Answer: Create an AWS WAF web ACL that includes rules to block SQL injection attacks., Replace the NLB with an Application Load Balancer., Associate the AWS WAF web ACL with the Application Load Balancer.

To prevent SQL injection attacks on the application, the following steps should be taken: First, create an AWS WAF web ACL that includes rules to block SQL injection attacks (Option A). This will help in filtering out malicious SQL queries. Second, replace the Network Load Balancer (NLB) with an Application Load Balancer (ALB) (Option C). ALB supports AWS WAF, which NLB does not, making it necessary for the integration of AWS WAF for web application protection. Third, associate the AWS WAF web ACL with the Application Load Balancer (Option E). This association will enable the ALB to use the AWS WAF rules to inspect and block SQL injection attempts. Options B, D, and F are not directly related to the immediate requirement of preventing SQL injection attacks in the described scenario. Creating an Amazon CloudFront distribution (Option B) and associating the AWS WAF web ACL with it (Option F) could be part of a broader security strategy but are not necessary for the specific requirement of preventing SQL injection attacks on the internal application. Associating the AWS WAF web ACL with the NLB (Option D) is not possible because NLB does not support AWS WAF.

Author: LeetQuiz Editorial Team