Exam AWS Certified Cloud Practitioner CLF-C02 topic 1 question 35 discussion

Confusion will come to choose between WAF or Shield. but all common web attack patterns (XSS, SQL Injection, etc...) dealt by WAF, special cases which can't be handled by WAF - will be handled by Shield primarily DDoS

A: AWS WAF allows you to create custom rules to block SQL injection attempts. Create a WebACL: Go to AWS WAF dashboard and create a new WebACL. Add a Rule: Inside the WebACL, add a new rule. SQLi Filter: Choose the rule type to look for SQLi patterns. AWS WAF has built-in SQLi filters. Attach Resources: Attach the WebACL to a resource, such as an Application Load Balancer, Amazon CloudFront distribution, or an API Gateway. Deploy: Save and deploy the WebACL.

WS WAF (Web Application Firewall) helps protect web applications from common web exploits, including SQL injection attacks and cross-site scripting (XSS). You can create rules to block malicious requests before they reach your application.

A. AWS WAF

A. AWS WAF

a is correct

A AWS WAF allows you to create custom rules to block SQL injection attempts.

A = Confuse between WAF and Shield, note that Shield is primarily for DDoS so WAF is the likely the answer

A: AWS WAF allows you to create custom rules to block SQL injection attempts. Create a WebACL: Go to AWS WAF dashboard and create a new WebACL. Add a Rule: Inside the WebACL, add a new rule. SQLi Filter: Choose the rule type to look for SQLi patterns. AWS WAF has built-in SQLi filters.

A. AWS WAF (Web Application Firewall): A web application firewall that allows users to create custom rules to filter and monitor HTTP or HTTPS requests to a web application. It helps protect against common web exploits, including SQL injection attacks, by allowing the blocking or rate-limiting of malicious requests. B. AWS Shield: A managed Distributed Denial of Service (DDoS) protection service. While it helps protect against DDoS attacks, it is not specifically designed for blocking SQL injection attacks. C. Network ACLs (Access Control Lists): Are used to control traffic at the subnet level. While they provide some control over inbound and outbound traffic, they operate at the network layer (Layer 3) and are not designed for deep inspection of application layer attacks like SQL injection. D. Security groups: Operate at the instance level and are stateful firewalls that control inbound and outbound traffic. While they provide network-level security, they are not designed to specifically block SQL injection attacks.

A. AWS WAF (Web Application Firewall) AWS WAF is a web application firewall service that helps protect web applications from common web exploits, such as SQL injection attacks. It allows you to create rules to filter and monitor HTTP and HTTPS traffic to your web applications. With AWS WAF, you can block requests that match known attack patterns and prevent SQL injection attacks, cross-site scripting (XSS), and other malicious activities.

Answer A is Correct.

Answer A is Correct.

The answer is A. AWS WAF helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources. https://aws.amazon.com/waf/