which type of attack?

A proxy firewall protects against which type of attack?

A proxy firewall protects against which type of attack?

A.
cross-site scripting attack

B.
DDoS attacks

C.
port scanning

D.
Worm traffic

Explanation:
Brad
Answer- A
Confidence level: 100%
Note: There has been some debate on this question recently. If you google “proxy protection DDoS”, you will
find a number of results. However, if you read more carefully you will see that the majority of these refer toproxy servers, not firewalls.
One of the biggest threats from XSS is injection attacks (SQL injection/buffer overflow), and this is one of the
types of attacks that proxy firewalls are designed to protect against.
BD
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS
enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting
vulnerability may be used by attackers to bypass access controls such as the same-origin policy. Cross-site
scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by
Symantec as of 2007.
Source: https://en.wikipedia.org/wiki/Cross-site_scripting
A proxy firewall is a network security system that protects network resources by filtering messages at the
application layer. A proxy firewall may also be called an application firewall or gateway firewall. Proxy firewalls
are considered to be the most secure type of firewall because they prevent direct network contact with other
systems.
Source: http://searchsecurity.techtarget.com/definition/proxy-firewall



Leave a Reply 1

Your email address will not be published. Required fields are marked *


Michael

Michael

A is correct. Cisco has a product called ACE

The Cisco ACE Web Application Firewall is also a full proxy security solution that provides deep message-level inspections for both request and response traffic.
It secures and protects Web applications from common attacks, such as identity theft, data theft, application disruption, fraud and targeted attacks. These attacks may include cross-site scripting (XSS) attacks, SQL and command injection, privilege escalation, cross-site request forgeries (CSRF), buffer overflows, cookie tampering, and Denial of Service (DoS) attacks.
Quoted from the link below

http://www.cisco.com/c/en/us/products/collateral/application-networking-services/ace-web-application-firewall/data_sheet_c78-458627.html