Service A is a utility service that has been designed to receive and send non-confidential messages. Service A provides access to a legacy application. Since the launch of Service A. the overall usage volumes have increased beyond expectations. Upon a review of the access logs, it is discovered that most of the requests came from unauthorized service consumers. The application of the Direct Authentication and Data Confidentiality patterns will prevent this from happening in the future.
A. True
B. False
In order to express the order in which a message is signed and encrypted, the industry standard can be used.
A. Decryption Transform for XML-Signature
B. XSL Transformations for XML
C. XML-Ordering
D. None of the above.
A service that issues a SAML assertion is called a Policy Decision Point (PDP) while a service that accepts a SAML assertion is called a SAML authority.
A. True
B. False
Using transport-layer security, an active intermediary that takes possession of a message can compromise:
A. message confidentiality
B. message confidentiality and message integrity
C. message integrity
D. None of the above.
The receiver of a message decrypts an encrypted message digest using the public key of the sender that corresponds to the private key. The receiver then matches it against the digest of the original message.
If the decrypted digest and the newly calculated digest match, then what does it prove?
A. coupling
B. confidentiality
C. non-repudiation
D. integrity
The services in a service inventory have all been built with compatible security technologies and mechanisms. Now, security policies are being introduced for the first time.
How can security policies become part of the service inventory and its services while adhering to the application of the Standardized Service Contract principle?
A. SAML is used to ensure that security policies are consistently enforced, thereby naturally complying to service contract standards.
B. Canonical XML is used to ensure that all security policies are based on canonical policy models.
C. Both SAML and Canonical XML are required to ensure that that Standardized Service Contract principle can be effectively applied.
D. None of the above
Service A requires certificates signed by a trusted certificate authority. The certificate authority publishes a Certificate Revocation List (CRL) on a frequent basis. As a result, some of the service consumers that were previously authorized to access Service A will not be able to after new CRLs are issued.
How can this security requirement be enforced?
A. A human security administrator needs to check the validity of each certificate with the certificate authority whenever Service A is accessed.
B. An intermediary can check against the CRL to determine whether a certificate provided by a service consumer is still valid.
C. Using certificates in such a scenario is not a valid option.
D. None of the above
The application of the Service Autonomy principle is always negatively affected when applying the Data Confidentiality pattern together with the Data Origin Authentication pattern.
A. True
B. False
Service A requires self-signed digital certificates from all of its service consumers. The service and its service consumers both belong to the same organization. You are presented with a new requirement to only allow access to those service consumers with certificates that have not expired.
How can this requirement be addressed with minimal impacts on the current security architecture?
A. The current security mechanism already addresses this requirement because the certificates contain a value that represents the validity period.
B. The certificates need to be signed by an external certificate authority so that the certificate authority's Certificate Revocation List (CRL) can be accessed in order to check the expiry dates of the certificates.
C. Using certificates in this scenario is not a valid option.
D. None of the above
The application of the Service Abstraction principle can hinder your ability to fully determine how a service composition is secured because you may not be able to find out how all composed services are secured.
A. True
B. False A
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only SOA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your S90-18A exam preparations and SOA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.