Valid 1z0-1124-25 Dumps shared by ExamDiscuss.com for Helping Passing 1z0-1124-25 Exam! ExamDiscuss.com now offer the newest 1z0-1124-25 exam dumps, the ExamDiscuss.com 1z0-1124-25 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 1z0-1124-25 dumps with Test Engine here:
You are a cloud architect designing a multi-tiered application on OCI. One tier consists of publicly accessible web servers that must be protected from common web exploits. You plan to use OCI Network Firewall to achieve this. You need to configure the Network Firewall to detect and prevent SQL injection attacks against the web servers. Which Network Firewall feature is most suitable for this purpose?
Correct Answer: B
* Goal:Protect web servers from SQL injection using Network Firewall. * Firewall Features: * Stateful Inspection:Basic traffic tracking, limited exploit detection. * IDPS:Detects and prevents exploits via signatures. * URL Filtering:Blocks URLs, not payload-based attacks. * Geo-location:Blocks regions, not specific threats. * Evaluate Options: * A:Default IPS lacks SQL injection specificity; insufficient. * B:IDPS with custom signatures targets SQL injection; most suitable. * C:URL Filtering doesn't address SQL injection payloads; incorrect. * D:Geo-location is broad, not precise; ineffective. * Conclusion:IDPS with custom rules is the best feature. IDPS in OCI Network Firewall is designed for exploit prevention. The Oracle Networking Professional study guide explains, "The Intrusion Detection and Prevention System (IDPS) uses signatures to detect and block specific threats like SQL injection, with custom rule sets for tailored protection" (OCI Networking Documentation, Section: Network Firewall IDPS). This ensures precise defense against web exploits.
