You are training a machine learning model to support an anomaly-based intrusion detection system (IDS). The model can predict if an IP address is safe or not. Which of the following is the best method or technique to train the model?
A. Regression
B. Classification
C. Clustering
D. Dimensionality Reduction
Alice and Bob work together to develop a log parser using C++. Alice is linking the main program with the modules in object code developed by Bob. The log parser loads all the dependent modules when it starts. Which of the following best describes the role of Bob’s modules?
A. Software Development Kit (SDK)
B. Runtime library
C. Static library
D. Application Programming Interface (API)
I’m pleased to announce my book, 追求高效能的CISSP: 思考導向練習題本, aka CISSP Sudoku 365 (Chinese), is published as an Amazon Kindle ebook.
Purchase link: https://www.amazon.com/dp/B08JJCP2RC
An in-house development team in your organization is tasked to develop a new information system. As a software developer, which of the following is the best tool to protect the intellectual property of codes?
A. Compiler
B. Obfuscator
C. Debugger
D. Linker
The Chinese version of CISSP Sudoku 365 (on Amazon Kindle) is coming soon!😀🎉
I’m excited about this as it is the first book in Chinese that I can contribute to our local communities in Taiwan:)
An in-house development team in your organization is tasked to develop a new information system deployed to a public PaaS to support a new mission. A well-known consulting firm, enlisted in your organizational approved providers and offerings, is contracted to advise cloud services. Some of the tools used by developers are freeware downloaded from the internet. Which of the following acquisition sources is not used in this project?
A. Commercial-off-the-shelf (COTS)
B. Open Source
C. Managed services
D. Third-party
Software-defined networking (SDN) abstracts the control over the flow of data by separating logical control rules from physical data forwarding into the control plane and the data plane. Logical control rules are programmable as software, while sophisticated data-plane functionality is virtualizable through Network function virtualization (NFV). Software-defined security (SDS) is a security model that exploits SDN/NFV to enforce network security by security software on generic servers abstracting security appliances, such as Firewall, IDS, etc. Which of the following is not true about SDN, NFV, or SDS?
A. Controllers can impose flow rules or policies on physical devices via OpenFlow.
B. Switches at the data-plane implement the spanning-tree algorithm to prevent loops.
C. Software switches through NFV can be implemented independently without SDN.
D. Firewalls on generic servers as SDN applications can communicate with controllers through APIs.
Your company is developing a mobile app with the support of the RESTful backend API gateway which receives articles from the mobile app and posts them across social media on behalf of the author. The API gateway creates copies in the database server so that authors can manage them. As an architect, you are designing the system architecture. Which of the following is the most feasible design decision?
A. The mobile app shall invoke API through HTTP POST to create and share articles.
B. IP whitelisting on the API gateway shall be enabled to enforce the authenticity of origin.
C. Rate limits, such as throttling and quotas, shall be applied to prevent the race condition.
D. SAML shall be implemented for authentication.
