SOA Advanced SOA Security - S90.19 FREE EXAM DUMPS QUESTIONS & ANSWERS
The use of derived keys is based on symmetric encryption. This is similar to asymmetric encryption because different keys can be derived from a session key and used separately for encryption and decryption.
Correct Answer: B
Vote an answer
As an SOA security specialist you are being asked to educate an IT team about how to best design security policies for a given set of services. Which of the following recommendations are valid?
Correct Answer: B,C,D
Vote an answer
The Trusted Subsystem pattern is applied to a service that provides access to a database.
Select the answer that best explains why this service is still at risk of being subjected to an insufficient authorization attack.
Select the answer that best explains why this service is still at risk of being subjected to an insufficient authorization attack.
Correct Answer: A
Vote an answer
The application of the Service Loose Coupling principle does not relate to the use of security policies as part of service contracts.
Correct Answer: B
Vote an answer
A malicious active intermediary intercepts a message sent between two services. What concerns are raised by such an attack?
Correct Answer: B
Vote an answer
An XML bomb attack and an XML external entity attack are both considered types of XML parser attacks.
Correct Answer: A
Vote an answer
The application of the Trusted Subsystem pattern can help centralize access to services.
Correct Answer: A
Vote an answer
Message screening logic and exception shielding logic can co-exist in a single perimeter guard service.
Correct Answer: A
Vote an answer
A denial of service attack can be the byproduct of an insufficient authorization attack.
Correct Answer: A
Vote an answer