UrlScan is a security tool developed by Microsoft that helps filter incoming HTTP requests to an IIS (Internet Information Services) web server. It works like a Web Application Firewall (WAF) lite, and can:
Block suspicious URLs or patterns (like SQL keywords in queries)
Filter out dangerous input (e.g., SELECT, UNION, ' OR 1=1 --)
Protect against SQL Injection, directory traversal, and other HTTP-based attacks.
Not the other options:
A. Nmap A network scanning tool — used for port scanning and host discovery, not filtering web requests.
C. ZAP Proxy An intercepting proxy for finding vulnerabilities, including SQLi, but it’s used for testing, not filtering.
D. Hydra A tool used for brute-force attacks (e.g., password guessing), not web request filtering.
From chatgpt
Answer B Lab 3 Eradicating SQL Injection and XSS Incidents
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.312-39 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Berro_b
1 month, 1 week agoBerro_b
1 month, 1 week agoBLAD_KD
7 months, 2 weeks ago