CCSP Certified Cloud Security Professional All-in-One Exam Guide, Third Edition by Daniel Carter;

Author:Daniel Carter;
Language: eng
Format: epub
Publisher: McGraw Hill LLC Professional Division
Published: 2023-06-15T00:00:00+00:00

10. Which of the following is the only data format supported by SOAP?

A. YAML

B. SAML

C. JSON

D. XML

D. SOAP only supports XML for data transfer and encoding. SAML is used within federated identity systems, while JSON is used for data exchange between applications, but not as part of SOAP. YAML is a data-encoding protocol for use with scripting languages such as Perl and Python.

11. If you are running application security tests against a system where you have knowledge and access to the code, which type of test are you running?

A. Dynamic

B. Static

C. Hybrid

D. Open

B. Static tests are done with knowledge of the system and security configurations, typically with the source code as well. This enables testers to perform on an offline system comprehensive analyses (such as scans of source code and evaluation of the coding and security mechanisms in place) that would not be possible from external tests without such knowledge. Tests can be directed to the specific protocols and technologies used, rather than applying general tests or having to discover what is being used. On the other end of the spectrum, dynamic testing is done without knowledge of the systems or code, and the testers must use tools and methods to discover anything about the environment to use with security evaluations. Open and hybrid are not terms that apply here at all.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.