CompTIA CySA+ (CS0-002) — Question 108

During an audit, several customer order forms v/ere found to contain inconsistencies between the actual price of an item and the amount charged to the customer. Further investigation narrowed the cause of the issue to manipulation of the public-facing web form used by customers to order products. Which of the following would be the BEST way to locate this issue?

Answer options

• A. Reduce the session timeout threshold.
• B. Deploy MFA for access to the web server.
• C. Implement input validation.
• D. Run a static code scan.

Correct answer: D

Explanation

The correct answer is D, as running a static code scan will help identify vulnerabilities in the code that could be exploited to manipulate the web form. Options A and B do not directly address the issue of input manipulation on the web form, while option C, although beneficial for security, does not provide a comprehensive analysis of the existing code vulnerabilities.