Most Recent Arcitura Education S90.20 Exam Questions & Answers

Prepare for the Arcitura Education SOA Security Lab exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the Arcitura Education S90.20 exam and achieve success.

The questions for S90.20 were last updated on Dec 26, 2024.

Viewing page 1 out of 6 pages.
Viewing questions 1-5 out of 30 questions

Get All 30 Questions & Answers

Question No. 1

Service A is a publically accessible service that provides free multimedia retrieval capabilities to a range of service consumers. To carry out this functionality, Service A is first invoked by Service Consumer A (1). Based on the nature of the request message received from Service Consumer A, Service A either invokes Service B or Service C .When Service B is invoked by Service A (2A) it retrieves data from publicly available sources (not shown) and responds with the requested data (3A). When Service C is invoked by Service A (2B) it retrieves data from proprietary sources within the IT enterprise (not shown) and responds with the requested data (3B). After receiving a response from Service B or Service C, Service A sends the retrieved data to Service Consumer A (4). Service B does not require service consumers to be authenticated, but Service C does require authentication of service consumers. The service contract for Service A therefore uses WS-Policy alternative policies in order to express the two different authentication requirements to Service Consumer A .When Service Consumer A sends a request message (1), Service A determines whether the request requires the involvement of Service C and then checks to ensure that the necessary security credentials were received as part of the message. If the credentials provided by Service Consumer A are verified. Service A creates a signed SAML assertion and sends it with the request message to Service C (2B) This authentication information is protected by public key encryption However, responses to Service Consumer A's request message (3B, 4) are not encrypted for performance reasons. The owner of Service C is planning two changes to the service architecture:

1. A fee will be charged to Service Consumer A (or any service consumer) using Service C .2. The response messages issued by Service C need to be secured in order to prevent unauthorized access. An analysis of Service C's usage statistics reveals that a group of service consumers specifically request the retrieval of multimedia data on a frequent basis. To promote the usage of Service C to these types of service consumers, the owner of Service C plans to offer a special discount by allowing unlimited multimedia retrievals for a fixed monthly price. Service consumers that do not subscribe to this promotion will need to pay for each request individually. It is anticipated that the new promotion will significantly increase the usage of Service C .The owner of Service C therefore wants to ensure that the security added to the response messages has a minimal impact on Service C's runtime performance. What steps can be taken to fulfill these requirements?

AUse symmetric session keys so that for each response message, Service C generates a session key and encrypts the-response message using this session key. The session key is then encrypted (using the service consumer's public key) and attached to the encrypted response. A single session key can then be used by Service C for communication with all service consumers that subscribe to the promotion.

BBecause the services in this service composition already rely on public key encryption to provide authentication, Service C can provide message confidentiality by encrypting the response message with Service Consumer A's public key. This will ensure that only the intended recipient, in possession of the corresponding private key, can decrypt the response message. To further reduce the performance impact of encryption, Service C can generate a new public-private key pair to be used by service consumers subscribed to the promotion. By securely distributing the private key to each of these service consumers, Service C only needs to encrypt the response messages once with the public key.

CDesign Service C to generate a message digest of the response message and encrypt it with the service consumer's publickey. Because the message digest is typically small, the performance of public key encryption is acceptable. This approach also ensures that only the service consumer can decrypt the response message using the corresponding private key.

DDesign the service composition architecture so that the encryption of the response messages is performed by Service B and Service C .To reduce the performance impact, a policy can be added to Service A's service contract in order to require the encryption of all response messages, regardless of the type of service consumer making the request. Further, a new utility service can be added to the service composition. This service can be responsible for obtaining the public key of the service consumer and forwarding the key along with the request message to the appropriate service (Service B or Service C). The service receiving the message can then encrypt the response message with the received public key. Service A can then forward the encrypted response to the service consumer. This approach ensures that only authorized service consumers will be able to access response messages.

Show Answer

Correct Answer: A

Question No. 2

Services A, B, and C reside in Service Inventory A and Services D, E, and F reside in Service Inventory B .Service B is an authentication broker that issues WS-Trust based SAML tokens to Services A and C upon receiving security credentials from Services A and C .Service E is an authentication broker that issues WS-Trust based SAML tokens to Services D and F upon receiving security credentials from Services D and E .Service B uses the Service Inventory A identify store to validate the security credentials of Services A and C .Service E uses the Service Inventory B identity store to validate the security credentials of Services D and F .It is decided to use Service E as the sole authentication broker for all services in Service Inventories A and B .Service B is kept as a secondary authentication broker for load balancing purposes. Specifically, it is to be used for situations where authentication requests are expected to be extra time consuming in order to limit the performance burden on Service E .Even though Service B has all the necessary functionality to fulfill this new responsibility, only Service E can issue SAML tokens to other services. How can these architectures be modified to support these new requirements?

