Browsed by
Tag: S90-18A exam question

Latest Geekcert S90-18A Exam S90-18A Dumps 100% Free Download

Latest Geekcert S90-18A Exam S90-18A Dumps 100% Free Download

Geekcert ensures to provide the most update Jan 12,2022 Newest S90-18A vce dumps Fundamental SOA Security exam questions with the most accurate answers. Geekcert SOACP Hotest S90-18A study guide are the most complete and authoritative exam preparation materials with which one can pass the SOACP Hotest S90-18A vce dumps exam in an easy way. Preparing for SOA Certified Professional SOACP Latest S90-18A pdf Fundamental SOA Security exam is really a tough task to accomplish. But Geekcert will simplified the process.

Geekcert – leading source of S90-18A certification exam learning/practice. Geekcert – help candidates on all S90-18A certification exams preparation. pass S90-18A certification exams, get it certifications easily. get your S90-18A certification easily. Geekcert expert team is ready to help you. Geekcert – help you to get your S90-18A certification more easily. save your time and money! high pass rate!

We Geekcert has our own expert team. They selected and published the latest S90-18A preparation materials from SOA Certified Professional Official Exam-Center:

The following are the S90-18A free dumps. Go through and check the validity and accuracy of our S90-18A dumps.Free sample questions of S90-18A free dumps are provided here. All the following questions are from the latest real S90-18A dumps.

Question 1:

The application of the Brokered Authentication pattern is best suited for a scenario whereby a service consumer does not need to re-authenticate itself with multiple services.

A. True

B. False

Correct Answer: B

Question 2:

The manager of an IT department decides to split up an existing enterprise service inventory into two domain service inventories. The public key used previously in the enterprise service inventory can continue to be used in one of the domain service inventories.

A. True

B. False

Correct Answer: A

Question 3:

A task service needs to access three entity services as part of a service composition. The task service needs to authenticate itself every time it accesses one of the three entity services. Because the task service must authenticate itself three times to complete its task, the current service composition design is considered inefficient.

How can it be improved while continuing to fulfill the authentication requirements?

A. Increase the network bandwidth between the task service and the entity services.

B. Use a single sign-on mechanism.

C. Remove the authentication requirements within the service composition, thereby reducing the message size and making communication faster.

D. None of the above

Correct Answer: B

Question 4:

Which of the following security mechanisms can provide centralized security measures for all services within a service inventory?

A. public key infrastructure

B. single sign-on

C. hashed certificate repository

D. identity management system

Correct Answer: ABD

Question 5:

The services within a domain service inventory provide access to confidential data retrieved from a shared database. These services need to be accessible from outside the domain service inventory. Which of the following design options will preserve the confidentiality of the data when the services are accessed from outside the service inventory?

A. The Direct Authentication pattern is applied to the database used by the services that need to be externally accessed.

B. A dedicated database is created to store the confidential data. This database will only be used by the services that need to be externally accessed.

C. The messages exchanged by the services are designed to include security tokens.

D. None of above

Correct Answer: D

Question 6:

A hashing function always returns for the same input data.

A. a different transformation

B. a different digest

C. the same transformation

D. the same digest

Correct Answer: D

Question 7:

When working with SAML, a Security Token Service (STS) and a Service Provider refer to the same service.

A. True

B. False

Correct Answer: B

Question 8:

When establishing a single sign-on mechanism, the application of the Standardized Service Contract principle requires the use of SAML because it is an industry standard understood by multiple service consumers.

A. True

B. False B

Correct Answer:

Question 9:

Both the Brokered Authentication pattern and the Direct Authentication pattern advocate the use of a central identity store.

A. True

B. False

Correct Answer: B

Question 10:

As part of Service Composition A, a service consumer needs to authenticate itself to four different services. The Direct Authentication pattern was applied to each of these four services, all of which share the same identity store. This identity store is also shared by a number of additional services. As a result of increased usage, the identity store has become a performance bottleneck. The resulting performance degradation is impacting Service Composition A to the extent that it is causing problems. The security architecture for Service Composition A needs to be improved in order to avoid further performance degradation. However, any changes to the service composition architecture cannot break any dependencies with the existing service consumer.

Which of the following approaches fulfills these requirements?

A. Apply the Brokered Authentication pattern so that SAML tokens can be issued by a centralized authentication broker. This way, the existing service consumer does not need to re-authenticate itself over and over again

B. Introduce dedicated identity stores so that each service in the service composition has its own copy of the identity information. This way, dependencies with the existingservice consumer are not broken

C. Use a service agent between the four services and the centralized identity store in order to centralize the task of authentication. This way, load on the identity store is decreased and dependencies with the existingservice consumer are not broken

D. None of the above

Correct Answer: B

Question 11:

Service A requires certificates signed by a trusted certificate authority. The certificate authority publishes a Certificate Revocation List (CRL) on a frequent basis. As a result, some of the service consumers that were previously authorized to access Service A will not be able to after new CRLs are issued.

How can this security requirement be enforced?

A. A human security administrator needs to check the validity of each certificate with the certificate authority whenever Service A is accessed.

B. An intermediary can check against the CRL to determine whether a certificate provided by a service consumer is still valid.

C. Using certificates in such a scenario is not a valid option.

D. None of the above

Correct Answer: B

Question 12:

Using transport-layer security, an active intermediary that takes possession of a message can compromise:

A. message confidentiality

B. message confidentiality and message integrity

C. message integrity

D. None of the above.

Correct Answer: B

Question 13:

In order to express the order in which a message is signed and encrypted, the industry standard can be used.

A. Decryption Transform for XML-Signature

B. XSL Transformations for XML

C. XML-Ordering

D. None of the above.

Correct Answer: A

Question 14:

A service that issues a SAML assertion is called a Policy Decision Point (PDP) while a service that accepts a SAML assertion is called a SAML authority.

A. True

B. False

Correct Answer: B

Question 15:

Service A is an agnostic service that currently uses message-layer security implemented by symmetric encryption. However, because Service A has recently been successfully attacked, it has been decided that asymmetric encryption needs to be used instead. The nature of the messages exchanged by Service A requires that only some parts of the message data need to be encrypted. Although it is agreed that asymmetric encryption is required, architects are concerned that it will adversely affect the service\’s runtime performance.

Which of the following approaches will fulfill these security requirements with the least amount of performance degradation?

A. An authentication broker needs to be introduced with a dedicated identity store.

B. Only the required parts of the message need to be encrypted instead of encrypting the entire message.

C. The Direct Authentication pattern needs to be applied so that no intermediary is involved between Service A and its service consumers.

D. Certificates need to be issued by a registered certificate authority.

Correct Answer: B