How should the team construct the CNAF policy to protect against this attack?
The development team wants to block Cross Site Scripting attacks from pods in its environment.
How should the team construct the CNAF policy to protect against this attack?
A . create a Host CNAF policy, targeted at a specific resource, check the box for XSS attack protection, and set the action to “prevent”.
B . create a Container CNAF policy, targeted at a specific resource, check the box for XSS attack protection, and set the action to alert.
C . create a Container CNAF policy, targeted at a specific resource, check the box for XSS protection, and set the action to prevent.
D . create a Container CNAF policy, targeted at a specific resource, and they should set “Explicitly allowed inbound IP sources” to the IP address of the pod.
Answer: C
Explanation:
To protect pods in an environment from Cross-Site Scripting (XSS) attacks, the development team should create a Container Cloud Native Application Firewall (CNAF) policy. This policy should be targeted at the specific resource (e.g., a particular pod or set of pods), with the option for XSS protection checked, and the action set to "prevent." This configuration ensures that any XSS attacks directed at the targeted containers are effectively blocked.
Latest PCCSE Dumps Valid Version with 85 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund