SOA S90.19 - Advanced SOA Security Exam
Page: 2 / 17
Total 83 questions
Question #6 (Topic: )
Message screening logic and exception shielding logic can co-exist in a single perimeter
guard service.
guard service.
A. True
B. False
Answer: A
Question #7 (Topic: )
Which of the following can directly contribute to making a service composition architecture
more vulnerable to attacks?
more vulnerable to attacks?
A. Reliance on intermediaries
B. Reliance on transport-layer security
C. Reliance on open networks
D. All of the above
Answer: D
Question #8 (Topic: )
An attacker is able to gain access to a service and invokes the service. Upon executing the
service logic, the attacker is able to gain access to underlying service resources, including
a private database. The attacker proceeds to delete data from the database. The attacker
has successfully executed which type of attack?
service logic, the attacker is able to gain access to underlying service resources, including
a private database. The attacker proceeds to delete data from the database. The attacker
has successfully executed which type of attack?
A. exception generation attack
B. insufficient authorization attack
C. denial of service attack
D. None of the above.
Answer: B
Question #9 (Topic: )
An ESB is introduced into an IT enterprise, primarily to enable communication between a
set of disparate Web services. As a first step, the ESB needs to be configured to carry out
data model transformation in order to overcome differences in the XML schemas used by
the Web services. However, the messages exchanged by the Web services need to be
encrypted. What needs to be done in order for the ESB to enable communication between
the Web services without compromising message confidentiality?
set of disparate Web services. As a first step, the ESB needs to be configured to carry out
data model transformation in order to overcome differences in the XML schemas used by
the Web services. However, the messages exchanged by the Web services need to be
encrypted. What needs to be done in order for the ESB to enable communication between
the Web services without compromising message confidentiality?
A. The messages need to be digitally signed instead of encrypted.
B. The ESB needs to be configured so that it can decrypt and encrypt messages.
C. The Web services need to be designed to support transport-layer security instead of message-layer security.
D. In this scenario, the ESB cannot enable communication between the Web services without compromising message confidentiality.
Answer: B
Question #10 (Topic: )
A service uses specialized screening logic that compares the size of a message against a
maximum allowable size value. This value is specified for an incoming request message for
a specific service capability. Upon a mismatch, the service rejects the request message
and instead generates an error message. What type of attack has this security architecture
not addressed?
maximum allowable size value. This value is specified for an incoming request message for
a specific service capability. Upon a mismatch, the service rejects the request message
and instead generates an error message. What type of attack has this security architecture
not addressed?
A. XML parser attack
B. Buffer overrun attack
C. Exception shielding attack
D. None of the above
Answer: D
