CompTIA SecurityX (CAS-005) — Question 278

A security analyst discovered requests associated with IP addresses known for both legitimate and bot-related traffic. Which of the following should the analyst use to determine whether the requests are malicious?

Answer options

• A. User-agent string
• B. Byte length of the request
• C. Web application headers
• D. HTML encoding field

Correct answer: A

Explanation

The User-agent string provides information about the client making the request, which can help identify whether the traffic is coming from a legitimate user or a bot. The other options, such as byte length, web application headers, and HTML encoding field, do not provide as direct insight into the nature of the client making the requests.