Join the discussion
Question 1/178
Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the Integrity of updating and changing dat a. For this purpose, he uses a web service that uses HTTP methods such as PUT. POST. GET. and DELETE and can improve the overall performance, visibility, scalability, reliability, and portability of an application. What is the type of web-service API mentioned in the above scenario?
Correct Answer: C
*REST is not a specification, tool, or framework, but instead is an architectural style for web services that serves as a communication medium between various systems on the web. *RESTful APIs, which are also known as RESTful services, are designed using REST principles and HTTP communication protocols RESTful is a collection of resources that use HTTP methods such as PUT, POST, GET, and DELETE RESTful API: RESTful API is a RESTful service that is designed using REST principles and HTTP communication protocols. RESTful is a collection of resources that use HTTP methods such as PUT, POST, GET, and DELETE. RESTful API is also designed to make applications independent to improve the overall performance, visibility, scalability, reliability, and portability of an application. APIs with the following features can be referred to as to RESTful APIs: o Stateless: The client end stores the state of the session; the server is restricted to save data during the request processing o Cacheable: The client should save responses (representations) in the cache. This feature can enhance API performance pg. 1920 CEHv11 manual.
https://cloud.google.com/files/apigee/apigee-web-api-design-the-missing-link-ebook.pdf The HTTP methods GET, POST, PUT or PATCH, and DELETE can be used with these templates to read, create, update, and delete description resources for dogs and their owners. This API style has become popular for many reasons. It is straightforward and intuitive, and learning this pattern is similar to learning a programming language API. APIs like this one are commonly called RESTful APIs, although they do not display all of the characteristics that define REST (more on REST later).
https://cloud.google.com/files/apigee/apigee-web-api-design-the-missing-link-ebook.pdf The HTTP methods GET, POST, PUT or PATCH, and DELETE can be used with these templates to read, create, update, and delete description resources for dogs and their owners. This API style has become popular for many reasons. It is straightforward and intuitive, and learning this pattern is similar to learning a programming language API. APIs like this one are commonly called RESTful APIs, although they do not display all of the characteristics that define REST (more on REST later).
Add Comments
- Other Question (178q)
- Q1. Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the...
- Q2. An organization decided to harden its security against web-application and web-server atta...
- Q3. As a securing consultant, what are some of the things you would recommend to a company to ...
- Q4. A large enterprise has been experiencing sporadic system crashes and instability, resultin...
- Q5. Which of the following tools performs comprehensive tests against web servers, including d...
- Q6. Which DNS resource record can indicate how long any "DNS poisoning" could last?...
- Q7. The tools which receive event logs from servers, network equipment, and applications, and ...
- Q8. What is the role of test automation in security testing?...
- Q9. Todd has been asked by the security officer to purchase a counter-based authentication sys...
- Q10. On performing a risk assessment, you need to determine the potential impacts when some of ...
- Q11. Tony wants to integrate a 128-bit symmetric block cipher with key sizes of 128,192, or 256...
- Q12. A security analyst is performing an audit on the network to determine if there are any dev...
- Q13. Which of the following options represents a conceptual characteristic of an anomaly-based ...
- Q14. You receive an e-mail like the one shown below. When you click on the link contained in th...
- Q15. Which of the following types of SQL injection attacks extends the results returned by the ...
- Q16. The configuration allows a wired or wireless network interface controller to pass all traf...
- Q17. By performing a penetration test, you gained access under a user account. During the test,...
- Q18. An ethical hacker is scanning a target network. They initiate a TCP connection by sending ...
- Q19. What type of virus is most likely to remain undetected by antivirus software?...
- Q20. Take a look at the following attack on a Web Server using obstructed URL: (Exhibit) How wo...
- Q21. Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. ...
- Q22. Which of the following Google advanced search operators helps an attacker in gathering inf...
- Q23. The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE's Common V...
- Q24. Harry. a professional hacker, targets the IT infrastructure of an organization. After prep...
- Q25. Session splicing is an IDS evasion technique in which an attacker delivers data in multipl...
- Q26. You want to do an ICMP scan on a remote computer using hping2. What is the proper syntax?...
