CompTIA Security+ (SY0-601) — Question 463

A security analyst discovers that one of the web APIs is being abused by an unknown third party. Logs indicate that the third party is attempting to manipulate the parameters being passed to the API endpoint. Which of the following solutions would best help to protect against the attack?

Answer options

• A. DLP
• B. SIEM
• C. NIDS
• D. WAF

Correct answer: D

Explanation

The correct answer is WAF (Web Application Firewall) because it is specifically designed to filter and monitor HTTP traffic to and from a web application, thereby protecting against attacks such as parameter manipulation. DLP (Data Loss Prevention), SIEM (Security Information and Event Management), and NIDS (Network Intrusion Detection System) do not provide the targeted protection necessary for web APIs against this type of abuse.