
upvoted 2 times
thefakecargo
4 years, 4 months ago
like cut it I'm confused
upvoted 2 times
...
...
DookyBoots
4 years, 10 months ago
A web application firewall is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application's known vulnerabilities, such as SQL injection, cross-site scripting, file inclusion, and improper system configuration.Wikipedia
upvoted 2 times
DookyBoots
4 years, 10 months ago
UTMs are sometimes referred to as next-generation firewalls as a single network appliance or as a service on the network. UTMs provide multiple security features and services, including: Anti-malware, Anti-spam, Content filtering, Web filtering, Firewall, Intrusion detection, VPN
upvoted 2 times
...
...
amkz
4 years, 11 months ago
I think the correct answer is "WAF" since it is a App. Level attacks (L7 )
upvoted 2 times
...
Diogenes_td
5 years ago
sure! UTM works. why not WAF though?
upvoted 2 times
illuded03jolted
4 years, 6 months ago
because..... the correct answer is not what is a right answer, but the correct answer is what CompTIA thinks is right.
upvoted 10 times
Texrax
4 years, 1 month ago
Yes I answered WAF because you really have to read into "public-facing website" to mean "webserver hosted within the network" and not hosted on the cloud as is typical now. For Cloud hosted websites, a WAF is better than the UTM(which also focuses on perimeter protection). Just another badly written question so we'll go with the given answer.
upvoted 1 times
...
...
...
bowdi
5 years ago
its waf.
upvoted 2 times
...
Meredith
5 years, 2 months ago
https://www.professormesser.com/security-plus/sy0-401/web-security-gateways-and-utms/
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel