SOA S90.19 - Advanced SOA Security Exam

Page:    1 / 17   
Total 83 questions

The use of session keys and symmetric cryptography results in:

  • A. Increased performance degradation
  • B. Increased reliability degradation
  • C. Reduced message sizes
  • D. None of the above


Answer : D

Which of the following are types of security sessions?

  • A. Authentication
  • B. Authorization
  • C. asymmetric key agreement
  • D. single sign-on


Answer : A,D

The application of the Data Origin Authentication pattern and the Data Confidentiality pattern do not help mitigate the risk of malicious intermediary attacks.

  • A. True
  • B. False


Answer : B

Service A is only authorized to access one service capability of Service B. Service B acts as a trusted subsystem for several underlying resources which it accesses using its own set of credentials. Service B can therefore not become a victim of an insufficient authorization attack initiated by Service A.

  • A. True
  • B. False


Answer : B

Service A is a Web service with an implementation that uses managed code. To perform a graphics-related operation, this managed code needs to access a graphics function that exist as unmanaged code. A malicious service consumer sends a message to Service A containing a very large numeric value. This value is forwarded by Service A' s logic to the graphics function. As a result, the service crashes and becomes unavailable. The service consumer successfully executed which attack?

  • A. Buffer overrun attack
  • B. Exception generation attack
  • C. XML parser attack
  • D. None of the above


Answer : A

Page:    1 / 17   
Total 83 questions