A company uses Amazon API Gateway to manage its REST APIs that third-party service providers access. The company must protect the REST APIs from SQL injection and cross-site scripting attacks. What is the MOST operationally efficient solution that meets these requirements?
Choose an answer
Tap an option to check your answer.
Correct answer: Configure AWS WAF..
Why this is the answer
AWS WAF (Web Application Firewall) is the most operationally efficient solution because it directly protects web applications from common web exploits like SQL injection and cross-site scripting (XSS). It allows you to create custom rules to filter malicious traffic based on patterns in HTTP requests. AWS WAF can be directly integrated with Amazon API Gateway, providing immediate protection without additional infrastructure. AWS Shield provides DDoS protection but does not specifically protect against SQL injection or XSS attacks. While CloudFront can integrate with WAF, the question asks for the MOST operationally efficient solution. Directly integrating WAF with API Gateway is more efficient than introducing CloudFront as an intermediary if the primary goal is WAF protection for the API Gateway itself.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed