Answer-first summary for fast verification
Answer: AWS WAF
## Explanation **AWS WAF (Web Application Firewall)** is the correct answer because: - **SQL Injection Protection**: AWS WAF provides specific rules and filters to detect and block SQL injection attacks, which are a common web application vulnerability - **Web Application Focus**: WAF is specifically designed to protect web applications from common exploits like SQL injection, cross-site scripting (XSS), and other OWASP Top 10 threats - **Managed Rules**: AWS WAF offers managed rule groups that include SQL injection protection rules **Why other options are incorrect:** - **AWS Shield**: Provides DDoS protection but does not specifically address SQL injection attacks - **Network ACLs**: Operate at the subnet level and control traffic based on IP addresses and ports, not application-level content - **Security Groups**: Act as virtual firewalls for EC2 instances at the instance level, controlling traffic based on protocols and ports, not application payload content AWS WAF inspects HTTP/HTTPS requests and can block malicious SQL code before it reaches your web applications.
Author: Ritesh Yadav
Ultimate access to all questions.
No comments yet.