Labour Day Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. SOA
  3. SOA Security
  4. S90.18 - Fundamental SOA Security

SOA S90.18 Fundamental SOA Security Exam Practice Test

Note! Following S90.18 Exam is Retired now. Please select the alternative replacement for your Exam Certification.
Page: 1 / 10
Total 98 questions
Get S90.18 Full Access Download S90.18 PDF

Fundamental SOA Security Questions and Answers

Question 1

The owner of a service inventory reports that the public key related to a certain private key has been lost. There is a concern that this was the result of a security breach. A security specialist recommends contacting the certificate authority in order to add the corresponding certificate to the certificate authority's Certificate Revocation List (CRL). However, the certificate authority responds by indicating that this is not necessary. Which of the following answers explains this response?

Options:

A.

The certificate authority needs to issue a new public key instead.

B.

The certificate authority requires that the existing public key needs to be changed within the existing certificate.

C.

Public keys cannot get lost because they are already publically available.

D.

None of the above

Question 2

Both the Brokered Authentication pattern and the Direct Authentication pattern advocate the use of a central identity store.

Options:

A.

True

B.

False

Question 3

A typical SAML assertion will contain at least one of the following subject statements:

Options:

A.

authorization decision statement

B.

authentication statement

C.

attribute statement

D.

certificate authority issuer statement

Question 4

The more _____________ the security architecture is across services, the more ____________the service composition architecture.

Options:

A.

standardized, flexible

B.

centralized, vendor-neutral

C.

standardized, vendor-centric

D.

centralized, inflexible

Question 5

Security specialists are planning to implement public key cryptography in order to encrypt messages exchanged between Service A and Service B. Which of the following options fulfills this requirement?

Options:

A.

A shared key is used by both the services for message encryption and decryption

B.

The XML-Signature standard is applied

C.

The Data Origin Authentication pattern is applied

D.

None of the above

Question 6

Which of the following are valid reasons for a certificate to be revoked:

Options:

A.

The certificate was fraudulently obtained

B.

The public key has been compromised

C.

The private key has been compromised

D.

The subject is no longer permitted to use the certificate

Question 7

Service A hashes a message using algorithm X. which creates message digest X1. Service B uses a different algorithm Y to create message digest Y1 of the same message. Which of the following statements are true regarding the comparison of X1 and Y1?

Options:

A.

They have fixed sizes

B.

They can be swapped

C.

They do not match

D.

They are based on the same hashing algorithm

Question 8

The application of the Brokered Authentication pattern is best suited for a scenario whereby a service consumer does not need to re-authenticate itself with multiple services.

Options:

A.

True

B.

False

Question 9

The use of XML-Encryption supports the application of the Service Abstraction principle because the actual message remains hidden from the attacker.

Options:

A.

True

B.

False

Question 10

Which of the following approaches represents a valid means of utilizing generic security logic?

Options:

A.

When required, generic security logic can be embedded within a service. The close proximity to the service logic maximizes the chances that the security logic will be consistently executed without interference from attackers.

B.

When required, generic security logic can be abstracted into a separate utility service. This allows for reuse.

C.

When required, generic security logic can be abstracted into a service agent. This allows for reuse and the security logic can be executed in response to runtime events.

D.

All of the above.

Question 11

Losing a ______________ does not compromise the identity of the key owner, whereas losing a ___________ does compromise the identity of the key owner.

Options:

A.

private key, public key

B.

validated certificate, revoked certificate

C.

security policy, SAML token

D.

None of the above

Question 12

A valid signature issued by a certificate authority provides a guarantee that:

Options:

A.

the certificate authority can be trusted

B.

the certificate is not expired

C.

the certificate is being used for an authorized purpose

D.

None of the above.

Question 13

Which of the following are valid security considerations specific to the application of the Service Autonomy principle?

Options:

A.

Avoid including non-essential security requirements in the service contract.

B.

Avoid including content in the service contract that unnecessarily exposes details about the underlying service implementation.

C.

Avoid modifying security policies that can break dependencies with service consumers.

D.

None of the above.

Question 14

Using message-layer security, if a service agent takes possession of a message, it can forward the message to another service.

Options:

A.

True

B.

False

Load More S90.18 Questions 
Page: 1 / 10
Total 98 questions
Get S90.18 Full Access Download S90.18 PDF