The owner of a service inventory reports that the public key related to a certain private key has been lost. There is a concern that this was the result of a security breach. A security specialist recommends contacting the certificate authority in order to add the corresponding certificate to the certificate authority's Certificate Revocation List (CRL). However, the certificate authority responds by indicating that this is not necessary. Which of the following answers explains this response?
Both the Brokered Authentication pattern and the Direct Authentication pattern advocate the use of a central identity store.
A typical SAML assertion will contain at least one of the following subject statements:
The more _____________ the security architecture is across services, the more ____________the service composition architecture.
Security specialists are planning to implement public key cryptography in order to encrypt messages exchanged between Service A and Service B. Which of the following options fulfills this requirement?
Which of the following are valid reasons for a certificate to be revoked:
Service A hashes a message using algorithm X. which creates message digest X1. Service B uses a different algorithm Y to create message digest Y1 of the same message. Which of the following statements are true regarding the comparison of X1 and Y1?
The application of the Brokered Authentication pattern is best suited for a scenario whereby a service consumer does not need to re-authenticate itself with multiple services.
The use of XML-Encryption supports the application of the Service Abstraction principle because the actual message remains hidden from the attacker.
Which of the following approaches represents a valid means of utilizing generic security logic?
Losing a ______________ does not compromise the identity of the key owner, whereas losing a ___________ does compromise the identity of the key owner.
A valid signature issued by a certificate authority provides a guarantee that:
Which of the following are valid security considerations specific to the application of the Service Autonomy principle?
Using message-layer security, if a service agent takes possession of a message, it can forward the message to another service.