In this part, suppose that you are hired as a security consultant for a corporate (XYZ.COM). The Security Operations Center (SOC) belonging to the company is hosted on-premises and consists of the below existing elements:

• SRV-1: SIEM Server
• SRV-2: Vulnerability Assessment Server
• FW-IPS1: Network Security devices
• Anti-Virus Agents: Endpoint protection agents
• SYSLOG Agents: Logging agents installed on Servers

As a security consultant, you should propose convenient configuration and SOC design. Answer the following:

1. XYZ.COM is trying to protect a very important front-end application published to the Internet linked to a critical Database server at the back-end. Provide two solutions to protect the public web application from SQL injection attempts based on the web form. (2 marks)