Exam CLF-C01 All QuestionsBrowse all questions from this exam
Go to Exam
Question 120

A retail company has recently migrated its website to AWS. The company wants to ensure that it is protected from SQL injection attacks. The website uses an

Application Load Balancer to distribute traffic to multiple Amazon EC2 instances.

Which AWS service or feature can be used to create a custom rule that blocks SQL injection attacks?

    Correct Answer: B

    AWS WAF (Web Application Firewall) can create custom rules that inspect incoming requests and block any that match patterns or signatures associated with SQL injection attacks. By using AWS WAF, you can define conditions and actions for SQL injection detection and apply these rules at the Application Load Balancer level, providing protection for your web application across multiple Amazon EC2 instances.

Discussion
certifluxOption: B

"You can also use AWS WAF to block or allow requests based on conditions that you specify, such as the IP addresses that requests originate from or *****values in the requests*****." Values in the requests can match sql injections

kumaran1000001

A - instance level firewall B - yes C - subnet level firewall D - shields from DDOS

man5484Option: B

AWS WAF is a web application firewall that helps protect web applications from common web exploits and vulnerabilities, including SQL injection attacks. With AWS WAF, you can create custom rules that inspect incoming requests and block any requests that match specific patterns or signatures associated with SQL injection attacks. By configuring AWS WAF with custom rules, you can define conditions and actions to be taken when SQL injection attempts are detected. These rules can be applied at the Application Load Balancer level, allowing you to protect your web application across multiple Amazon EC2 instances behind the load balancer.

sumanshu

Vote for B https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-sqli-match.html

PatziOption: B

With AWS WAF, you can create security rules that control bot traffic and block common attack patterns such as SQL injection or cross-site scripting (XSS). https://aws.amazon.com/waf/

b3s1

AWS WAF - B

bilel500Option: B

Answer is B.

SudhakarDevops

Website protection - AWS Website Application Firewall (AWS WAF)

Rajababu_99

AWS WAF IS controlling Injection attacks in cloud ,with help of calling and taking common factors of Ip addresses and original forms of the requests in cloud .

Pranava_GCPOption: B

B. AWS WAF

ESAJRROption: B

B. AWS WAF

tamefi5512Option: B

https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-sqli-match.html

Saif93Option: B

B is the answer.

Istiaque

Sorry B.. aws WAF

Istiaque

Answer is A