By applying the Data Origin Authentication pattern together with the Brokered Authentication pattern, you guarantee confidential message exchanges by a service consumer that needs to repeatedly authenticate itself with a set of services within the same service composition.
A. True
B. False
A set of services within a service inventory were originally each designed with a dedicated identity store. To reduce the need for service consumers to repeatedly authenticate themselves when having to access multiple services, a new has been added along with a .
A. authentication broker, certificate authority
B. authentication broker, single identity store
C. certificate authority, certificate repository
D. certificate authority, single identity store
Which of the following are valid reasons for a certificate to be revoked:
A. The certificate was fraudulently obtained
B. The public key has been compromised
C. The private key has been compromised
D. The subject is no longer permitted to use the certificate
You are responsible for designing Service A, which must compose Services B and C. You are able to apply the necessary security mechanisms to ensure that messages exchanged by Service A comply with your security requirements. However, you are not given access to the design specifications for Services B and C. Based on the information that is published about Services B and C, you cannot guarantee that these services will provide the same level of security as Service A.
This limitation was placed upon you as a result of the application of which service-orientation principle?
A. Service Loose Coupling
B. Service Autonomy
C. Service Statelessness
D. Service Abstraction
Responses issued by Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) services need to be and so that it can be determined whether these responses were sent by a trusted certificate authority or a malicious program pretending to be a certificate authority.
A. encrypted, verified
B. signed, verified
C. encrypted, decrypted
D. signed, decrypted
Security mechanisms that are based on vendor-specific security technology will always decrease the autonomy of services that are required to use these security mechanisms.
A. True
B. False
Service A supports WS-Security and Service B does not. How can they exchange secure messages?
A. WS-Security regulates identity stores and therefore does not prohibit Service A and Service B from exchanging secure messages.
B. Service B can be designed to support XML Canonicalization instead. This enables Service B to be compatible with any service that supports WS-Security.
C. As long as both services share the same public key. itdoesn'tmatter whether WS- Security is supported.
D. None of the above.
Losing a does not compromise the identity of the key owner, whereas losing a does compromise the identity of the key owner.
A. private key, public key
B. validated certificate, revoked certificate
C. security policy, SAML token
D. None of the above
Which of the following are valid security considerations specific to the application of the Service Autonomy principle?
A. Avoid including non-essential security requirements in the service contract.
B. Avoid including content in the service contract that unnecessarily exposes details about the underlying service implementation.
C. Avoid modifying security policies that can break dependencies with service consumers.
D. None of the above.
The messages exchanged between two services are kept confidential by using symmetric encryption. The security specialist is quite strict about making sure that no attacker is able to intercept and decipher messages sent between these two services. As a result, periodic audits are conducted in order to ensure that shared keys are always kept confidential. A single shared key has been in use for quite some time now. The security specialist was confident that all keys were well guarded, but just recently their security was compromised.
How is this possible given that the shared key was never lost?
A. Symmetric encryption is not intended for long-term use. It needs to be replaced with asymmetric encryption after some time.
B. The attackers somehow figured out which encryption algorithm was used. As a result, they were able to decipher the messages.
C. Because the same shared key was used for a long time, attackers were able to obtain the key by comparing messages sent between the two services.
D. The shared key was decoded by the attackers using algorithms from related private keys used during prior message exchanges.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only SOA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your S90-18A exam preparations and SOA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.