The application of the Message Screening pattern can help avoid which of the following attacks?
A. Buffer overrun attack
B. XPath injection attack
C. SQL injection attack
D. Insufficient authorization attack
Within a certain service activity, two services are using certificates in order to guarantee the integrity of messages. With every message exchange, certificates are sent and received. These certificates are checked against an external Certificate Authority (CA) in order to verify whether or not they have been revoked. The current security architecture is suffering from increased latency resulting from the extra communication required with the CA.
How can this problem be addressed without compromising message integrity?
A. WS-Trust based SAML tokens can be used via an authentication broker.
B. WS-SecureConversation security context tokens can be used together with session keys and symmetric cryptography.
C. The security architecture can be redesigned so that the CA is only accessed for the first message exchange.
D. None of the above
A certain service becomes a victim of an insufficient authorization attack. This service acts as a trusted subsystem for an entire service inventory.
Which of the following are under threat as a result of this attack?
A. The core service logic
B. The underlying resources accessed by the service
C. Other services in the service inventory
D. All of the above.
Message screening logic and exception shielding logic can co-exist in a single perimeter guard service.
A. True
B. False
A common alternative to is the use of a .
A. Public key cryptography, private key
B. Digital signatures, symmetric key
C. Public key cryptography, public key
D. Private keys, digital signatures
A service uses specialized screening logic that compares the size of a message against a maximum allowable size value. This value is specified for an incoming request message for a specific service capability. Upon a mismatch, the service rejects the request message and instead generates an error message.
What type of attack has this security architecture not addressed?
A. XML parser attack
B. Buffer overrun attack
C. Exception shielding attack
D. None of the above
The Trusted Subsystem pattern can be applied to a service that encapsulates which of the following resources?
A. A database
B. A legacy system
C. A file with predefined access control permissions
D. All of the above.
The difference between the Exception Shielding and Message Screening patterns is in how the core service logic processes incoming messages received by malicious service consumers?
A. True
B. False
Within a service composition, two Web services are using certificates in order to ensure message integrity and sender's authenticity. The certificates are included with every message exchange. Recently, the performance of these message exchanges has degraded.
How can the performance be improved without compromising message integrity and message authenticity?
A. Use WS-Trust based SAML tokens by introducing an authenticationbroker
B. Use WS-SecureConversation security context tokens that make use of sessionkeys and symmetric cryptography
C. Because the services are part of the same service composition, there are no message integrity or message authenticity requirements. Therefore,the certificates can be removed
D. None of the above
The application of the Service Perimeter Guard pattern establishes a perimeter service that hides internal services from unauthorized external service consumers. However, the perimeter service grants authorized external services direct access to internal services.
A. True
B. False
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only SOA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your S90-19A exam preparations and SOA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.