Arcitura Education S90.18 Exam Practice Test Instant Access

Question 1

Online Certificate Status Protocol (OCSP) based services provide online certificate revocation checking. However, these types of services can introduce network latency because only one certificate can be checked at a time.

ATrue

BFalse

Answer : A

Question 2

A project team is planning to create a secure service composition that consists of services from two different domain service inventories. The security mechanisms for each service inventory are based on different vendor technologies that adhere to the same industry standards and the same design standards. What is wrong with this service composition architecture?

ABecause different vendor security technologies were used, services from different domain service inventories will be using incompatible security credentials.

BSecurity mechanisms have a fixed limitation that prevents their usage across service inventory boundaries.

CVendor technologies do not adhere to industry standards. Only industry technologies adhere to industry standards.

DNone of the above

Answer : D

Question 3

Which of the following industry standards enable non-repudiation?

AXML-Encryption

BXML-Signature

CSAML

DNone of the above

Answer : B, C

Question 4

The Data Origin Authentication pattern is applied to services throughout a service inventory. As a result, if malicious service intermediaries change data within messages exchanged by these services, such changes will be detected.

ATrue

BFalse

Answer : A

Question 5

A certificate authority is generally responsible for

Aauthenticating the identity of an entity requesting a certificate

Bpublishing information about revoked certificates

Creceiving notifications about the loss of private keys

Dsigning certificates that bind a public key to authenticate identity information about the key holder

Answer : A, B, C, D

Question 6

You are required to design an authorization mechanism for a REST service. The service provides functionality by providing access to different resources, some of which are local to the service while others are located on remote servers. You are required to restrict access to the service based on which resource is requested and which HTTP method has been specified by the service consumer. By doing so, which combination of action control rules needs to be used?

Aidentity and environment

Benvironment and resource

Cresource and action

Daction and identity

Answer : C

Question 7

Service A supports WS-Security and Service B does not. How can they exchange secure messages?

AWS-Security regulates identity stores and therefore does not prohibit Service A and Service B from exchanging secure messages.

BService B can be designed to support XML Canonicalization instead. This enables Service B to be compatible with any service that supports WS-Security.

CAs long as both services share the same public key. it doesn't matter whether WS-Security is supported.

DNone of the above.

Answer : D

Arcitura Education S90.18 Fundamental SOA Security Exam Practice Test