SOA Advanced SOA Security - S90.19 FREE EXAM DUMPS QUESTIONS & ANSWERS

The use of derived keys is based on symmetric encryption. This is similar to asymmetric encryption because different keys can be derived from a session key and used separately for encryption and decryption.
Correct Answer: B Vote an answer
As an SOA security specialist you are being asked to educate an IT team about how to best design security policies for a given set of services. Which of the following recommendations are valid?
Correct Answer: B,C,D Vote an answer
The Trusted Subsystem pattern is applied to a service that provides access to a database.
Select the answer that best explains why this service is still at risk of being subjected to an insufficient authorization attack.
Correct Answer: A Vote an answer
The application of the Service Loose Coupling principle does not relate to the use of security policies as part of service contracts.
Correct Answer: B Vote an answer
A malicious active intermediary intercepts a message sent between two services. What concerns are raised by such an attack?
Correct Answer: B Vote an answer
An XML bomb attack and an XML external entity attack are both considered types of XML parser attacks.
Correct Answer: A Vote an answer
The application of the Trusted Subsystem pattern can help centralize access to services.
Correct Answer: A Vote an answer
Message screening logic and exception shielding logic can co-exist in a single perimeter guard service.
Correct Answer: A Vote an answer
A denial of service attack can be the byproduct of an insufficient authorization attack.
Correct Answer: A Vote an answer
0
0
0
10