1. Create a new query group called "White List" and configure it for the appropriate database and proxy. 2. Create a new IPS/IDS rule to block SQL injections and log intrusion events for the database. 3. Create a new database firewall rule that uses the "White List" query group and allows those queries to access the database.