S90.19 試験問題を無料オンラインアクセス

Service A acts as a trusted subsystem for a shared database. The database contains sensitive information and performs strict validation on all incoming data modification requests. In case of any invalid input values, the database throws detailed error messages that are required for debugging purposes and are automatically relayed back to service consumers by Service A.
Recently, while going through the access logs of the database, it has been reported that attempts have been made to connect to the database from outside the organization. What can be done to prevent such attacks while preserving the existing database debugging requirements?

• A.The Service Perimeter Guard pattern needs to be applied in order to centralize access to the database.
• B.The Data Origin Authentication pattern needs to be applied in order to incorporate digital signatures in request and response messages exchanged by Service A.
• C.The Data Confidentially pattern needs to be applied so that all request and response messages exchanged by Service A are encrypted.
• D.None of the above.

The application of the Trusted Subsystem pattern can help centralize access to services.

• A.True
• B.False

The use of parameterized expressions can help avoid which type of attack?

• A.XPath injection attack
• B.Buffer overrun attack
• C.XML parser attack
• D.Exception generation attack

The application of the Service Loose Coupling principle does not relate to the use of security policies as part of service contracts.

• A.True
• B.False

A service uses specialized screening logic that compares the size of a message against a maximum allowable size value. This value is specified for an incoming request message for a specific service capability. Upon a mismatch, the service rejects the request message and instead generates an error message. What type of attack has this security architecture not addressed?

• A.None of the above
• B.Buffer overrun attack
• C.XML parser attack
• D.Exception shielding attack