S90.18無料問題集「SOA Fundamental SOA Security」

質問 1

A service consumer submits a message with security credentials to an authentication
broker, which authenticates the credentials against a central identity store. The
authentication broker then responds with a token that the service consumer can use to
access Services A, B, and C (none of which have their own identity store). This scenario
demonstrates the application of which pattern?

（A）Direct Authentication

（B）Data Origin Authentication

（C）None of the above

（D）Identity Store Authentication

正解：C 解答を投票する

質問 2

A service that was previously using a shared identity store is now given its own dedicated
identity store instead. What are the likely impacts (positive or negative) that will result from
this change?

（A）The service will no longer be dependent on a certificate authority.

（B）The service's autonomy is increased.

（C）The potential to apply the Service Abstraction principle is increased.

（D）The operational responsibility is increased due to the need to keep the dedicated identity
store in synch with a parent identity store.

正解：B、D 解答を投票する

質問 3

Service A hashes a message using algorithm X.
which creates message digest X1. Service
B uses a different algorithm Y to create message digest Y1 of the same message. Which of
the following statements are true regarding the comparison of X1 and Y1?

（A）They are based on the same hashing algorithm

（B）They have fixed sizes

（C）They do not match

（D）They can be swapped

正解：B、C 解答を投票する

質問 4

The more _____________ the security architecture is across services, the more
____________the service composition architecture.

（A）centralized, inflexible

（B）standardized, vendor-centric

（C）standardized, flexible

（D）centralized, vendor-neutral

正解：C 解答を投票する

質問 5

The services in a service inventory have all been built with compatible security
technologies and mechanisms. Now, security policies are being introduced for the first
time. How can security policies become part of the service inventory and its services while
adhering to the application of the Standardized Service Contract principle?

（A）None of the above

（B）SAML is used to ensure that security policies are consistently enforced, thereby
naturally complying to service contract standards.

（C）Canonical XML is used to ensure that all security policies are based on canonical policy
models.

（D）Both SAML and Canonical XML are required to ensure that that Standardized Service
Contract principle can be effectively applied.

正解：A 解答を投票する

質問 6

With SAML, the _____________ element is used by the relying party to confirm that a
given message came from the subject specified in the assertion.

（A）token

（B）subject confirmation

（C）claim

（D）sign-on

正解：B 解答を投票する

質問 7

A set of SAML tokens has been used as a result of the application of the Brokered
Authentication pattern within a particular service inventory. Because SAML assertions
normally contain a signature, the security specialist is confident that the integrity of
messages will be maintained. What's wrong with this assumption?

（A）The signature contained within the SAML assertion protects the integrity of the
assertion, not of the message itself.

（B）Nothing is wrong. The security specialist's assumption is correct.

（C）SAML assertions cannot contain signatures.

（D）SAML assertions also contain the name of the issuer and the validity period, which are
needed in addition to the signature to ensure message integrity.

正解：A 解答を投票する

質問 8

You are required to design an authorization mechanism for a REST service. The service
provides functionality by providing access to different resources, some of which are local to
the service while others are located on remote servers. You are required to restrict access
to the service based on which resource is requested and which HTTP method has been
specified by the service consumer. By doing so, which combination of action control rules
needs to be used?

（A）environment and resource

（B）resource and action

（C）identity and environment

（D）action and identity

正解：B 解答を投票する

質問 9

The sender-vouches SAML subject confirmation method is best suited for a service
consumer that does not need to interact with more than one service for a given task.

（A）False

（B）True

正解：A 解答を投票する

質問 10

The application of the Data Origin Authentication pattern only provides message integrity.

（A）False

（B）True

正解：A 解答を投票する

S90.18 無料問題集「SOA Fundamental SOA Security」

弊社を連絡する

関連リンク

トップ試験