An organization is deploying a new, online digital bank and needs to ensure availability and performance. The cloud-based architecture is deployed using PaaS and SaaS solutions, and it was designed with the following considerations:
✑ Protection from DoS attacks against its infrastructure and web applications is in place.
✑ Highly available and distributed DNS is implemented.
✑ Static content is cached in the CDN.
✑ A WAF is deployed inline and is in block mode.
✑ Multiple public clouds are utilized in an active-passive architecture.
With the above controls in place, the bank is experiencing a slowdown on the unauthenticated payments page. Which of the following is the MOST likely cause?

A. The public cloud provider is applying QoS to the inbound customer traffic.

B. The API gateway endpoints are being directly targeted.

C. The site is experiencing a brute-force credential attack.

D. A DDoS attack is targeted at the CDN.








 

Suggested Answer: A

Community Answer: B



This question is in CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam
For getting CompTIA Advanced Security Practitioner (CASP+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.