CompTIA PenTest+ (PT0-002) — Question 389

A penetration tester is performing an assessment against a customer’s web application that is hosted in a major cloud provider’s environment. The penetration tester observes that the majority of the attacks attempted are being blocked by the organization’s WAF. Which of the following attacks would be most likely to succeed?

Answer options

• A. Reflected XSS
• B. Brute-force
• C. DDoS
• D. Direct-to-origin

Correct answer: D

Explanation

The correct answer is D, as a Direct-to-origin attack targets the web application's backend directly, bypassing the WAF that protects the front end. In contrast, Reflected XSS and Brute-force attacks are generally mitigated by WAFs, while DDoS attacks are primarily volume-based and may not be affected by a WAF's filtering capabilities.