- Q27. Scenario1: 1. Victim opens the attacker's web site. 2. Attacker sets up a web site which c...
- Q28. Annie, a cloud security engineer, uses the Docker architecture to employ a client/server m...
- Q29. A large e-commerce organization is planning to implement a vulnerability assessment soluti...
- Q30. Harry. a professional hacker, targets the IT infrastructure of an organization. After prep...
- Q31. Allen, a professional pen tester, was hired by xpertTech solutWns to perform an attack sim...
- Q32. Andrew is an Ethical Hacker who was assigned the task of discovering all the active device...
- Q33. Eve is spending her day scanning the library computers. She notices that Alice is using a ...
- Q34. Bob, an attacker, has managed to access a target loT device. He employed an online tool to...
- Q35. You need to deploy a new web-based software package for your organization. The package req...
- Q36. Abel, a cloud architect, uses container technology to deploy applications/software includi...
- Q37. You are performing a penetration test for a client and have gained shell access to a Windo...
- Q38. Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. ...
- Q39. You want to analyze packets on your wireless network. Which program would you use?...
- Q40. The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255...
- Q41. Which Nmap option would you use if you were not concerned about being detected and wanted ...
- Q42. Consider the following Nmap output: (Exhibit) what command-line parameter could you use to...
- Q43. Sam is working as a system administrator In an organization. He captured the principal cha...
- Q44. A group of hackers were roaming around a bank office building in a city, driving a luxury ...
- Q45. which of the following Bluetooth hacking techniques refers to the theft of information fro...
- Q46. In both pharming and phishing attacks, an attacker can create websites that look similar t...
- Q47. Steve, a scientist who works in a governmental security agency, developed a technological ...
- Q48. What is the most common method to exploit the "Bash Bug" or "Shellshock" vulnerability?...
- Q49. You have compromised a server and successfully gained a root access. You want to pivot and...
- Q50. Which among the following is the best example of the third step (delivery) in the cyber ki...
- Q51. A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the...
- Q52. Ethical backer jane Doe is attempting to crack the password of the head of the it departme...
- Q53. Lewis, a professional hacker, targeted the loT cameras and devices used by a target ventur...
- Q54. An ethical hacker is hired to conduct a comprehensive network scan of a large organization...
- Q55. Which of the following steps for risk assessment methodology refers to vulnerability ident...
- Q56. Mike, a security engineer, was recently hired by BigFox Ltd. The company recently experien...
- Q57. Based on the below log, which of the following sentences are true? Mar 1, 2016, 7:33:28 AM...
- Q58. When you are testing a web application, it is very useful to employ a proxy tool to save e...
- Q59. There are multiple cloud deployment options depending on how isolated a customer's resourc...
- Q60. An organization has automated the operation of critical infrastructure from a remote locat...
- Q61. Hackers often raise the trust level of a phishing message by modeling the email to look si...
- Q62. An organization decided to harden its security against web-application and web-server atta...
- Q63. Which of the following types of SQL injection attacks extends the results returned by the ...
- Q64. You are programming a buffer overflow exploit and you want to create a NOP sled of 200 byt...
- Q65. Techno Security Inc. recently hired John as a penetration tester. He was tasked with ident...
- Q66. A large company intends to use Blackberry for corporate mobile phones and a security analy...
- Q67. During an attempt to perform an SQL injection attack, a certified ethical hacker is focusi...
- Q68. Richard, an attacker, targets an MNC. in this process, he uses a footprinting technique to...
- Q69. Sam is a penetration tester hired by Inception Tech, a security organization. He was asked...
- Q70. In this attack, a victim receives an e-mail claiming from PayPal stating that their accoun...
- Q71. Bob is doing a password assessment for one of his clients. Bob suspects that security poli...
- Q72. Joel, a professional hacker, targeted a company and identified the types of websites frequ...
- Q73. A sophisticated attacker targets your web server with the intent to execute a Denial of Se...
- Q74. When discussing passwords, what is considered a brute force attack?...
- Q75. By performing a penetration test, you gained access under a user account. During the test,...
- Q76. Kevin, a professional hacker, wants to penetrate CyberTech Inc.'s network. He employed a t...
- Q77. What type of analysis is performed when an attacker has partial knowledge of inner-working...
- Q78. A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire informati...
- Q79. The following is an entry captured by a network IDS. You are assigned the task of analyzin...
- Q80. Attacker Lauren has gained the credentials of an organization's internal server system, an...
- Q81. While testing a web application in development, you notice that the web server does not pr...
- Q82. How does a denial-of-service attack work?
- Q83. What useful information is gathered during a successful Simple Mail Transfer Protocol (SMT...
- Q84. Cross-site request forgery involves:
- Q85. Mr. Omkar performed tool-based vulnerability assessment and found two vulnerabilities. Dur...
- Q86. Calvin, a grey-hat hacker, targets a web application that has design flaws in its authenti...
- Q87. A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur o...
- Q88. During a black-box pen test you attempt to pass IRC traffic over port 80/TCP from a compro...
- Q89. An attacker changes the profile information of a particular user (victim) on the target we...
- Q90. When conducting a penetration test, it is crucial to use all means to get all available in...
- Q91. Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on hi...
- Q92. Ethical backer jane Doe is attempting to crack the password of the head of the it departme...
- Q93. Which Intrusion Detection System is the best applicable for large environments where criti...
- Q94. Fred is the network administrator for his company. Fred is testing an internal switch. Fro...
- Q95. While testing a web application in development, you notice that the web server does not pr...
- Q96. Kate dropped her phone and subsequently encountered an issue with the phone's internal spe...
- Q97. A newly joined employee. Janet, has been allocated an existing system used by a previous e...
- Q98. An attacker utilizes a Wi-Fi Pineapple to run an access point with a legitimate-looking SS...
- Q99. Let's imagine three companies (A, B and C), all competing in a challenging global environm...
- Q100. Attacker Steve targeted an organization's network with the aim of redirecting the company'...
- Q101. Nicolas just found a vulnerability on a public-facing system that is considered a zero-day...
- Q102. What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/T...
- Q103. Which of the following programs is usually targeted at Microsoft Office products?...
- Q104. While performing an Nmap scan against a host, Paola determines the existence of a firewall...
- Q105. Peter, a Network Administrator, has come to you looking for advice on a tool that would he...
- Q106. #!/usr/bin/python import socket buffer=[""A""] counter=50 while len(buffer)<=100: buffe...
- Q107. If a tester is attempting to ping a target that exists but receives no response or a respo...
- Q108. Study the snort rule given below and interpret the rule. alert tcp any any --> 192.168....
- Q109. Miley, a professional hacker, decided to attack a target organization's network. To perfor...
- Q110. A company's security policy states that all Web browsers must automatically delete their H...
- Q111. A penetration tester is performing an enumeration on a client's network. The tester has ac...
- Q112. Upon establishing his new startup, Tom hired a cloud service provider (CSP) but was dissat...
- Q113. Mary found a high vulnerability during a vulnerability scan and notified her server team. ...
- Q114. After an audit, the auditors Inform you that there is a critical finding that you must tac...
- Q115. When you are getting information about a web server, it is very important to know the HTTP...
- Q116. The change of a hard drive failure is once every three years. The cost to buy a new hard d...
- Q117. You are the chief cybersecurity officer at CloudSecure Inc., and your team is responsible ...
- Q118. You are using a public Wi-Fi network inside a coffee shop. Before surfing the web, you use...
- Q119. What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/T...
- Q120. The Payment Card Industry Data Security Standard (PCI DSS) contains six different categori...
- Q121. You are logged in as a local admin on a Windows 7 system and you need to launch the Comput...
- Q122. You are an ethical hacker contracted to conduct a security audit for a company. During the...
- Q123. In an attempt to damage the reputation of a competitor organization, Hailey, a professiona...
- Q124. jane, an ethical hacker. Is testing a target organization's web server and website to iden...
- Q125. When a normal TCP connection starts, a destination host receives a SYN (synchronize/start)...
- Q126. You work for Acme Corporation as Sales Manager. The company has tight network security res...
- Q127. Dorian Is sending a digitally signed email to Polly, with which key is Dorian signing this...
- Q128. Nedved is an IT Security Manager of a bank in his country. One day. he found out that ther...
- Q129. Which of the following tools can be used for passive OS fingerprinting?...
- Q130. Garry is a network administrator in an organization. He uses SNMP to manage networked devi...
- Q131. Samuel a security administrator, is assessing the configuration of a web server. He notice...
- Q132. As a cybersecurity professional, you are responsible for securing a high-traffic web appli...
- Q133. A newly joined employee. Janet, has been allocated an existing system used by a previous e...
- Q134. A DDOS attack is performed at layer 7 to take down web infrastructure. Partial HTTP reques...
- Q135. Henry Is a cyber security specialist hired by BlackEye - Cyber security solutions. He was ...
- Q136. What is not a PCI compliance recommendation?
- Q137. This form of encryption algorithm is asymmetric key block cipher that is characterized by ...
- Q138. The company ABC recently contracts a new accountant. The accountant will be working with t...
- Q139. Robin, a professional hacker, targeted an organization's network to sniff all the traffic....
- Q140. John, a professional hacker, targeted CyberSol Inc., an MNC. He decided to discover the lo...
- Q141. Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless...
- Q142. Ron, a security professional, was pen testing web applications and SaaS platforms used by ...
- Q143. Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. ...
- Q144. As a cybersecurity consultant for SafePath Corp, you have been tasked with implementing a ...
- Q145. An attacker identified that a user and an access point are both compatible with WPA2 and W...
- Q146. A technician is resolving an issue where a computer is unable to connect to the Internet u...
- Q147. Bella, a security professional working at an it firm, finds that a security breach has occ...
- Q148. What is the BEST alternative if you discover that a rootkit has been installed on one of y...
- Q149. Stephen, an attacker, targeted the industrial control systems of an organization. He gener...
- Q150. Ricardo has discovered the username for an application in his targets environment. As he h...
- Q151. Study the snort rule given below and interpret the rule. alert tcp any any --> 192.168....
- Q152. You are trying to break into a highly classified top-secret mainframe computer with highes...
- Q153. in the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does m...
- Q154. Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" s...
- Q155. Which of the following statements is TRUE?
- Q156. Robin, an attacker, is attempting to bypass the firewalls of an organization through the D...
- Q157. Suppose that you test an application for the SQL injection vulnerability. You know that th...
- Q158. Study the following log extract and identify the attack. (Exhibit)...
- Q159. Given the complexities of an organization's network infrastructure, a threat actor has exp...
- Q160. What is the purpose of DNS AAAA record?
- Q161. Nicolas just found a vulnerability on a public-facing system that is considered a zero-day...
- Q162. Which of the following commands checks for valid users on an SMTP server?...
- Q163. What does the -oX flag do in an Nmap scan?
- Q164. Every company needs a formal written document which spells out to employees precisely what...
- Q165. Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems...
- Q166. (Exhibit) Identify the correct terminology that defines the above statement....
- Q167. This wireless security protocol allows 192-bit minimum-strength security protocols and cry...
- Q168. Let's imagine three companies (A, B and C), all competing in a challenging global environm...
- Q169. Calvin, a software developer, uses a feature that helps him auto-generate the content of a...
- Q170. Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. ...
- Q171. David is a security professional working in an organization, and he is implementing a vuln...
- Q172. Bill is a network administrator. He wants to eliminate unencrypted traffic inside his comp...
- Q173. Stella, a professional hacker, performs an attack on web services by exploiting a vulnerab...
- Q174. Henry is a penetration tester who works for XYZ organization. While performing enumeration...
- Q175. How is the public key distributed in an orderly, controlled fashion so that the users can ...
- Q176. Which of the following incident handling process phases is responsible for defining rules,...
- Q177. John, a professional hacker, decided to use DNS to perform data exfiltration on a target n...
- Q178. By using a smart card and pin, you are using a two-factor authentication that satisfies...
