S90.18 試験問題を無料オンラインアクセス

Which of the following are valid security considerations specific to the application of the
Service Autonomy principle?

• A.Avoid including content in the service contract that unnecessarily exposes details about
  the underlying service implementation.
• B.Avoid including non-essential security requirements in the service contract.
• C.None of the above.
• D.Avoid modifying security policies that can break dependencies with service consumers.

The manager of an IT department decides to split up an existing enterprise service
inventory into two domain service inventories. The public key used previously in the
enterprise service inventory can continue to be used in one of the domain service
inventories.

• A.False
• B.True

The more _____________ the security architecture is across services, the more
____________the service composition architecture.

• A.standardized, flexible
• B.centralized, vendor-neutral
• C.centralized, inflexible
• D.standardized, vendor-centric

Service A contains a service capability that runs a complex mathematical function, which
results in runtime failure if invalid input values are supplied by a service consumer. Security
needs to be added so that it can be verified that message content received by Service A
has not been altered since the message was sent by a legitimate service consumer. Which
pattern needs to be applied to fulfill this security requirement?

• A.Brokered Authentication
• B.Direct Authentication
• C.Data Origin Authentication
• D.Data Confidentiality

Service A is owned by Organization A.
Service A sends a message containing confidential
data to Service B, which is owned by Organization B.
Service B sends the message to
Service C, which is also owned by Organization B.
Organization A trusts Organization B,
which means there is no requirement to protect messages from intermediaries and after a
message is received by Service B (and as long as the message remains within the
boundary of Organization B), there is no requirement to keep the message data
confidential. Which of the following approaches will fulfill these security requirements with
the least amount of performance degradation?

• A.SAML security tokens are used so that Service B can authenticate Service A.
• B.An authentication broker is introduced between Service A and Service B.
• C.The communication channel between Service A and Service B is encrypted using a
  transport-layer security technology.
• D.Messages exchanged between Service A and Service B are encrypted using XML-
  Encryption.