As a native cloud application developer, you intend to standardize the application programming interface as the contract between clients and backend microservices. Which of the following is the best mechanism? (Wentz QOTD)
A. API Gateway
B. Containerization
C. Representational state transfer (REST)
D. Service mesh
As an auditor, you are conducting an independent information security assessment. Which of the following is the artifact you should review first to assess the effectiveness of controls? (Wentz QOTD)
A. Business case
B. Security controls design
C. Information security policy
D. Statement of applicability of controls
Which of the following sends signals simultaneously over a range of different frequencies as electromagnetic waves? (Wentz QOTD)
A. Symmetrical Digital Subscriber Line (SDSL)
B. Integrated Services Digital Network (ISDN)
C. Fibre Channel over Ethernet
D. 1000BASE-T
You are developing a software solution with a service-oriented architecture. Which of the following is the most critical factor to enforce availability? (Wentz QOTD)
A. Discover and subscribe services from a well-known service registry using UDDI
B. Maintain and completely mediate sessions
C. Invoke services based on standard HTTP verbs
D. Invoke stateless services that follow the single-responsibility principle
After completing the risk assessment against information systems, your organization attempts to mitigate identified risks. Which of the following is least likely implemented? (Wentz QOTD)
A. Setting out information security policy
B. Deploying a signature-based IDS
C. Implementing biometric access control
D. Buying cybersecurity insurance
You are developing an anomaly-based IDS that employs artificial intelligence to categorize intrusion examples into various groups. Which of the following is the most intelligent approach to train the model? (Wentz QOTD)
A. Comprehensive knowledge base
B. Pre-selected features by subject matter experts
C. Ubiquitous deployment of sensors and agents
D. Layers of processing for feature transformation and extraction
A covert channel is an unintended or unauthorized intra-system channel that enables two cooperating entities to transfer information in a way that violates the system’s security policy but does not exceed the entities’ access authorizations. Which of the following is the most critical element to formulate a covert storage channel? (Wentz QOTD)
A. Signaling channel
B. Foothold
C. Slack space
D. Master boot record
Which of the following is the best expression for an authentication service to access a directory? (Wentz QOTD)
A. Distinguished Name
B. Common Name
C. Domain Name
D. Alias Name
Which of the following intrusion detection system outcomes will trigger actions for the incident response team to contain the situation? (Wentz QOTD)
A. False Positive
B. True Positive
C. False Negative
D. True Negative
Which of the following is the block cipher mode of operation that confuses or diffuses plaintext as the cipher’s input? (Wentz QOTD)
A. Electronic codebook (ECB)
B. Cipher feedback (CFB)
C. Output feedback (OFB)
D. Counter (CTR)