A security analyst is investigating an incident that appears to have started with SOL injection against a publicly available web application.
Which of the following is the FIRST step the analyst should take to prevent future attacks?
A . Modify the IDS rules to have a signature for SQL injection.
B . Take the server offline to prevent continued SQL injection attacks.
C . Create a WAF rule In block mode for SQL injection
D . Ask the developers to implement parameterized SQL queries.
Answer: A