As a native cloud application developer, you intend to standardize the application programming interface as the contract between clients and backend microservices. Which of the following is the best mechanism? (Wentz QOTD)
A. API Gateway
B. Containerization
C. Representational state transfer (REST)
D. Service mesh
Monthly Archives: November 2021
CISSP PRACTICE QUESTIONS – 20211129
As an auditor, you are conducting an independent information security assessment. Which of the following is the artifact you should review first to assess the effectiveness of controls? (Wentz QOTD)
A. Business case
B. Security controls design
C. Information security policy
D. Statement of applicability of controls
CISSP PRACTICE QUESTIONS – 20211128
Which of the following sends signals simultaneously over a range of different frequencies as electromagnetic waves? (Wentz QOTD)
A. Symmetrical Digital Subscriber Line (SDSL)
B. Integrated Services Digital Network (ISDN)
C. Fibre Channel over Ethernet
D. 1000BASE-T
CISSP PRACTICE QUESTIONS – 20211127
You are developing a software solution with a service-oriented architecture. Which of the following is the most critical factor to enforce availability? (Wentz QOTD)
A. Discover and subscribe services from a well-known service registry using UDDI
B. Maintain and completely mediate sessions
C. Invoke services based on standard HTTP verbs
D. Invoke stateless services that follow the single-responsibility principle
CISSP PRACTICE QUESTIONS – 20211126
After completing the risk assessment against information systems, your organization attempts to mitigate identified risks. Which of the following is least likely implemented? (Wentz QOTD)
A. Setting out information security policy
B. Deploying a signature-based IDS
C. Implementing biometric access control
D. Buying cybersecurity insurance
CISSP PRACTICE QUESTIONS – 20211125
You are developing an anomaly-based IDS that employs artificial intelligence to categorize intrusion examples into various groups. Which of the following is the most intelligent approach to train the model? (Wentz QOTD)
A. Comprehensive knowledge base
B. Pre-selected features by subject matter experts
C. Ubiquitous deployment of sensors and agents
D. Layers of processing for feature transformation and extraction
CISSP PRACTICE QUESTIONS – 20211124
A covert channel is an unintended or unauthorized intra-system channel that enables two cooperating entities to transfer information in a way that violates the system’s security policy but does not exceed the entities’ access authorizations. Which of the following is the most critical element to formulate a covert storage channel? (Wentz QOTD)
A. Signaling channel
B. Foothold
C. Slack space
D. Master boot record
CISSP PRACTICE QUESTIONS – 20211123
Which of the following is the best expression for an authentication service to access a directory? (Wentz QOTD)
A. Distinguished Name
B. Common Name
C. Domain Name
D. Alias Name
CISSP PRACTICE QUESTIONS – 20211122
Which of the following intrusion detection system outcomes will trigger actions for the incident response team to contain the situation? (Wentz QOTD)
A. False Positive
B. True Positive
C. False Negative
D. True Negative
CISSP PRACTICE QUESTIONS – 20211121
Which of the following is the block cipher mode of operation that confuses or diffuses plaintext as the cipher’s input? (Wentz QOTD)
A. Electronic codebook (ECB)
B. Cipher feedback (CFB)
C. Output feedback (OFB)
D. Counter (CTR)