Your company hosts multiple web applications in AWS EC2 and the AWS WAF service is used to protect the applications against the attacks in the HTTP(S) layer 7. To meet the company`s security policies, you need to ensure that the same protection rules are applied for all the WAF ACLs. Which of the following would help to achieve this requirement?

Answer options:

A.Purchase managed rule groups in AWS Marketplace and configure all WAF ACLs to use the rule groups.
B.Create custom rule groups in AWS WAF and configure all WAF ACLs to use the rule groups.
C.Create a WAF template that contains the required rules. Use the template for the WAF ACLs.
D.Create the WAF conditions that include the required rules. Apply the conditions in all the WAF ACLs.

Answer - B
Option A is incorrect because there is no need to purchase rules in AWS Marketplace. This is not a cost-efficient method.
Option B is CORRECT because rule groups in AWS WAF can be created with the required conditions that are used for all the WAF ACLs.
Option C is incorrect because AWS WAF does not have the concept of the template. Rule groups should be used in this scenario.
Option D is incorrect because WAF rule groups should be created with the required conditions. For any WAF ACL, you can apply the rule groups.