CompTIA CASP+ (CAS-003) — Question 332

A cybersecurity analyst receives a ticket that indicates a potential incident is occurring. There has been a large increase in log files generated by a website containing a `Contact Us` form. The analyst must determine if the increase in website traffic is due to a recent marketing campaign or if this is a potential incident.
Which of the following would BEST assist the analyst?

Answer options

• A. Ensuring proper input validation is configured on the ג€Contact Usג€ form
• B. Deploying a WAF in front of the public website
• C. Checking for new rules from the inbound network IPS vendor
• D. Running the website log files through a log reduction and analysis tool

Correct answer: B

Explanation

Implementing a WAF (Web Application Firewall) is the best option because it can help protect the website from potential attacks and mitigate any risks associated with increased traffic. While input validation is important, it does not directly address the immediate concern of monitoring traffic patterns. Checking for new IPS rules or analyzing log files may provide insights but won't proactively defend against a potential incident.