You want to protect your web app from SQL injection and block requests from a list of suspicious IPs. Which AWS WAF setup is best?

hard📝 Best Practice Q15 of 15

AWS - Advanced Security

ACreate a Web ACL with a managed SQL injection rule group and a custom IP set rule to block suspicious IPs

BUse only an IP set rule to block suspicious IPs, ignoring SQL injection

CCreate a Lambda function to inspect requests and block SQL injection

DEnable AWS Shield Advanced to block SQL injection and IPs

Step-by-Step Solution

Solution:

Step 1: Identify protection needs
You need to block SQL injection attacks and block suspicious IP addresses.
Step 2: Choose AWS WAF features
AWS WAF provides managed rule groups for SQL injection and supports IP set rules for blocking IPs.
Step 3: Evaluate options
Create a Web ACL with a managed SQL injection rule group and a custom IP set rule to block suspicious IPs combines managed SQL injection rules and custom IP set blocking, which is best practice. Options B, C, and D do not fully meet requirements or use incorrect services.
Final Answer:
Create a Web ACL with a managed SQL injection rule group and a custom IP set rule to block suspicious IPs -> Option A
Quick Check:
Managed rules + IP sets = full protection [OK]

Quick Trick: Combine managed rules with IP sets for layered protection [OK]

Common Mistakes:

Master "Advanced Security" in AWS

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More AWS Quizzes