CompTIA SecurityX (CAS-005) — Question 150

A company wants to protect a web-based application against application-layer attacks by monitoring the inputs, outputs, and internal state of the application. The solution must also rapidly integrate with different programming languages. Which of the following technologies is most likely to meet this need?

Answer options

• A. RASP
• B. Cloud-based IDE
• C. DAST
• D. NIPS

Correct answer: A

Explanation

RASP (Runtime Application Self-Protection) is designed to secure applications by monitoring their behavior in real time, making it suitable for protecting against application-layer attacks. Cloud-based IDEs, DAST (Dynamic Application Security Testing), and NIPS (Network Intrusion Prevention Systems) do not provide the same level of integration and real-time monitoring for application inputs and state as RASP does.