A company hosts a web application on an Application Load Balancer (ALB). They are experiencing SQL injection attacks and cross-site scripting (XSS) attempts. Which AWS service should be deployed to protect the application?

Answer options:

AWS Shield Advanced

AWS WAF

AWS Network Firewall

Amazon GuardDuty

How to approach this question

Match application-layer web exploits (SQLi, XSS) to the Web Application Firewall service.

Full Answer

B.AWS WAF✓ Correct

AWS WAF

AWS WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs. It has managed rule groups specifically for SQLi and XSS.

Common mistakes

Choosing Shield, which is for DDoS, not Layer 7 web exploits.

Question 04 All questions Question 06

Practice the full AWS SAA-C03 Practice Exam 5

65 questions · hints · full answers · grading

More questions from this exam

Q01A company needs to grant an external auditor read-only access to specific AWS resources. The audi...Easy Q02An application running on EC2 instances needs to access objects in an S3 bucket. The security tea...Medium Q03A company is designing a VPC for a multi-tier web application. They need to block specific malici...Medium Q04A large enterprise uses AWS Organizations to manage multiple accounts. The security team wants to...Hard Q06A financial company requires that all data stored in Amazon S3 is encrypted at rest using keys ma...Hard

View all 65 questions →