Free Preparation Discussions
MENU
Oracle Exam 1Z0-1104-23 Topic 3 Question 22 Discussion
Topic #: 3
Challenge 4 - Task 3 of 6
Configure Web Application Firewall to Protect Web Server Against XSS Attack
Scenario
You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.
To ensure that the configured WAF blocks the XSS attack, run the following script:[http:// /index.html? ) To complete this deployment, you have to perform the following tasks in the environment provisioned for you: Configure a Virtual Cloud Network (VCN) Create a Compute Instance and install the Web Server Create a Load Balancer and update Security List Create a WAF policy Configure Protection Rules against XSS attacks Verify the created environment against XSS attacks Note:You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1. Complete the following task in the provisioned OCI environment: Go to the VCN IAD-WAF-PBT-VCN-01. Create a Security List with the name IAD-SP-PBT-LB-SL-01. Create a Public subnet named LB-Subnet-IAD-SP-PBT-SNET-02 and attach the above-created security list. Create a Load Balancer with the name IAD-SP-PBT-LB-01. Create a Listener Name with the name IAD_SP_PBT_LB_LISN_01. Add appropriate Ingress and Egress rules to IAD-SP-PBT-LB-SL-01, to allow http traffic to the Load Balancer subnet. SOLUTION: From the navigation menu, select Networking and then click Virtual Cloud Network. In the left navigation pane, under List Scope, select <your assigned compartment> from the drop-down menu. Click IAD-WAF-PBT-VCN-01 from the list of VCNs. In the left navigation pane, under Resources, click Security Lists. Click Create Security List. In the Create Security List dialogue box, enter the following:a) Name: IAD-SP-PBT-LB-SL-01 b) Do not add any ingress or egress rules. c) Click Create Security List. In the left navigation pane, under Resources, click Subnets. Click Create Subnet. In the Create Subnet dialogue box, enter the following:a) Name: LB-Subnet-IAD-SP-PBT-SNET-02 b) Create in Compartment: <your working compartment name> c) Subnet Type: Regional d) IPv4 CIDR Block: 10.0.4.0/24 e) Security List: From the drop-down menu, select the Security List you had created earlier, IAD-SP-PBT-LB-SL-01. Click Create Subnet. You now see that the subnet has been created successfully. Note:You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.
Carmela
11 months agoShizue
11 months agoIsaac
11 months agoCharlette
11 months agoShaniqua
9 months agoBeula
9 months agoJolene
9 months agoSarah
10 months agoLisha
10 months agoDeandrea
11 months agoKattie
11 months agoFiliberto
11 months agoDelsie
11 months agoTran
12 months agoParis
10 months agoAnnamae
10 months agoAmos
11 months agoYan
11 months agoBulah
12 months agoDanilo
12 months agoIluminada
12 months agoLeonora
11 months agoLatrice
11 months agoIsaac
12 months ago