AWS Certified Cloud Practitioner — Question 638

An online retail company recently deployed a production web application. The system administrator needs to block common attack patterns such as SQL injection and cross-site scripting.

Which AWS service should the administrator use to address these concerns?

Answer options

• A. AWS WAF
• B. Amazon VPC
• C. Amazon GuardDuty
• D. Amazon CloudWatch

Correct answer: A

Explanation

AWS WAF protects web applications from common web exploits like SQL injection and cross-site scripting by letting you define customizable web security rules. Amazon VPC manages virtual networking isolation, Amazon GuardDuty provides continuous security monitoring and threat detection rather than active blocking, and Amazon CloudWatch is used for monitoring and logging performance metrics.