CompTIA Security+ SY0-601 – Question433

A security analyst is investigating a report from a penetration test. During the penetration test, consultants were able to download sensitive data from a back-end server. The back-end server was exposing an API that should have only been available from the company's mobile application. After reviewing the back-end server logs, the security analyst finds the following entries:

Which of the following is the most likely cause of the security control bypass?

A.
IP address allow list
B. User-agent spoofing
C. WAF bypass
D. Referrer manipulation

Correct Answer: D