Which statement is TRUE regarding network firewalls preventing Web Application attacks?
Which statement is TRUE regarding network firewalls preventing Web Application attacks?
Network firewalls, often operating at the network or transport layer, primarily filter traffic based on protocol, port, and IP address. However, since web applications typically use HTTP and HTTPS protocols over ports 80 and 443, which must remain open for the applications to function, network firewalls cannot inherently distinguish between malicious and legitimate web traffic. Therefore, network firewalls alone cannot effectively prevent web application attacks, as these attacks often involve legitimate requests that exploit vulnerabilities in the application itself, necessitating more specialized security measures such as Web Application Firewalls (WAFs) to offer adequate protection.
Answer B Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established rule set. To prevent Web Application attacks an Application layer firewall would be required.
Agree B !!!
Agree B !!!