S90.19 Exam - Free SOA Questions and Answers

Question #1 (Topic: )

The use of session keys and symmetric cryptography results in:

A. Increased performance degradation B. Increased reliability degradation C. Reduced message sizes D. None of the above

Answer: D

Question #2 (Topic: )

Which of the following are types of security sessions?

A. Authentication B. Authorization C. asymmetric key agreement D. single sign-on

Answer: A,D

Question #3 (Topic: )

The application of the Data Origin Authentication pattern and the Data Confidentiality
pattern do not help mitigate the risk of malicious intermediary attacks.

A. True B. False

Answer: B

Question #4 (Topic: )

Service A is only authorized to access one service capability of Service B. Service B acts
as a trusted subsystem for several underlying resources which it accesses using its own
set of credentials. Service B can therefore not become a victim of an insufficient
authorization attack initiated by Service A.

A. True B. False

Answer: B

Question #5 (Topic: )

Service A is a Web service with an implementation that uses managed code. To perform a
graphics-related operation, this managed code needs to access a graphics function that
exist as unmanaged code. A malicious service consumer sends a message to Service A
containing a very large numeric value. This value is forwarded by Service A' s logic to the
graphics function. As a result, the service crashes and becomes unavailable. The service
consumer successfully executed which attack?

A. Buffer overrun attack B. Exception generation attack C. XML parser attack D. None of the above

Answer: A

SOA S90.19 - Advanced SOA Security Exam