CompTIA Cloud+ (CV0-003) — Question 359

An SQL injection vulnerability was reported on a web application, and the cloud platform team needs to mitigate the vulnerability while it is corrected by the development team. Which of the following controls will BEST mitigate the risk of exploitation?

Answer options

• A. DLP
• B. HIDS
• C. NAC
• D. WAF

Correct answer: D

Explanation

A Web Application Firewall (WAF) is specifically designed to protect web applications by filtering and monitoring HTTP traffic, making it the best choice to mitigate SQL injection attacks. Data Loss Prevention (DLP), Host-based Intrusion Detection Systems (HIDS), and Network Access Control (NAC) do not provide the same level of protection against web application vulnerabilities.