SOA Fundamental SOA Security (S90.18) Free Practice Test
Question 1
Security specialists at an organization require that messages exchanged between two
services are kept private. There is an added requirement to check if the messages were
tampered with. The application of which of the following patterns fulfills these
requirements?
services are kept private. There is an added requirement to check if the messages were
tampered with. The application of which of the following patterns fulfills these
requirements?
Correct Answer: B,C
Question 2
As a requirement for accessing Service B, Service A needs to encrypt its request message.
Service B decrypts the message, makes some changes, encrypts the message, and then
forwards it to Service C.
However, the message does not make it to Service C.
Instead, a runtime error is raised by a service agent that does not support encryption. This service
agent only requires access to the message header in order to route the message to the
appropriate instance of Service C.
It is therefore decided that the header part of the message will not be encrypted. Which of the following can be used to address this
requirement?
Service B decrypts the message, makes some changes, encrypts the message, and then
forwards it to Service C.
However, the message does not make it to Service C.
Instead, a runtime error is raised by a service agent that does not support encryption. This service
agent only requires access to the message header in order to route the message to the
appropriate instance of Service C.
It is therefore decided that the header part of the message will not be encrypted. Which of the following can be used to address this
requirement?
Correct Answer: A
Question 3
The application of the Service Abstraction principle can hinder your ability to fully determine
how a service composition is secured because you may not be able to find out how all
composed services are secured.
how a service composition is secured because you may not be able to find out how all
composed services are secured.
Correct Answer: B
Question 4
To provide message confidentiality and message integrity, which of the following patterns
need to be applied?
need to be applied?
Correct Answer: A
Question 5
Correct Answer: A
Question 6
SAML can be used for the application of the Brokered Authentication pattern.
Correct Answer: B
Question 7
Both the Brokered Authentication pattern and the Direct Authentication pattern advocate
the use of a central identity store.
the use of a central identity store.
Correct Answer: A
Question 8
The owner of a service inventory reports that the public key related to a certain private key
has been lost. There is a concern that this was the result of a security breach. A security
specialist recommends contacting the certificate authority in order to add the corresponding
certificate to the certificate authority's Certificate Revocation List (CRL). However, the
certificate authority responds by indicating that this is not necessary. Which of the following
answers explains this response?
has been lost. There is a concern that this was the result of a security breach. A security
specialist recommends contacting the certificate authority in order to add the corresponding
certificate to the certificate authority's Certificate Revocation List (CRL). However, the
certificate authority responds by indicating that this is not necessary. Which of the following
answers explains this response?
Correct Answer: B
Question 9
Service A requires certificates signed by a trusted certificate authority. The certificate
authority publishes a Certificate Revocation List (CRL) on a frequent basis. As a result,
some of the service consumers that were previously authorized to access Service A will not
be able to after new CRLs are issued. How can this security requirement be enforced?
authority publishes a Certificate Revocation List (CRL) on a frequent basis. As a result,
some of the service consumers that were previously authorized to access Service A will not
be able to after new CRLs are issued. How can this security requirement be enforced?
Correct Answer: A
Question 10
The Direct Authentication pattern is best suited for point-to-point communication, while the
Brokered Authentication pattern is best suited for service composition where a service
consumer needs to re-authenticate itself with multiple services.
Brokered Authentication pattern is best suited for service composition where a service
consumer needs to re-authenticate itself with multiple services.
Correct Answer: B