Arcitura Education S90.18 Exam Questions Instant Access

Question 1

Both the Brokered Authentication pattern and the Direct Authentication pattern advocate the use of a central identity store.

ATrue

BFalse

Answer : B

Question 2

The use of XML-Encryption supports the application of the Service Abstraction principle because the actual message remains hidden from the attacker.

ATrue

BFalse

Answer : B

Question 3

With SAML, the _____________ element is used by the relying party to confirm that a given message came from the subject specified in the assertion.

Asubject confirmation

Btoken

Csign-on

Dclaim

Answer : A

Question 4

Service A hashes a message, resulting in message digest X. Service A encrypts message digest X with its private key, resulting in cipher text X1. Service A sends the message and X1 to Service B. Service B hashes the message, resulting in message digest Y. Service B decrypts X1 with Service A's public key, recovering message digest X1. Service B compares X and Y and finds them not to be equal. This proves that;

Athe message was altered

Bonly Service A sent this particular message

Cpublic key cryptography was used

DAll of the above

Answer : D

Question 5

SAML can be used for the application of the Brokered Authentication pattern.

ATrue

BFalse

Answer : A

Question 6

Using message-layer security, if a service agent takes possession of a message, it can forward the message to another service.

ATrue

BFalse

Answer : A

Question 7

Which of the following are valid security considerations specific to the application of the Service Autonomy principle?

AAvoid including non-essential security requirements in the service contract.

BAvoid including content in the service contract that unnecessarily exposes details about the underlying service implementation.

CAvoid modifying security policies that can break dependencies with service consumers.

DNone of the above.

Answer : D

Arcitura Education Fundamental SOA Security S90.18 Exam Questions