CISSP PRACTICE QUESTIONS – 20211130

Effective CISSP Questions

As a native cloud application developer, you intend to standardize the application programming interface as the contract between clients and backend microservices. Which of the following is the best mechanism? (Wentz QOTD)
A. API Gateway
B. Containerization
C. Representational state transfer (REST)
D. Service mesh

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Representational state transfer (REST).

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

RESTful API for CRUD
RESTful API for CRUD

Microservices are standalone processes that provide services to clients or other microservices through application programming interfaces (API). An API can be treated as the contract between clients and services that defines functions and their input and output parameters. An API can be tailormade or follow a protocol or standard. A RESTful API employs standard HTTP verbs/methods to invoke API.

API Gateway and Sidecar Proxy

An API gateway in a microservices environment mediates traffic from clients to the backend microservices, while a sidecar proxy for each microservice provides communication among microservices in a service mesh.

API Gateway and Service Mesh
API Gateway and Service Mesh (Source: Liran Katz)

Containerization

Containerization is an OS-level virtualization technology (e.g., namespaces, cgroups) to deploy microservices.

Virtual Machine and Container Deployments
Virtual Machine and Container Deployments (Source: NIST SP 800-190)
Virtual Machines and Docker Containers
Virtual Machines and Docker Containers (Credit: Diego Terrana)

Reference


作為原生雲應用程序開發人員,您打算將應用程序編程接口標準化為客戶端和後端微服務之間的契約。 以下哪個是最好的機制? (Wentz QOTD)
A. API Gateway
B. Containerization
C. Representational state transfer (REST)
D. Service mesh



Leave a Reply