ExpertMedium1 markMultiple Choice
AWS SAA-C03 · Question 05 · Domain 1.2: Secure Workloads
A company hosts a web application on an Application Load Balancer (ALB). They are experiencing SQL injection attacks and cross-site scripting (XSS) attempts. Which AWS service should be deployed to protect the application?
A company hosts a web application on an Application Load Balancer (ALB). They are experiencing SQL injection attacks and cross-site scripting (XSS) attempts. Which AWS service should be deployed to protect the application?
Answer options:
A.
AWS Shield Advanced
B.
AWS WAF
C.
AWS Network Firewall
D.
Amazon GuardDuty
How to approach this question
Match application-layer web exploits (SQLi, XSS) to the Web Application Firewall service.
Full Answer
B.AWS WAF✓ Correct
AWS WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs. It has managed rule groups specifically for SQLi and XSS.
Common mistakes
Choosing Shield, which is for DDoS, not Layer 7 web exploits.
Practice the full AWS SAA-C03 Practice Exam 5
65 questions · hints · full answers · grading
More questions from this exam
Q01A company needs to grant an external auditor read-only access to specific AWS resources. The audi...EasyQ02An application running on EC2 instances needs to access objects in an S3 bucket. The security tea...MediumQ03A company is designing a VPC for a multi-tier web application. They need to block specific malici...MediumQ04A large enterprise uses AWS Organizations to manage multiple accounts. The security team wants to...HardQ06A financial company requires that all data stored in Amazon S3 is encrypted at rest using keys ma...Hard