The correct answer is A: Deploy AWS WAF with web ACLs in front of the ALB. AWS WAF (Web Application Firewall) is specifically designed to protect web applications from common web exploits, including SQL injection. By deploying AWS WAF and associating the appropriate web ACLs (Access Control Lists), you can effectively filter and monitor HTTP requests based on conditions that include IP addresses, HTTP headers, HTTP body, or custom URI strings. This targeted approach provides robust security measures to prevent SQL injection attacks. The other options (B, C, and D) do not offer comprehensive solutions specifically tuned for SQL injection prevention.