AWhen time consuming authentication requests are identified, Service E can forward them to Service B .Upon performing the authentication, Service B sends its own signed SAML token to Service E .Because Service E trusts Service B .it can use the Service B-specific SAML token to issue an official SAML token that is then sent to the original service consumer (that requested authentication) and further used by other services.

BTo provide load balancing, a service agent needs to be implemented to intercept all incoming requests to Service E .The-service agent uses a random distribution of the authentication requests between Service B and Service E .Because the request messages are distributed in a random manner, the load between the two authentication brokers is balanced.

CBecause both Service B and Service E issue SAML tokens, these tokens are interchangeable. In order for both services to-receive the same amount of authentication requests, a shared key needs to be provided to them for signing the SAML tokens. By signing the SAML tokens with the same key, the SAML tokens generated by Service B cannot be distinguished from the SAML tokens generated by Service E .

DBecause the federation requirements ask for SAML tokens generated by Service E, Service B cannot function as an-authentication broker. To address the load balancing requirement, a new utility service needs to be introduced to provide functionality that is redundant with Service E .This essentially establishes a secondary authentication broker to which Service E can defer time-consuming authentication tasks at runtime.

Show Answer

Correct Answer: B

Question No. 3

Service A is a publically accessible service that provides free multimedia retrieval capabilities to a range of service consumers. To carry out this functionality, Service A is first invoked by Service Consumer A (1). Based on the nature of the request message received from Service Consumer A, Service A either invokes Service B or Service C .When Service B is invoked by Service A (2A) it retrieves data from publicly available sources (not shown) and responds with the requested data (3A). When Service C is invoked by Service A (2B) it retrieves data from proprietary sources within the IT enterprise (not shown) and responds with the requested data (3B). After receiving a response from Service B or Service C, Service A sends the retrieved data to Service Consumer A (4). Service B does not require service consumers to be authenticated, but Service C does require authentication of service consumers. The service contract for Service A therefore uses WS-Policy alternative policies in order to express the two different authentication requirements to Service Consumer A .When Service Consumer A sends a request message (1), Service A determines whether the request requires the involvement of Service C and then checks to ensure that the necessary security credentials were received as part of the message. If the credentials provided by Service Consumer A are verified. Service A creates a signed SAML assertion and sends it with the request message to Service C (2B) This authentication information is protected by public key encryption However, responses to Service Consumer A's request message (3B, 4) are not encrypted for performance reasons. Recently, the usage of Service C has noticeably declined. An investigation has revealed response messages issued by Service C (3B) have been repeatedly intercepted and accessed by unauthorized and malicious intermediaries. As a result, Service Consumer A has lost confidence in the use of Service A for the retrieval of proprietary data because it is being viewed as a security risk. This is especially troubling, because the owner of Service A had planned to start charging a fee for Service A's ability to provide proprietary data via the use of Service C .How can this service composition architecture be changed to address the security problem with minimal impact on runtime performance?

AUse the existing PKI to provide message-layer security for the response messages originating from Service C .To provide-message confidentiality, Service C can encrypt the response messages using Service Consumer A's public key. This prevents unauthorized intermediaries from accessing the content of response messages.

BUse the existing PKI to provide two-way authentication of the exchanged messages. After receiving a request from the service consumer, Service A can respond with a signed acknowledgement of the message, encrypted by the public key of Service Consumer A .Only Service Consumer A will be able to decrypt the encrypted acknowledgement. Service Consumer A then responds to the acknowledgement, thereby verifying its identity with Service A .Because both Service Consumer A and Service A are mutually authenticated, end-to-end transport-layer security is sufficient to provide message confidentiality in order to prevent unauthorized intermediaries from accessing messages originating from Service C .

CUse the existing PKI to establish secure communication between Service Consumer A and Service C .A symmetric key can be generated for the data being sent from Service C to Service Consumer A Service C can generate a session key that is encrypted with Service Consumer A's public key. Service C can then attach the session key to the response message, which is encrypted using the session key. Because only Service Consumer A can decrypt the encrypted session key, the data transmitted in the message is safe from access by unauthorized intermediaries.

