CompTIA CySA+ (CS0-001) — Question 169

A company has a popular shopping cart website hosted geographically diverse locations. The company has started hosting static content on a content delivery network (CDN) to improve performance. The CDN provider has reported the company is occasionally sending attack traffic to other CDN-hosted targets.
Which of the following has MOST likely occurred?

Answer options

• A. The CDN provider has mistakenly performed a GeoIP mapping to the company.
• B. The CDN provider has misclassified the network traffic as hostile.
• C. A vulnerability scan has tuned to exclude web assets hosted by the CDN.
• D. The company has been breached, and customer PII is being exfiltrated to the CDN.

Correct answer: D

Explanation

The correct answer is D because it indicates a serious security breach where customer Personally Identifiable Information (PII) is being exfiltrated. The other options suggest misclassifications or technical errors rather than a security incident, which would not explain the observed attack traffic.