A retail company has recently migrated its website to AWS.The company wants to ensure that it is protected from SQL injection attacks.The website uses an Application Load Balancer to distribute traffic to multiple Amazon EC2 instances.
Which AWS service or feature can be used to create a custom rule that blocks SQL injection attacks?
Security groups
AWS WAF
Network ACLs
AWS Shield
Explanations:
Security groups control inbound and outbound traffic for EC2 instances but do not provide specific protections against SQL injection.
AWS WAF (Web Application Firewall) allows you to create custom rules to block specific types of attacks, including SQL injection.
Network ACLs are used for controlling traffic at the subnet level and do not have capabilities for web application layer protection.
AWS Shield provides DDoS protection but does not specifically address SQL injection vulnerabilities or allow for custom rule creation.
I calculate that the answer is:
AWS WAF