Which type of attack can a firewall NOT prevent?
Which type of attack can a firewall NOT prevent?
Firewalls are designed to filter traffic based on predefined security rules and can effectively prevent attacks such as Buffer Overflow, SYN Flood, and SQL Injection by blocking malicious packets and traffic patterns. However, firewalls cannot prevent Network Bandwidth Saturation, which occurs when an excessive amount of traffic consumes all available bandwidth, leading to network congestion. This type of attack, often associated with Distributed Denial of Service (DDoS), requires different mitigation strategies such as traffic rate limiting, DDoS protection services, and increased bandwidth capacity.
anyone can confirm this? i found noting for this in any documenation from the ccsa training. Seems weird to me that they would ask questions to topics which are not in the dokumentation
seems like logic answer, meaning that you cannot defend against DDoS attacks with firewall if the DDoS overutilize your uplink, others are signature attacks againt which you can defend using IPS
SQL injection, a common firwall is not able to prevent that kind of attacks, it's necessary a WAF
Answer D is correct [Network Bandwidth Saturation] as this is a common issue/phonomena in poorly designed networks. it's not an attack. the question clearly states "attack"