AWS SAP-C02 · Question 27 · Domain 1.2: Security Controls
A company has a web application deployed on Amazon EC2 instances behind an Application Load Balancer (ALB). The application uses Amazon RDS for MySQL. The security team wants to implement a Web Application Firewall (WAF) to protect against SQL injection and cross-site scripting (XSS) attacks. They also want to block requests from specific countries. Where should the Architect deploy AWS WAF?
Answer options:
Attach AWS WAF directly to the Application Load Balancer (ALB).
Deploy AWS WAF on the EC2 instances using the AWS Systems Manager agent.
Attach AWS WAF to the Amazon RDS database to inspect incoming SQL queries.
Create a VPC Network Access Control List (NACL) to block the specific countries and use AWS Shield for SQL injection protection.
75 questions · hints · full answers · grading
Expert