Arcitura Education S90.18 Exam Questions Instant Access

Question 1

The owner of a service inventory reports that the public key related to a certain private key has been lost. There is a concern that this was the result of a security breach. A security specialist recommends contacting the certificate authority in order to add the corresponding certificate to the certificate authority's Certificate Revocation List (CRL). However, the certificate authority responds by indicating that this is not necessary. Which of the following answers explains this response?

AThe certificate authority needs to issue a new public key instead.

BThe certificate authority requires that the existing public key needs to be changed within the existing certificate.

CPublic keys cannot get lost because they are already publically available.

DNone of the above

Answer : C

Question 2

Service A hashes a message, resulting in message digest X. Service A encrypts message digest X with its private key, resulting in cipher text X1. Service A sends the message and X1 to Service B. Service B hashes the message, resulting in message digest Y. Service B decrypts X1 with Service A's public key, recovering message digest X1. Service B compares X and Y and finds them not to be equal. This proves that;

Athe message was altered

Bonly Service A sent this particular message

Cpublic key cryptography was used

DAll of the above

Answer : D

Question 3

Service A is a utility service that has been designed to receive and send non-confidential messages. Service A provides access to a legacy application. Since the launch of Service A . the overall usage volumes have increased beyond expectations. Upon a review of the access logs, it is discovered that most of the requests came from unauthorized service consumers. The application of the Direct Authentication and Data Confidentiality patterns will prevent this from happening in the future.

ATrue

BFalse

Answer : B

Question 4

A task service needs to access three entity services as part of a service composition. The task service needs to authenticate itself every time it accesses one of the three entity services. Because the task service must authenticate itself three times to complete its task, the current service composition design is considered inefficient. How can it be improved while continuing to fulfill the authentication requirements?

AIncrease the network bandwidth between the task service and the entity services.

BUse a single sign-on mechanism.

CRemove the authentication requirements within the service composition, thereby reducing the message size and making communication faster.

DNone of the above

Answer : B

Question 5

By applying the Data Origin Authentication pattern together with the Brokered Authentication pattern, you guarantee confidential message exchanges by a service consumer that needs to repeatedly authenticate itself with a set of services within the same service composition.

ATrue

BFalse

Answer : B

Question 6

Service A requires self-signed digital certificates from all of its service consumers. The service and its service consumers both belong to the same organization. You are presented with a new requirement to only allow access to those service consumers with certificates that have not expired. How can this requirement be addressed with minimal impacts on the current security architecture?

AThe current security mechanism already addresses this requirement because the certificates contain a value that represents the validity period.

BThe certificates need to be signed by an external certificate authority so that the certificate authority's Certificate Revocation List (CRL) can be accessed in order to check the expiry dates of the certificates.

CUsing certificates in this scenario is not a valid option.

DNone of the above

Answer : A

Question 7

SAML can be used for the application of the Brokered Authentication pattern.

ATrue

BFalse

Answer : A

Arcitura Education Fundamental SOA Security S90.18 Exam Questions