AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company needs to block SQL injection attacks. Which AWS service or feature can meet this requirement?
Real Exam
Community
RRitesh
A
AWS WAF
B
AWS Shield
C
Network ACLs
D
Security groups
Explanation:
Explanation
AWS WAF (Web Application Firewall) is the correct answer because:
-
SQL Injection Protection: AWS WAF provides specific rules and filters to detect and block SQL injection attacks, which are a common web application vulnerability
-
Web Application Focus: WAF is specifically designed to protect web applications from common exploits like SQL injection, cross-site scripting (XSS), and other OWASP Top 10 threats
-
Managed Rules: AWS WAF offers managed rule groups that include SQL injection protection rules
Why other options are incorrect:
-
AWS Shield: Provides DDoS protection but does not specifically address SQL injection attacks
-
Network ACLs: Operate at the subnet level and control traffic based on IP addresses and ports, not application-level content
-
Security Groups: Act as virtual firewalls for EC2 instances at the instance level, controlling traffic based on protocols and ports, not application payload content
AWS WAF inspects HTTP/HTTPS requests and can block malicious SQL code before it reaches your web applications.
Comments
Loading comments...