Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 340 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 340
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A media company hosts its website on AWS. The website application’s architecture includes a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB) and a database that is hosted on Amazon Aurora. The company’s cybersecurity team reports that the application is vulnerable to SQL injection.

How should the company resolve this issue?

  • A. Use AWS WAF in front of the ALB. Associate the appropriate web ACLs with AWS WAF.
  • B. Create an ALB listener rule to reply to SQL injections with a fixed response.
  • C. Subscribe to AWS Shield Advanced to block all SQL injection attempts automatically.
  • D. Set up Amazon Inspector to block all SQL injection attempts automatically.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Bhawesh at Feb. 17, 2023, 9 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Bhawesh
Highly Voted 1 year, 9 months ago
Selected Answer: A
A. Use AWS WAF in front of the ALB. Associate the appropriate web ACLs with AWS WAF. SQL Injection - AWS WAF DDoS - AWS Shield
upvoted 23 times
...
jennyka76
Highly Voted 1 year, 9 months ago
Answer - A https://aws.amazon.com/premiumsupport/knowledge-center/waf-block-common-attacks/#:~:text=To%20protect%20your%20applications%20against,%2C%20query%20string%2C%20or%20URI. ----------------------------------------------------------------------------------------------------------------------- Protect against SQL injection and cross-site scripting To protect your applications against SQL injection and cross-site scripting (XSS) attacks, use the built-in SQL injection and cross-site scripting engines. Remember that attacks can be performed on different parts of the HTTP request, such as the HTTP header, query string, or URI. Configure the AWS WAF rules to inspect different parts of the HTTP request against the built-in mitigation engines.
upvoted 8 times
...
wsdasdasdqwdaw
Most Recent 1 year, 1 month ago
AWS WAF - for SQL Injection ---> A AWS Shield - for DDOS Amazon Inspector - for automated security assessment, like known vulnerability
upvoted 3 times
...
Guru4Cloud
1 year, 2 months ago
Selected Answer: A
° Use AWS WAF in front of the Application Load Balancer ° Configure appropriate WAF web ACLs to detect and block SQL injection patterns The key points: ° Website hosted on EC2 behind an ALB with Aurora database ° Application is vulnerable to SQL injection attacks ° AWS WAF is designed to detect and block SQL injection and other common web exploits. It can be placed in front of the ALB to inspect all incoming requests. WAF rules can identify malicious SQL patterns and block them.
upvoted 2 times
...
KMohsoe
1 year, 6 months ago
Selected Answer: A
SQL injection -> WAF
upvoted 2 times
...
lexotan
1 year, 7 months ago
Selected Answer: A
WAF is the right one
upvoted 2 times
...
akram_akram
1 year, 7 months ago
Selected Answer: A
SQL Injection - AWS WAF DDoS - AWS Shield
upvoted 2 times
...
movva12
1 year, 8 months ago
Answer C - Shield Advanced (WAF + Firewall Manager)
upvoted 1 times
...
fkie4
1 year, 8 months ago
Selected Answer: A
It is A. I am happy to see Amazon gives out score like this...
upvoted 2 times
...
LuckyAro
1 year, 9 months ago
Selected Answer: A
AWS WAF is a managed service that protects web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF enables customers to create custom rules that block common attack patterns, such as SQL injection attacks. By using AWS WAF in front of the ALB and associating the appropriate web ACLs with AWS WAF, the company can protect its website application from SQL injection attacks. AWS WAF will inspect incoming traffic to the website application and block requests that match the defined SQL injection patterns in the web ACLs. This will help to prevent SQL injection attacks from reaching the application, thereby improving the overall security posture of the application.
upvoted 3 times
LuckyAro
1 year, 9 months ago
B, C, and D are not the best solutions for this issue. Replying to SQL injections with a fixed response (B) is not a recommended approach as it does not actually fix the vulnerability, but only masks the issue. Subscribing to AWS Shield Advanced (C) is useful to protect against DDoS attacks but does not protect against SQL injection vulnerabilities. Amazon Inspector (D) is a vulnerability assessment tool and can identify vulnerabilities but cannot block attacks in real-time.
upvoted 3 times
...
...
pbpally
1 year, 9 months ago
Selected Answer: A
Bhawesh answers it perfect so I'm avoiding redundancy but agree on it being A.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel