🔥 3-day streak
AWS Certified Security - Specialty183 / 184
Question 183 of 184
A company deploys AWS WAF on an Application Load Balancer using the AWS Managed Rules 'SQLi Database' rule group. After enabling it in block mode, legitimate users report that some form submissions containing valid text (such as product descriptions with SQL-like keywords) are being blocked with HTTP 403 responses. The security team must reduce these false positives while retaining protection against genuine SQL injection attacks. What is the MOST appropriate approach?
Reviewed for accuracy · Report an issueNext question