Which of the following will help protect a Web application infrastructure from Web attacks like SQL Injection?

A Web application firewall (WAF) is specifically designed to protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It can effectively identify and mitigate threats such as SQL Injection, which occurs when attackers insert malicious SQL queries through input fields to manipulate databases.

WAFs work by examining incoming requests and applying rules to detect and block harmful SQL queries or patterns before they reach the web application's backend. This preventive measure is particularly crucial for safeguarding sensitive data and maintaining the integrity of web applications.

In contrast, while other security measures like network firewalls and intrusion detection systems play important roles in overall network security, they are not specifically tailored to identify or block web application-specific threats like SQL Injection. Network firewalls focus on broader traffic control and boundary protection, whereas intrusion detection systems are typically reactive, alerting on potential threats rather than directly blocking them at the application layer. Anti-virus software, on the other hand, is primarily aimed at protecting against malware and might not address web-specific vulnerabilities effectively. Therefore, a Web application firewall is the most appropriate tool for defending against SQL Injection attacks.