Valid CNX-001 Dumps shared by EduDump.com for Helping Passing CNX-001 Exam! EduDump.com now offer the newest CNX-001 exam dumps, the EduDump.com CNX-001 exam questions have been updated and answers have been corrected get the newest EduDump.com CNX-001 dumps with Test Engine here:
A company hosts a cloud-based e-commerce application and only wants the application accessed from certain locations. The network team configures a cloud firewall with WAF enabled, but users can access the application globally. Which of the following should the network team do?
Correct Answer: D
Comprehensive and Detailed Explanation From Exact Extract: A Web Application Firewall (WAF) is primarily used for inspecting HTTP/HTTPS requests and filtering out malicious traffic, such as SQL injection or cross-site scripting (XSS) attacks. However, WAFs do not restrict access based on geographical location by default. To control access to the cloud-hosted application based on geographical location, the correct measure is to implement geo-restriction (geo-blocking). This technique limits access to cloud-based resources by using the source IP's geographical origin. Geo-restriction is typically enforced at the cloud firewall or load balancer level. Relevant Extract from CompTIA CloudNetX CNX-001 Official Objectives: "Cloud access control policies can enforce geo-restriction settings, ensuring applications and services are only accessible from authorized geographic regions." Also found under "Security Controls in Cloud Deployments" section: "Geo-restriction uses IP geolocation data to restrict access to services based on geographic criteria, supporting compliance and security requirements."
