A media company hosts its website on AWS. The website application’s architecture includes a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB) and a database that is hosted on Amazon Aurora. The company’s cybersecurity team reports that the application is vulnerable to SQL injection. How should the company resolve this issue?
AUse AWS WAF in front of the ALB. Associate the appropriate web ACLs with AWS WAF.
BCreate an ALB listener rule to reply to SQL injections with a fixed response.
CSubscribe to AWS Shield Advanced to block all SQL injection attempts automatically.
DSet up Amazon Inspector to block all SQL injection attempts automatically.