Question20: You are working with an Analytics solution provider which have hosted a paid solution for the online analytics which can generate different charts etc. All the data submitted by website user is first saved in back MySQL database and then he can apply analytics on it. Somehow user imagined that you are using MySQL database and user is expert on this. He tries to do ..... You need to protect this kind of attack, which of the AWS solution you can use?
- You should keep your EC2 instances behind ELB
- You should keep your MYSQL DB instance in private subnet.
- Correct Answer
- You should use AWS Trusted Advisor
- You should monitor each request using Cloudwatch Monitor and if there is any SQL injection code than send notification to monitoring team, so they can disable access for this particular user and IP address.