AWS Certified Cloud Practitioner (CLF-C02) — Question 696

A company needs to block SQL injection attacks.

Which AWS service or feature provides this functionality?

Answer options

• A. AWS WAF
• B. Network ACLs
• C. Security groups
• D. AWS Trusted Advisor

Correct answer: A

Explanation

AWS WAF is a web application firewall that monitors and filters HTTP/HTTPS traffic, allowing it to inspect application-layer payloads and block SQL injection attacks. Security groups and Network ACLs function at the network transport layers and cannot inspect application-level data. AWS Trusted Advisor provides recommendations for optimizing AWS infrastructure but does not offer active threat mitigation or firewall capabilities.