ExpertEasy1 markMultiple Choice
AWS SAA-C03 · Question 03 · Domain 1.2: Secure Workloads
A company hosts a web application on Amazon EC2 instances behind an Application Load Balancer (ALB). The application is experiencing SQL injection attacks. Which AWS service should a solutions architect use to block these attacks?
A company hosts a web application on Amazon EC2 instances behind an Application Load Balancer (ALB). The application is experiencing SQL injection attacks. Which AWS service should a solutions architect use to block these attacks?
Answer options:
A.
AWS Shield Standard
B.
AWS WAF
C.
Amazon GuardDuty
D.
Network Access Control Lists (NACLs)
How to approach this question
Identify the attack type (Layer 7 web exploit). AWS WAF is designed specifically for this.
Full Answer
B.AWS WAF✓ Correct
AWS WAF
AWS WAF can be attached to an ALB to filter web traffic based on rules you define, including managed rule groups that specifically block SQL injection (SQLi) and cross-site scripting (XSS).
Common mistakes
Confusing AWS Shield (DDoS) with AWS WAF (Web exploits).
Practice the full AWS SAA-C03 Practice Exam 3
65 questions · hints · full answers · grading
More questions from this exam
Q01A company stores sensitive documents in an Amazon S3 bucket. The security team requires that only...EasyQ02A large enterprise uses AWS Organizations to manage multiple accounts. The security team wants to...MediumQ04A company wants to continuously monitor its AWS accounts for malicious activity and unauthorized ...MediumQ05A company needs to encrypt data at rest in Amazon RDS and manage database credentials securely. T...MediumQ06An application running on Amazon EC2 needs to access an Amazon DynamoDB table. What is the MOST s...Easy