Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.
Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

• A.Implement input validation on the API.
• B.Implement geoblocking on the WAF.
• C.Implement rate limiting on the API.
• D.Implement OAuth 2.0 on the API.

Comment: *

Name: *

Email: *

Verification: *

Which of the following technologies allows CSPs to add encryption across multiple data storages?

• A.Symmetric encryption
• B.Data dispersion
• C.Homomorphic encryption
• D.Bit splitting

Comment: *

Name: *

Email: *

Verification: *

A security engineer was auditing an organization's current software development practice and discovered that multiple open-source libraries were Integrated into the organization's software.
The organization currently performs SAST and DAST on the software it develops.
Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?

• A.Implement the SDLC security guidelines.
• B.Perform additional SAST/DAST on the open-source libraries.
• C.Perform unit testing of the open-source libraries.
• D.Track the library versions and monitor the CVE website for related vulnerabilities.

Comment: *

Name: *

Email: *

Verification: *

An analyst has prepared several possible solutions to a successful attack on the company. The solutions need to be implemented with the LEAST amount of downtime. Which of the following should the analyst perform?

• A.Implement all the solutions at once in a virtual lab and then collect the metrics. After collection, run the attack simulation. Choose the best solution based on the best metrics.
• B.Implement all the solutions at once in a virtual lab and then run the attack simulation. Collect the metrics and then choose the best solution based on the metrics.
• C.Implement every solution one at a time in a virtual lab, running an attack simulation each time while collecting metrics. Roll back each solution and then implement the next. Choose the best solution based on the best metrics.
• D.Implement every solution one at a time in a virtual lab, running a metric collection each time. After the collection, run the attack simulation, roll back each solution, and then implement the next.
  Choose the best solution based on the best metrics.

Comment: *

Name: *

Email: *

Verification: *

Which of the following are risks associated with vendor lock-in? (Choose two.)

• A.The client experiences decreased quality of service.
• B.The client experiences increased interoperability.
• C.The client can seamlessly move data.
• D.The vendor can change product offerings.
• E.The client receives a sufficient level of service.
• F.The client can leverage a multicloud approach.

Comment: *

Name: *

Email: *

Verification: *