Effective CISSP Questions

Which of the following is least likely to interact with clients directly in a microservices-based application? (Wentz QOTD)
A. Microservice instances
B. Service mesh
C. API gateway
D. Web application firewalls

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. Service mesh.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

API Gateway and Service Mesh
API Gateway and Service Mesh (Source: Liran Katz)

API gateways are implemented to facilitate communication across borders; they control north-south and east-west traffic. External or edge API gateways route inbound requests from clients to appropriate services; internal API gateways facilitate communication between various scopes of service meshes.

A service mesh facilitates service-to-service communication within a specific scope, while an edge API gateway serves inbound requests from external clients. Web application firewalls can be established to protect API gateways. Microservice instances may be exposed to external clients for direct access; however, it’s not a good practice.

Amazon API Gateway adds support for AWS WAF
Amazon API Gateway adds support for AWS WAF


以下哪項最不可能在基於微服務的應用程序中直接與客戶端互動? (Wentz QOTD)
A. 微服務實例 (instances)
B. 服務網格 (service mesh)
C. API網關 (gateway)
D. Web應用防火牆 (WAF)

Leave a Reply