- (Exam Topic 4)
What is the experimental technology that might lead to the possibility of processing encrypted data without having to decrypt it first?
Correct Answer:
C
AES is an encryption standard. Link encryption is a method for protecting communications traffic. One-time pads are an encryption method.
- (Exam Topic 4)
Web application firewalls (WAFs) are designed primarily to protect applications from common attacks like:
Correct Answer:
C
WAFs detect how the application interacts with the environment, so they are optimal for detecting and refuting things like SQL injection and XSS. Password cracking, syn floods, and ransomware usually aren’t taking place in the same way as injection and XSS, and they are better addressed with controls at the router and through the use of HIDS, NIDS, and antimalware tools.
- (Exam Topic 1)
Which of the following is NOT a regulatory system from the United States federal government?
Correct Answer:
A
The payment card industry data security standard (PCI DSS) pertains to organizations that handle credit card transactions and is an industry regulatory standard, not a governmental one.
- (Exam Topic 4)
What is the intellectual property protection for a useful manufacturing innovation?
Correct Answer:
C
Patents protect processes (as well as inventions, new plantlife, and decorative patterns). The other answers listed are answers to other questions.
- (Exam Topic 1)
Which of the following APIs are most commonly used within a cloud environment?
Correct Answer:
B
Simple Object Access Protocol (SOAP) and Representational State Transfer (REST) are the most commonly used APIs within a cloud environment. Extensible Markup Language (XML) and Security Assertion Markup Language (SAML) are both standards for exchanging encoded data between two parties, with XML being for more general use and SAML focused on authentication and authorization data.
