A development team recently deployed a new version of a web application to production. After the release, penetration testing revealed a cross-site scripting vulnerability that could expose user data.
Which AWS service will mitigate this issue?
A . AWS Shield Standard
B . AWS WAF
C . Elastic Load Balancing
D . Amazon Cognito
Answer: B
Explanation:
AWS WAF (Web Application Firewall) helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF can mitigate cross-site scripting (XSS) vulnerabilities by filtering and monitoring HTTP requests based
on custom rules.
Create a Web ACL:
Navigate to the AWS WAF console.
Create a new Web ACL and associate it with your application.
Add Rules to Mitigate XSS:
Use AWS Managed Rules for common threats, including XSS. Create custom rules to inspect requests and block malicious scripts. Associate Web ACL with Resources:
Attach the Web ACL to your CloudFront distribution, API Gateway, or Application Load Balancer to filter incoming requests.
Reference: AWS WAF Developer Guide
AWS WAF Managed Rules
Latest SOA-C02 Dumps Valid Version with 54 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund