Exam CAS-004 topic 1 question 91 discussion

The company should implement a self-healing system to address the risk of system unavailability. Self-healing systems are designed to automatically detect and recover from failures without any human intervention. In the scenario described, failed API calls are causing customers to be unable to check out and purchase products, leading to the potential loss of customers and damage to the company's reputation. By implementing a self-healing system, the company can ensure that its product site remains available even in the event of API failures, reducing the risk of loss of customers and reputation damage.

This is a security test! We put controls on things to maintain operations at a higher success rate than adding more hardware. It is why we exist and are able to get senior stakeholder approval. Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)

It is C

Answer: C https://www.linkedin.com/pulse/approach-building-self-healing-apis-danesh-hussain-zaki

Definitely C

which is correct C or D?

Ran multiple test through ChatGPT and C comes out on top for the question Option C (A self-healing system): This involves implementing systems that can automatically detect and recover from failures without human intervention. Self-healing mechanisms can contribute to minimizing downtime by quickly identifying and resolving issues. It is a proactive approach to maintaining system availability Given the emphasis on mitigating the risk of system unavailability in the question, option C (A self-healing system) is more directly aligned with the goal of automatically addressing failures and minimizing downtime. However, organizations often employ a combination of strategies, and application controls would be part of a broader approach to ensuring system reliability and security. Therefore, if you had to choose one option that best addresses the risk of system unavailability, option C would be more directly related to self-healing mechanisms that contribute to maintaining system availability.

C is the correct answer as we are asking about availability not security of the API calls like in D. The exam is security based but the specific question is asking in the context of availability of the API which self healing would accomplish and reroute the requests

A self-healing system, in the context of IT infrastructure, refers to a system that can detect, diagnose, and automatically resolve issues without requiring human intervention. Such systems are designed to detect faults or failures, initiate corrective actions, and restore functionality to prevent or minimize service disruptions.

A self-healing system is designed to automatically detect and correct faults or failures without human intervention. In the context of API calls, if one call fails, the system can try alternate routes or methods to ensure continuity of service. If a server fails, it can redirect to another one. If there's a bug causing the failure, the system might be able to roll back to a previous stable state or activate a backup system.

The question does not say the system was brought down due to any sort of unauthorized access, so C is the best answer. Services and other dependencies can go down or have issues all the time. If the system detected an issue with a service and automatically restarted it, this would avoid issues like this.

C and D Hardware component failure can lead to significant and widespread outages and be difficult to resolve without proper planning and preparation. Design considerations should take into account failure scenarios, seek to eliminate any possible single points of failure (SPoF), and allow for the completion of maintenance tasks with minimal to no downtime. These design considerations invariably add to the up-front costs of hardware but result in a more resilient and reliable infrastructure that saves time and costs attributed to downtime. To accomplish this, hardware components must incorporate redundancy in their design, for example servers with dual power supplies, multiple memory modules plus multiple network and storage adapters, but in a more comprehensive manner also include the use of redundant systems such as by implementing server clusters or load balancers. Self-healing hardware has the capability to detect and react to component failures in a way that allows for continued operation or can be preventive in nature by detecting and alerting to imminent component failure.

Answer C To address the risk of system unavailability, the company should implement a self-healing system. A self-healing system is designed to identify and mitigate problems automatically without human intervention. This approach can help prevent system failures from cascading and causing widespread outages. By automating the process of identifying and mitigating problems, a self-healing system can help reduce the risk of downtime, improve system availability, and minimize the impact of failures on the company's reputation and customer satisfaction. User and entity behavior analytics, redundant reporting systems, and application controls are important security measures but are not specifically designed to address system availability.

D Is the correct choice.

I will go with D

I saw the same question in cysa+

I would go with C