S90.18無料問題集「SOA Fundamental SOA Security」

質問 1

Which of the following approaches represents a valid means of utilizing generic security
logic?

（A）When required, generic security logic can be abstracted into a separate utility service.
This allows for reuse.

（B）When required, generic security logic can be embedded within a service. The close
proximity to the service logic maximizes the chances that the security logic will be
consistently executed without interference from attackers.

（C）All of the above.

（D）When required, generic security logic can be abstracted into a service agent. This allows
for reuse and the security logic can be executed in response to runtime events.

正解：C 解答を投票する

質問 2

The requirement to defer security related state data at runtime relates directly to the
application of which service-orientation principle?

（A）Service Abstraction

（B）Service Loose Coupling

（C）None of the above.

（D）Service Autonomy

正解：C 解答を投票する

質問 3

A set of services within a service inventory were originally each designed with a dedicated
identity store. To reduce the need for service consumers to repeatedly authenticate
themselves when having to access multiple services, a new ___________ has been added
along with a____________.

（A）certificate authority, single identity store

（B）certificate authority, certificate repository

（C）authentication broker, single identity store

（D）authentication broker, certificate authority

正解：C 解答を投票する

質問 4

The receiver of a message decrypts an encrypted message digest using the public key of
the sender that corresponds to the private key. The receiver then matches it against the
digest of the original message. If the decrypted digest and the newly calculated digest
match, then what does it prove?

（A）integrity

（B）non-repudiation

（C）confidentiality

（D）coupling

正解：A、B 解答を投票する

質問 5

The Data Confidentiality pattern can be applied using which of the following security
mechanisms?

（A）identity store

（B）hashing

（C）symmetric encryption

（D）asymmetric encryption

正解：C、D 解答を投票する

質問 6

The SAML and WS-Security industry standards can be applied to the same service
composition architecture.

（A）False

（B）True

正解：B 解答を投票する

質問 7

Service A requires certificates signed by a trusted certificate authority. The certificate
authority publishes a Certificate Revocation List (CRL) on a frequent basis. As a result,
some of the service consumers that were previously authorized to access Service A will not
be able to after new CRLs are issued. How can this security requirement be enforced?

（A）None of the above

（B）Using certificates in such a scenario is not a valid option.

（C）A human security administrator needs to check the validity of each certificate with the
certificate authority whenever Service A is accessed.

（D）An intermediary can check against the CRL to determine whether a certificate provided
by a service consumer is still valid.

正解：D 解答を投票する

質問 8

The sender-vouches SAML subject confirmation method is best suited for a service
consumer that does not need to interact with more than one service for a given task.

（A）False

（B）True

正解：A 解答を投票する

質問 9

The manager of an IT department decides to split up an existing enterprise service
inventory into two domain service inventories. The public key used previously in the
enterprise service inventory can continue to be used in one of the domain service
inventories.

（A）False

（B）True

正解：B 解答を投票する

質問 10

The services within a domain service inventory provide access to confidential data
retrieved from a shared database. These services need to be accessible from outside the
domain service inventory. Which of the following design options will preserve the
confidentiality of the data when the services are accessed from outside the service
inventory?

（A）The messages exchanged by the services are designed to include security tokens.

（B）A dedicated database is created to store the confidential data. This database will only be
used by the services that need to be externally accessed.

（C）None of above

（D）The Direct Authentication pattern is applied to the database used by the services that
need to be externally accessed.

正解：C 解答を投票する

S90.18 無料問題集「SOA Fundamental SOA Security」

弊社を連絡する

関連リンク

トップ試験