Firewalls sound like "blocking devices," but WAF (Web Application Firewall)''s essence is a "policy evaluation engine inspecting HTTP requests to decide pass/block/count/CAPTCHA." Network firewalls (Security Group, NACL) operate at layer 4 (IP, port, protocol); AWS WAF operates at layer 7, inspecting HTTP headers, body, URI, query strings, methods, cookies. The exam''s key is precisely understanding the decision model: "which request, in which priority, with which action."
AWS WAF (WAFv2) attaches to CloudFront, Application Load Balancer, API Gateway, AppSync GraphQL, Cognito User Pool, App Runner, Verified Access