CompTIA PenTest+ (PT0-002) — Question 276

A penetration tester is testing a company's public APIs. In researching the API URLs, the penetration tester discovers that the URLs resolve to a cloud-hosted WAF service that is blocking the penetration tester's attack attempts. Which of the following should the tester do to best ensure the attacks will be more successful?

Answer options

• A. Increase the volume of attacks to enable more to possibly slip through.
• B. Vary the use of upper and lower case characters in payloads to fool the WAF.
• C. Use multiple source IP addresses for the attack traffic to prevent being blocked.
• D. Locate the company's servers that are hosting the API and send the traffic there.

Correct answer: D

Explanation

The correct answer is D because targeting the company's servers directly bypasses the WAF that is blocking the attacks. Options A, B, and C would still encounter the WAF's defenses, making them less effective in achieving successful penetration.