Topic 1 Question 210
3 つ選択A company has an internal web-based application that employees use. The company hosts the application over a VPN in the company’s on-premises network. The application runs on a fleet of Amazon EC2 instances in a private subnet behind a Network Load Balancer (NLB) in the same subnet. The instances are in an Amazon EC2 Auto Scaling group.
During a recent security incident, SQL injection occurred on the application. A network engineer must implement a solution to prevent SQL injection attacks in the future.
Which combination of steps will meet these requirements?
Create an AWS WAF web ACL that includes rules to block SQL injection attacks.
Create an Amazon CloudFront distribution. Specify the EC2 instances as the origin.
Replace the NLB with an Application Load Balancer.
Associate the AWS WAF web ACL with the NLB.
Associate the AWS WAF web ACL with the Application Load Balancer.
Associate the AWS WAF web ACL with the Amazon CloudFront distribution.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: ACE
AWS WAF (Web Application Firewall) can help protect your application from common web exploits, including SQL injection. By creating a web ACL (Access Control List) with rules specifically designed to detect and block SQL injection attempts, you can add a layer of protection to your application.
AWS WAF can only be associated with an Application Load Balancer (ALB), not a Network Load Balancer (NLB). Replacing the NLB with an ALB is necessary to enable WAF protection for your web application.
Once the ALB is in place, you can associate the AWS WAF web ACL with the ALB. This ensures that incoming traffic is inspected by the WAF rules, providing protection against SQL injection attacks.
👍 3Cacheirez2024/08/13 - 正解だと思う選択肢: ACE
NLB is a Layer 3/4 component WAF is a Layer 7 protection component WAF is not capable of acting on the content of not terminated TLS session (encrypted data)
WAF is only available for ALB. So, consider changing NLB to ALB and use WAF with ALB
👍 3AlohaEva2024/09/01 Answer is ACE
👍 1aragon_saa2024/08/13
シャッフルモード