A company has an application that uses Amazon API Gateway and AWS Lambda. The security team wants to block requests originating from specific countries and protect the API from SQL injection attacks. <br/><br/>How can this be achieved?

Answer options:

Configure Security Groups on the Lambda functions.

Attach an AWS WAF Web ACL to the API Gateway.

Use Amazon GuardDuty to block the requests.

Configure Network ACLs on the VPC where the API Gateway resides.

How to approach this question

Identify the service that provides Layer 7 protection (SQLi) and geo-blocking.

Full Answer

B.Attach an AWS WAF Web ACL to the API Gateway.✓ Correct

Attach an AWS WAF Web ACL to the API Gateway.

AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to an Amazon API Gateway API, Amazon CloudFront, or an Application Load Balancer. It can block traffic based on IP, geography, and malicious payloads like SQLi.

Common mistakes

Thinking Security Groups can block traffic by country.

Question 53 All questions Question 55

Practice the full AWS SAA-C03 Practice Exam 4

65 questions · hints · full answers · grading

More questions from this exam

Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team wants...Medium Q02An application running on Amazon EC2 instances needs to access an Amazon DynamoDB table. Both res...Easy Q03A company is designing a web application that will be hosted on AWS. The application will use an ...Medium Q04A company is building a mobile app that requires users to authenticate using their social media a...Hard Q05A solutions architect is designing a VPC for a three-tier web application. The database tier must...Medium

View all 65 questions →