- (Exam Topic 2)
Which of the following does NOT fall under the "IT" aspect of quality of service (QoS)?
Correct Answer:
B
KPIs fall under the "business" aspect of QoS, along with monitoring and measuring of events and business processes. Services, security, and applications are all core components and concepts of the "IT" aspect of QoS.
- (Exam Topic 1)
What does the REST API support that SOAP does NOT support?
Correct Answer:
A
The SOAP protocol does not support caching, whereas the REST API does.
- (Exam Topic 4)
In attempting to provide a layered defense, the security practitioner should convince senior management to include security controls of which type?
Correct Answer:
B
Layered defense calls for a diverse approach to security.
- (Exam Topic 4)
The BIA can be used to provide information about all the following, except:
Correct Answer:
C
The business impact analysis gathers asset valuation information that is beneficial for risk analysis and selection of security controls (it helps avoid putting the ten-dollar lock on the five-dollar bicycle), and criticality information that helps in BC/DR planning by letting the organization understand which systems, data, and personnel are necessary to continuously maintain. However, it does not aid secure acquisition efforts, since the assets examined by the BIA have already been acquired.
- (Exam Topic 2)
Which of the following is a restriction that can be enforced by information rights management (IRM) that is not possible for traditional file system controls?
Correct Answer:
D
IRM allows an organization to control who can print a set of information. This is not be possible under traditional file system controls, where if a user can read a file, they are able to print it as well.
