SOA-C02 · Question #708
SOA-C02 Question #708: Real Exam Question with Answer & Explanation
The correct answer is D: Deploy AWS WAF in front of the ALB. Subscribe to an AWS managed rule for SQL injection. Place AWS WAF in front of the ALB and enable the AWS managed SQL injection rule group. WAF inspects incoming requests at layer 7 and blocks SQLi patterns before they reach your targets, meeting the protection requirement without changes to the instances.
Question
A company deploys an application on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB). The company wants to protect the application from SQL injection attacks. Which solution will meet this requirement?
Options
- ADeploy AWS Shield Advanced in front of the ALB. Enable SQL injection filtering.
- BDeploy AWS Shield Standard in front of the ALB. Enable SQL injection filtering.
- CDeploy a vulnerability scanner on each EC2 instance. Continuously scan the application code.
- DDeploy AWS WAF in front of the ALB. Subscribe to an AWS managed rule for SQL injection
Explanation
Place AWS WAF in front of the ALB and enable the AWS managed SQL injection rule group. WAF inspects incoming requests at layer 7 and blocks SQLi patterns before they reach your targets, meeting the protection requirement without changes to the instances.
Community Discussion
No community discussion yet for this question.