CompTIA Security+ (SY0-701) — Question 251

A development team is launching a new public-facing web product. The Chief Information Security Officer has asked that the product be protected from attackers who use malformed or invalid inputs to destabilize the system. Which of the following practices should the development team implement?

Answer options

• A. Fuzzing
• B. Continuous deployment
• C. Static code analysis
• D. Manual peer review

Correct answer: A

Explanation

Fuzzing is an effective technique for identifying vulnerabilities in systems by sending random or malformed inputs to discover potential weaknesses. The other options, such as Continuous deployment, Static code analysis, and Manual peer review, are valuable practices but do not specifically target the issue of handling malformed inputs as fuzzing does.