New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca Cybersecurity-Audit-Certificate Exam - Topic 1 Question 45 Discussion

Actual exam question for Isaca's Cybersecurity-Audit-Certificate exam
Question #: 45
Topic #: 1
[All Cybersecurity-Audit-Certificate Questions]

Which type of firewall blocks many types of attacks, such as cross-site scripting (XSS) and structured query language (SQL) injection?

Show Suggested Answer Hide Answer
Suggested Answer: D

A web application firewall (WAF) is specifically designed to monitor, filter, and block HTTP traffic to and from a web application. It is different from other types of firewalls because it can filter the content of specific web applications. By inspecting HTTP traffic, a WAF can prevent attacks stemming from web application security flaws, such as SQL injection and cross-site scripting (XSS), file inclusion, and security misconfigurations.


by Miles at Aug 12, 2025, 05:33 AM

Limited Time Offer

25%

Off

Get Premium Cybersecurity-Audit-Certificate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Leatha
2 months ago
Really? I’m surprised it’s not A, I thought intrusion detection was more comprehensive.
upvoted 0 times
...
Lucy
2 months ago
No way, it’s gotta be D! XSS and SQL injection are their main targets.
upvoted 0 times
...
Tu
3 months ago
I disagree, host-based firewalls can’t handle those attacks effectively.
upvoted 0 times
...
Sena
3 months ago
I thought it was B, stateful inspection does a lot too.
upvoted 0 times
...
Pansy
3 months ago
Definitely D, web application firewalls are designed for that!
upvoted 0 times
...
Laquanda
3 months ago
I keep mixing up the types of firewalls, but I think host-based firewalls are more about protecting individual devices rather than blocking web attacks.
upvoted 0 times
...
Whitley
4 months ago
I feel like I've seen a similar question before, and I think it was about how web application firewalls are designed to filter and monitor HTTP traffic.
upvoted 0 times
...
Johnna
4 months ago
I'm not entirely sure, but I remember something about stateful inspection firewalls being more about tracking connections rather than blocking specific attacks.
upvoted 0 times
...
Hollis
4 months ago
I think the answer might be D, Web application firewall, since it specifically protects against things like XSS and SQL injection.
upvoted 0 times
...
Tammi
4 months ago
I'm a bit confused on this one. Is it asking about a specific firewall type or just general firewall capabilities? I'll have to carefully read through the answer choices to see which one best matches the question.
upvoted 0 times
...
Carol
4 months ago
Okay, I've got this. A web application firewall (WAF) is designed to protect against attacks like XSS and SQL injection. That's got to be the right answer here.
upvoted 0 times
...
Kate
4 months ago
Hmm, this is a tricky one. I know firewalls can have different security features, but I'm not sure which one is best for blocking XSS and SQL injection. I'll have to review my notes on firewall types.
upvoted 0 times
...
Alayna
5 months ago
I think this is asking about a specific type of firewall that can protect against common web-based attacks. I'll need to think through the different firewall types and their capabilities.
upvoted 0 times
...

Save Cancel