Online Certificate Status Protocol (OCSP) based services provide online certificate revocation checking. However, these types of services can introduce network latency because only one certificate can be checked at a time.
A. True
B. False
A project team is planning to create a secure service composition that consists of services from two different domain service inventories. The security mechanisms for each service inventory are based on different vendor technologies that adhere to the same industry standards and the same design standards.
What is wrong with this service composition architecture?
A. Because different vendor security technologies were used, services from different domain service inventories will be using incompatible security credentials.
B. Security mechanisms have a fixed limitation that prevents their usage across service inventory boundaries.
C. Vendor technologies do not adhere to industry standards. Only industry technologies adhere to industry standards.
D. None of the above
Which of the following design options can help reduce the amount of runtime processing required by security logic within a service composition?
A. Increase the usage of XML-Encryption and XML-Signature.
B. Use a single sign-on mechanism.
C. Introduce an identity store that is shared by the services within the service composition.
D. Ensure that non-repudiation is constantly guaranteed.
One of the primary industry standards used for the application of the Data Confidentiality pattern is:
A. XML-Encryption
B. Canonical XML
C. XML-Signature
D. SAML
The Data Origin Authentication pattern is applied to services throughout a service inventory. As a result, if malicious service intermediaries change data within messages exchanged by these services, such changes will be detected.
A. True
B. False
Which of the following industry standards enable non-repudiation?
A. XML-Encryption
B. XML-Signature
C. SAML
D. None of the above
The communication between Service A and Service B needs to be kept private. A security specialist is planning to implement secret key cryptography in order to encrypt the messages.
Which of the following approaches addresses this requirement?
A. Create a shared key that will be used by both the services for message encryption and decryption.
B. Both the services need to be built with support for the XML-Signature industry standard.
C. The Data Origin Authentication pattern needs to be applied across both service architectures.
D. None of the above.
A SAML assertion always contains:
A. the name of the issuer
B. a validity period
C. subject confirmation
D. signature
To provide message confidentiality and message integrity, which of the following patterns need to be applied?
A. Data Confidentiality and Direct Authentication
B. Data Origin Authentication and Brokered Authentication
C. Direct Authentication and Brokered Authentication
D. None of the above
A set of SAML tokens has been used as a result of the application of the Brokered Authentication pattern within a particular service inventory. Because SAML assertions normally contain a signature, the security specialist is confident that the integrity of messages will be maintained.
What's wrong with this assumption?
A. The signature contained within the SAML assertion protects the integrity of the assertion, not of the message itself.
B. SAML assertions also contain the name of the issuer and the validity period, which are needed in addition to the signature to ensure message integrity.
C. SAML assertions cannot contain signatures.
D. Nothing is wrong. The security specialist's assumption is correct.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only SOA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your S90-18A exam preparations and SOA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.