S90.18 無料問題集「SOA Fundamental SOA Security」
The services in a service inventory have all been built with compatible security
technologies and mechanisms. Now, security policies are being introduced for the first
time. How can security policies become part of the service inventory and its services while
adhering to the application of the Standardized Service Contract principle?
technologies and mechanisms. Now, security policies are being introduced for the first
time. How can security policies become part of the service inventory and its services while
adhering to the application of the Standardized Service Contract principle?
正解:A
解答を投票する
As a requirement for accessing Service B, Service A needs to encrypt its request message.
Service B decrypts the message, makes some changes, encrypts the message, and then
forwards it to Service C.
However, the message does not make it to Service C.
Instead, a runtime error is raised by a service agent that does not support encryption. This service
agent only requires access to the message header in order to route the message to the
appropriate instance of Service C.
It is therefore decided that the header part of the message will not be encrypted. Which of the following can be used to address this
requirement?
Service B decrypts the message, makes some changes, encrypts the message, and then
forwards it to Service C.
However, the message does not make it to Service C.
Instead, a runtime error is raised by a service agent that does not support encryption. This service
agent only requires access to the message header in order to route the message to the
appropriate instance of Service C.
It is therefore decided that the header part of the message will not be encrypted. Which of the following can be used to address this
requirement?
正解:A
解答を投票する
You are responsible for designing Service A, which must compose Services B and C.
You are able to apply the necessary security mechanisms to ensure that messages exchanged
by Service A comply with your security requirements. However, you are not given access to
the design specifications for Services B and C.
Based on the information that is published
about Services B and C, you cannot guarantee that these services will provide the same
level of security as Service A.
This limitation was placed upon you as a result of the
application of which service-orientation principle?
You are able to apply the necessary security mechanisms to ensure that messages exchanged
by Service A comply with your security requirements. However, you are not given access to
the design specifications for Services B and C.
Based on the information that is published
about Services B and C, you cannot guarantee that these services will provide the same
level of security as Service A.
This limitation was placed upon you as a result of the
application of which service-orientation principle?
正解:A
解答を投票する