Oracle Cloud Infrastructure 2021 Multicloud Architect Associate — Question 6
You have a web application running on Oracle Cloud Infrastructure (OCI) that lets users log in with a username and password. You notice that an attacker has tried to use SQL comment `--" to alter the database query, remove the password check and log in as a user. You decide to prevent any future attacks.
Which of the following OCI services or features would you choose to safeguard your application? (Choose the best answer.)
Answer options
- A. Network Security Group
- B. Data Safe
- C. Web Application Framework (WAF)
- D. Vault
Correct answer: C
Explanation
The correct answer is C, Web Application Framework (WAF), as it is specifically designed to protect web applications from various attacks, including SQL injection. Options A (Network Security Group) and D (Vault) do not address application-level threats, while B (Data Safe) focuses on database security but is not primarily for protecting web applications from SQL injection attacks.