| Question.6 What is the only data format permitted with the SOAP API? (A) HTML (B) SAML (C) XSML (D) XML |
6. Click here to View Answer
Correct Answer: D
| Question.7 Which data formats are most commonly used with the REST API? (A) JSON and SAML (B) XML and SAML (C) XML and JSON (D) SAML and HTML |
7. Click here to View Answer
Correct Answer: C
| Question.8 Which of the following threat types involves an application that does not validate authorization for portions of itself after the initial checks? (A) Injection (B) Missing function-level access control (C) Cross-site request forgery (D) Cross-site scripting |
8. Click here to View Answer
Correct Answer: B
It is imperative that an application perform checks when each function or portion of the application is accessed, to ensure that the user is properly authorized to access it. Without continual checks each time a function is accessed, an attacker could forge requests to access portions of the application where authorization has not been granted.
| Question.9 Which of the following roles involves overseeing billing, purchasing, and requesting audit reports for an organization within a cloud environment? (A) Cloud service user (B) Cloud service business manager (C) Cloud service administrator (D) Cloud service integrator |
9. Click here to View Answer
Correct Answer: B
The cloud service business manager is responsible for overseeing business and billing administration, purchasing cloud services, and requesting audit reports when necessary
| Question.10 What is the biggest concern with hosting a key management system outside of the cloud environment? (A) Confidentiality (B) Portability (C) Availability (D) Integrity |
10. Click here to View Answer
Correct Answer: C