QUESTION 707 An engineer wants to inspect traffic to a cluster of web servers in a cloud environment. Which of the following solutions should the engineer implement? A. Proxy server B. WAF C. Load balancer D. VPN Answer: B QUESTION 70

Cloud = CASB

Note, there are variations on this question that swaps out CASB (not a selection), so A is not correct. It's between WAF and Load Balancer. Both can inspect traffic, however a WAF offers deep inspection capabilities.

Although a Cloud Access Security Broker (CASB) also offers visibility, its main focus is on policy enforcement and security between cloud users and cloud applications. On the other hand, a load balancer distributes network or application traffic across several servers but doesn't inspect traffic. A Virtual Private Network (VPN) ensures secure connections for remote access, but it doesn't provide traffic inspection for web servers. Therefore, for inspecting traffic and ensuring security of web servers in a cloud environment, a WAF is the most appropriate and commonly used option..

cluster of web servers.. web only =WAF

Last question i can answer due to a paywall for the rest of them. I have my exam in 2 days. Wish me luck. FOR STONEFACE

A load balancer is a solution commonly used to distribute incoming network traffic across multiple servers (in this case, web servers) to ensure that no single server is overwhelmed with too much traffic. While a load balancer primarily focuses on distributing traffic for load distribution and high availability, it also provides visibility into the traffic going to and from the servers

FYI don't expect to get past this question. Exam Topics lies about it being free and forces the rest of the questions behind a paywall. Smh

WAF is correct

I get why some people will go for CASB over a WAF but CASB provides insights into user activity, data usage, and anomalous behavior in cloud applications, while WAF provides visibility into web traffic patterns, application usage, and potential threats. Source: https://www.haltdos.com/waf/benefits-of-integrating-casb-with-waf/#:~:text=CASB%20provides%20insights%20into%20user,application%20usage%2C%20and%20potential%20threats.

C is the correct answer. A load balancer distributes incoming traffic across multiple servers, ensuring that no single server becomes overwhelmed. It can also monitor traffic and perform health checks on the servers, redirecting traffic away from any server that may be experiencing issues. Choosing a WAF is not the best. Web Application Firewall) is used to protect against web-based attacks and vulnerabilities, rather than inspect traffic. A proxy could be used to inspect traffic but its primary function is to act as an intermediary between clients and servers.

WAF (Web Application Firewall): A WAF is a security solution that protects web applications from attacks. It can be used to inspect traffic to web applications, but it is not as comprehensive as a CASB. CASB (Cloud Access Security Broker): CASBs are designed to provide security for cloud applications and data. They can inspect and monitor traffic to and from cloud services, including web applications. CASBs often include features like data loss prevention (DLP), access control, and threat protection. While they may not be as specialized as a WAF for web application security, they can still be used to inspect and control traffic to cloud-hosted web applications and provide additional security layers. As mentioned in the question " inspect traffic to a cluster of web servers in a CLOUD environment" so option A (CASB) is more suitable for me.

B. WAF A Web Application Firewall (WAF) is designed to inspect traffic to and from web applications (or web servers) and can be used to detect and block malicious requests, such as SQL injection attacks, cross-site scripting (XSS), and other web-based threats. Here's a brief overview of the other options: A. CASB (Cloud Access Security Broker) primarily provides visibility and control over cloud applications and services, rather than traffic inspection to a specific cluster of web servers. C. Load balancer distributes incoming traffic across multiple servers to ensure no single server is overwhelmed with too much traffic. While it can be part of a larger security strategy, its primary purpose isn't for inspecting traffic for malicious content. D. VPN (Virtual Private Network) is used primarily for securely connecting remote users or sites to a network. Given the scenario of wanting to inspect traffic to a cluster of web servers, a WAF is the most suitable solution.

You guys are missing the point. CLUSTER of Web server. ensures higher availability, proper load balancing. if you think about security sure the answer is either WAF or CASB. but there is no mention about security or anything. inspecting traffic can also be to balance the load or other task. so with this I really believe this is more of a load balancer.

WAF focuses on securing web applications by monitoring and filtering web traffic to detect and block attacks such as XSS, SQL injection, and CSRF. On the other hand, CASB provides visibility, control, and threat protection for cloud applications and data, including data loss prevention (DLP), access controls, and threat detection.

Although "cloud environment" makes me choose A. CASB, the keyword "inspect traffic" makes me choose B. WAF

A Web Application Firewall (WAF) is designed to protect web applications from various types of attacks and can also be used to inspect and monitor traffic to the web servers. By deploying a WAF in front of the web servers, the engineer can analyze and filter incoming traffic, detect potential threats, and enforce security policies. A WAF can provide advanced logging and monitoring capabilities, allowing the engineer to analyze traffic patterns, identify malicious activity, and gain insights into the overall security of the web servers. It can also offer features like traffic filtering, intrusion detection, and prevention systems, and protection against common web application vulnerabilities.