CompTIA Security+ (SY0-701) — Question 608

An organization recently started hosting a new service that customers access through a web portal. A security engineer needs to add to the existing security devices a new solution to protect this new service. Which of the following is the engineer most likely to deploy?

Answer options

• A. Layer 4 firewall
• B. NGFW
• C. WAF
• D. UTM

Correct answer: C

Explanation

The correct answer is C, WAF (Web Application Firewall), as it is specifically designed to protect web applications by filtering and monitoring HTTP traffic. Options A (Layer 4 firewall) and B (NGFW) focus more on network-level security and do not provide the application-specific protections that a WAF offers. Option D (UTM) is a more general security device that may not provide the targeted protection needed for web applications.