A company is designing a serverless application using Amazon API Gateway and AWS Lambda. They need to protect the API from SQL injection and cross-site scripting (XSS) attacks. Which solution requires the LEAST operational overhead?

Answer options:

Implement input validation logic within the Lambda function code.

Deploy AWS WAF and associate a Web ACL with the API Gateway.

Use Amazon GuardDuty to detect and block malicious requests.

Place the API Gateway behind an Application Load Balancer and configure security groups.

How to approach this question

Identify the AWS service for Layer 7 web application protection.

Full Answer

B.Deploy AWS WAF and associate a Web ACL with the API Gateway.✓ Correct

Deploy AWS WAF and associate a Web ACL with the API Gateway.

AWS WAF is a web application firewall that helps protect web applications or APIs against common web exploits like SQL injection and XSS. It integrates directly with API Gateway.

Common mistakes

Relying on custom code validation instead of a managed WAF.

Question 38 All questions Question 40

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 2

75 questions · hints · full answers · grading

More questions from this exam

Q01A company is setting up a multi-account AWS environment using AWS Organizations. They need to ens...Easy Q02An enterprise needs to connect its on-premises data center to AWS. They require a dedicated, priv...Easy Q03A company wants to share a single AWS Transit Gateway across multiple AWS accounts within their A...Easy Q04An architect needs to design a highly available database architecture that spans multiple AWS Reg...Easy Q05A global financial institution is migrating its core banking application to AWS. The application ...Medium

View all 75 questions →