S90.19無料問題集「SOA Advanced SOA Security」

質問 1

Service A accesses a legacy system. There is a requirement to secure Service A so that it can only be accessed by authorized service consumers. The current service architecture doesn't allow the delegation of service consumer credentials to the legacy system. Which pattern needs to be applied in order to fulfill this security requirement?

（A）Direct Authentication

（B）Data Origin Authentication

（C）None of the above.

（D）Brokered Authentication

正解：C 解答を投票する

質問 2

When considering the ESB as providing intermediary logic, which of the following types of subject confirmation methods relate to its access control issues?

（A）Sender-vouches

（B）Issuer-vouches

（C）None of the above.

（D）Holder-of-key

正解：A 解答を投票する

質問 3

A service composition is made up of services from a particular domain service inventory.
All of the services belonging to the domain service inventory are deployed on the same server. Service A is part of the same domain inventory but is not part of this service composition. Service A becomes a victim of an XML parser attack resulting in its unavailability. However, because the services in the service composition rely on the same XML parser used by Service A.
the service composition can also be affected by this attack.

（A）False

（B）True

正解：B 解答を投票する

質問 4

Service A is a Web service with an implementation that uses managed code. To perform a graphics-related operation, this managed code needs to access a graphics function that exist as unmanaged code. A malicious service consumer sends a message to Service A containing a very large numeric value. This value is forwarded by Service A' s logic to the graphics function. As a result, the service crashes and becomes unavailable. The service consumer successfully executed which attack?

（A）None of the above

（B）Buffer overrun attack

（C）XML parser attack

（D）Exception generation attack

正解：B 解答を投票する

質問 5

Service A contains a comprehensive message screening routine that can consume a lot of system resources. Service consumers are reporting that sometimes Service A becomes non-responsive, especially after it receives a message containing a large amount of content. This may be an indication of which types of attacks?

（A）Insufficient authorization

（B）Denial of service attack

（C）XML parser attack

（D）XPath injection

正解：B、C 解答を投票する

質問 6

Within a service composition, two Web services are using certificates in order to ensure message integrity and sender's authenticity. The certificates are included with every message exchange. Recently, the performance of these message exchanges has degraded. How can the performance be improved without compromising message integrity and message authenticity?

（A）Use WS-Trust based SAML tokens by introducing an authentication broker

（B）None of the above

（C）Use WS-SecureConversation security context tokens that make use of session keys and symmetric cryptography

（D）Because the services are part of the same service composition, there are no message integrity or message authenticity requirements. Therefore, the certificates can be removed

正解：C 解答を投票する

質問 7

A service receives a message containing an XML document that expands to a very large size as it is processed by the parser. As a result, the service becomes unavailable to service consumers. The service was subjected to which type of attack?

（A）XPath injection attack

（B）None of the above.

（C）XML parser attack

（D）Exception generation attack

正解：C 解答を投票する

質問 8

The Service Perimeter Guard pattern can be used in combination with other patterns to help avoid both data-oriented attacks and access-oriented attacks.

（A）False

（B）True

正解：B 解答を投票する

S90.19 無料問題集「SOA Advanced SOA Security」

弊社を連絡する

関連リンク

トップ試験