CompTIA CySA+ (CS0-001) — Question 95

A system is experiencing noticeably slow response times, and users are being locked out frequently. An analyst asked for the system security plan and found the system comprises two servers: an application server in the DMZ and a database server inside the trusted domain. Which of the following should be performed
NEXT to investigate the availability issue?

Answer options

• A. Review the firewall logs.
• B. Review syslogs from critical servers.
• C. Perform fuzzing.
• D. Install a WAF in front of the application server.

Correct answer: C

Explanation

The correct answer is C, as performing fuzzing can help identify vulnerabilities that may be causing the slow response times and lockouts by testing the application’s input handling. Reviewing firewall logs and syslogs are important but may not directly address the immediate cause of the issue, while installing a WAF, although beneficial for security, may not resolve the underlying availability problem.