You are configuring the cipher suites for a web server that supports TLS 1.2. Which of the following can provide the highest level of security? (Wentz QOTD)
A. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
B. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
C. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
D. TLS_RSA_WITH_AES_256_GCM_SHA384

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

You are preparing a business case for a data loss prevention solution. Which of the following is the least feasible method for capital budgeting? (Wentz QOTD)
A. Payback period
B. Internal rate of return
C. Net present value
D. Annualized loss expectancy

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

You are implementing a web application with a backend of microservices architecture. Which of the following is the best solution used to authenticate communication between microservices? (Wentz QOTD)
A. PKI
B. OIDC
C. OAuth2
D. API Gateway

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

As a system owner, you are selecting controls for the information system and the environment of operation based on the NIST Risk Management Framework (RMF). Which of the following best describes the process of applying scoping considerations (or scoping for short) when tailoring the selected controls? (Wentz QOTD)
A. Scoping identifies and designates common controls from the baseline
B. Scoping justifies why a security control is included in or excluded from the baseline
C. Scoping deals with selecting compensating controls
D. Scoping consider supplementing baselines with additional controls

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

As a system owner, you are selecting controls for the information system and the environment of operation based on the NIST Risk Management Framework (RMF). Which of the following is least likely to be an input of selecting controls? (Wentz QOTD)
A. Security and privacy plan
B. Cybersecurity Framework (CSF) profiles
C. Controls selected by the organization’s own selection process
D. Pre-defined security control baselines or pre-approved overlays

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

An IPv6 host has a physical address, 00-15-5D-24-36-DF. Which one of the following IPv6 addresses is most likely to be captured by a network sniffer connected to the same subnet? (Wentz QOTD)
A. fe80::205:5dff:fe24:36df%10
B. fe80::215:5dff:fe24:36df
C. ::1
D. 169.254.255.255

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

IPv6 addresses are 128-bit identifiers for interfaces and sets of interfaces. Which of the following is not a valid IPv6 address type? (Wentz QOTD)
A. Unicast
B. Anycast
C. Multicast
D. Broadcast

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.