CompTIA SecurityX (CAS-005) — Question 263

A company hosts a platform-as-a-service solution with a web-based front end, through which customers interact with data sets. A security administrator needs to deploy controls to prevent application-focused attacks. Which of the following most directly supports the administrator’s objective?

Answer options

• A. Improving security dashboard visualization on SIEM
• B. Rotating API access and authorization keys every two months
• C. Implementing application load balancing and cross-region availability
• D. Creating WAF policies for relevant programming languages

Correct answer: D

Explanation

The correct answer is D because creating WAF (Web Application Firewall) policies is essential for protecting applications from attacks such as SQL injection and cross-site scripting. The other options, while important for overall security and performance, do not specifically address preventing application-focused attacks.