Which of the following are valid reasons for a certificate to be revoked:
Answer : A,C,D
Service A hashes a message using algorithm X. which creates message digest X1. Service
B uses a different algorithm Y to create message digest Y1 of the same message. Which of the following statements are true regarding the comparison of X1 and Y1?
Answer : A,C
To provide message confidentiality and message integrity, which of the following patterns need to be applied?
Answer : D
The requirement to defer security related state data at runtime relates directly to the application of which service-orientation principle?
Answer : D
A valid signature issued by a certificate authority provides a guarantee that:
Answer : D
A service that was previously using a shared identity store is now given its own dedicated identity store instead. What are the likely impacts (positive or negative) that will result from this change?
Answer : A,B
When establishing a single sign-on mechanism, the application of the Standardized Service
Contract principle requires the use of SAML because it is an industry standard understood by multiple service consumers.
Answer : B
The services within a domain service inventory provide access to confidential data retrieved from a shared database. These services need to be accessible from outside the domain service inventory. Which of the following design options will preserve the confidentiality of the data when the services are accessed from outside the service inventory?
Answer : D
The more _____________ the security architecture is across services, the more
____________the service composition architecture.
Answer : A
In order to keep a service-oriented architectural model in constant alignment with the business it can be helpful for the security architecture to be ____________ and
___________.
Answer : C
The messages exchanged between two services are kept confidential by using symmetric encryption. The security specialist is quite strict about making sure that no attacker is able to intercept and decipher messages sent between these two services. As a result, periodic audits are conducted in order to ensure that shared keys are always kept confidential. A single shared key has been in use for quite some time now. The security specialist was confident that all keys were well guarded, but just recently their security was compromised.
How is this possible given that the shared key was never lost?
Answer : C
Which of the following is not a hashing algorithm?
Answer : B
A set of SAML tokens has been used as a result of the application of the Brokered
Authentication pattern within a particular service inventory. Because SAML assertions normally contain a signature, the security specialist is confident that the integrity of messages will be maintained. What's wrong with this assumption?
Answer : A
A service is forced to use a non-standardized service contract that expresses security policies that were derived from underlying legacy resources. This inhibits the application of which of the following service-orientation principles?
Answer : B,D