Log in
Computer Science
2
answers
1
watching
197
views

@ shilpa : please don't attend my question ? so are so volatile and changing your version so frequent and their is no point of taking your suggestion any more

An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key.

Which of the following would BEST secure the REST API connection to the database while preventing the use of a hard-coded string in the request string?

Options:
A. Implement a VPN for all APIs.
B. Sign the key with DSA.
C. Deploy MFA for the service accounts.
D. Utilize HMAC for the keys.

 

Watch
2
answers
1
watching
197
views

For unlimited access to Homework Help, a Homework+ subscription is required.

Unlock all answers

Get 1 free homework help answer.
Already have an account? Log in
Share
Avatar image
Read by 1 person
Already have an account? Log in
Share

Related questions

A security engineer thinks the development team has been hard-coding sensitive environment variables in its code.

Which of the following would BEST secure the company's CI/CD pipeline?

 

Options:

A Utilizing a trusted secrets manager
B Performing DAST on a weekly basis
C Introducing the use of container orchestration
D Deploying instance tagging

A customer reports being unable to connect to a website at www.test.com to consume services. The customer notices the web application has the following published cipher suite:

Which of the following is the MOST likely cause of the customer's inability to connect?

Options:

A Weak ciphers are being used.
B The public key should be using ECDSA.
C The default should be on port 80.
D The server name should be test.com.

A company in the financial sector receives a substantial number of customer transaction requests via email. While doing a root-cause analysis conceding a security breach, the CIRT correlates an unusual spike in port 80 traffic from the IP address of a desktop used by a customer relations employee who has access to several of the compromised accounts. Subsequent antivirus scans of the device do not return an findings, but the CIRT finds undocumented services running on the device. Which of the following controls would reduce the discovery time for similar in the future.

Options:

A Implementing application blacklisting
B Configuring the mall to quarantine incoming attachment automatically
C Deploying host-based firewalls and shipping the logs to the SIEM
D Increasing the cadence for antivirus DAT updates to twice daily

Weekly leaderboard

Home
Homework Help 3,900,000
Computer Science 2,000
Start filling in the gaps now
Log in