A security team needs to evaluate the performance and security of a production web application without impacting real users. Which of the following approaches is the BEST choice for this requirement?
Implementing synthetic transactions that simulate user activities during off-peak hours
Conducting load testing during business hours to get realistic usage patterns
Running security vulnerability scanning tools against the production environment
Having the security team manually test the application functionality in production
Synthetic transactions are automated scripts that simulate user pathways through an application to measure performance and functionality without affecting actual users. They provide consistent, repeatable tests that can be scheduled to run at regular intervals to detect anomalies in application behavior or performance.
Load testing would put stress on the system and potentially impact real users. Security vulnerability scanning might identify vulnerabilities but doesn't focus on performance measurement. Manual testing by the security team would be inconsistent, not scalable, and wouldn't provide reliable benchmarks for comparison over time.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are synthetic transactions?
Open an interactive chat with Bash
What are the risks of conducting load testing during business hours?
Open an interactive chat with Bash
How do security vulnerability scanning tools work?
Open an interactive chat with Bash
ISC2 CISSP
Security Assessment and Testing
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access