AWS Certified Cloud Practitioner — Question 952

Which AWS service contains built-in engines to protect web applications that run in the cloud from SQL injection attacks and cross-site scripting?

Answer options

• A. AWS WAF
• B. AWS Shield Advanced
• C. Amazon GuardDuty
• D. Amazon Detective

Correct answer: A

Explanation

AWS WAF (Web Application Firewall) is specifically designed to protect web applications from common web exploits like SQL injection and cross-site scripting by filtering traffic based on custom rules. AWS Shield Advanced is primarily focused on DDoS protection, while Amazon GuardDuty acts as a threat detection service and Amazon Detective is used for investigating security issues.