Home › AWS Cloud Practitioner › cloudcomputing › securitycompliance › A team wants to block common web exploits like S…
A team wants to block common web exploits like SQL injection and cross-site scripting at the edge before requests reach their Application Load Balancer. Which service should they use?
AAmazon CloudWatch Synthetics
BAmazon Inspector
CAWS WAF (Web Application Firewall)
DAWS Direct Connect
Answer & Solution
Correct answer: C. AWS WAF (Web Application Firewall)
AWS WAF inspects HTTP/HTTPS requests and blocks or allows them based on rules (SQLi, XSS, IP reputation, rate limits) before they reach CloudFront, ALB, or API Gateway. Inspector is for EC2 / container vulnerability assessment, not request filtering.
Related questions
AWS IAM Identity Center (formerly AWS SSO) primarily lets you:Which combination correctly describes encryption in transit versus encryption at rest?An organization wants to detect threats like unusual API calls, compromised EC2 instances,For Amazon RDS, which of the following best describes the shared responsibility split?What is the difference between an IAM user and an IAM role?The principle of least privilege, as applied via IAM, recommends that you:Which AWS service logs all API calls made against the AWS account, so administrators can aWhich task can ONLY be performed by the AWS account root user, and not by any IAM user eve