DUse the existing PKI to specify encryption and digital signature requirements on the messages. Service C can use Service-Consumer A's public key to generate a symmetric key. Service Consumer A can also generate the same session key from its own public key. Service C can use the session key to encrypt the response message (and the hash value of the response message), concatenate them, and send them to Service Consumer A .Service Consumer A separates the concatenated and encrypted hash value, decrypts it, and then decrypts the encrypted response message. As a result, the confidentiality and integrity of the response message are guaranteed.

Show Answer

Correct Answer: C

Question No. 4

Service A provides a data access capability that can be used by a variety of service consumers. The database records accessed by Service A are classified as either private or public. There are two types of service consumers that use Service A:

Service consumers with public access permissions (allowed to access only public data records) and service consumers with private access permissions (allowed to access all data records). For performance reasons the Service A architecture uses a single database, named Database A .Each record in Database A is classified as either private or public. After Service A is invoked by a service consumer (1), it authenticates the request message using an identity store and retrieves the corresponding authorization (2, 3). Once authorized, the service consumer's request is submitted to Database A (4), which then returns the requested data (5) If the service consumer has private access permissions, all of the returned data is included in Service A's response message (6). If the service consumer has public access permissions, then Service A first filters the data in order to remove all unauthorized private data records, before sending to the response message to the service consumer (6). An investigation recently detected that private data has been leaked to unauthorized service consumers. An audit of the Service A architecture revealed that Service A's filtering logic is flawed, resulting in situations where private data was accidentally shared with service consumers that only have public access permissions. Further, it was discovered that attackers have been monitoring response messages sent by Service A in order to capture private data. It is subsequently decided to split Database A into two databases:

one containing only private data (the Private Database) and the other containing only public data (the Public Database). What additional changes are necessary to address these security problems?

AThe Service A logic needs to be modified to work with the two new databases. Service A needs to be able to access the Public Database and the Private Database when it receives a request message from a service consumer with private access permissions, and it must only access the Public Database when it receives a request message from a service consumer with public access permissions. Furthermore, any response messages issued by Service A containing private data need to be encrypted.

BA utility service needs to be created and positioned between Service A and the service consumer. The utility service can-contain screening logic that can verify the service consumer's credentials and then forward the request message to the Private Database or to the Public Database, depending on the service consumer's access permissions. Because each request message is evaluated by the database, no filtering of the returned data is necessary. The data is sent back to the consumer in a response message encrypted using symmetric key encryption.

CAfter the service consumer's request message is authenticated. Service A can generate a onetime symmetric encryption key that it sends to the service consumer. This key is encrypted by the public key of the service consumer. After the service consumer acknowledges the receipt of the one-time encryption key, Service A forwards the service consumer's data access request (and the corresponding credentials) to both databases. After receiving the responses from the databases, Service A compiles the results into a single response message. This message is encrypted with the one-time key and sent by Service A to the service consumer.

DThe Service A architecture can be enhanced with certificate-based authentication of service consumers in order to avoid dependency on the identity store. By using digital certificates, Service A can authenticate a service consumer's request message and then forward the data access request to the appropriate database. After receiving the responses from the databases, Service A can use the service consumer's public key to encrypt the response message that is sent to the service consumer.

Show Answer

Correct Answer: A

Question No. 5

Service Consumer A submits a request message with security credentials to Service A (1). The identity store that Service A needs to use in order to authenticate the security credentials can only be accessed via a legacy system that resides in a different service inventory. Therefore, to authenticate Service Consumer A, Service A must first forward the security credentials to the legacy system (2). The legacy system then returns the requested identity to Service A (3). Service A authenticates Service Consumer A against the identity received from the legacy system. If the authentication is successful, Service A retrieves the requested data from Database A (4), and returns the data in a response message sent back to Service Consumer A (5). Service A belongs to Service Inventory A which further belongs to Security Domain A and the legacy system belongs to Service Inventory B which further belongs to Security Domain B .(The legacy system is encapsulated by other services within Service Inventory B, which are not shown in the diagram.) These two security domains trust each other. Communication between Service A and the legacy system is kept confidential using transport-layer security. It was recently discovered that a malicious attacker, posing as Service Consumer A, has been accessing Service A .An investigation revealed that these attacks occurred because security credentials supplied by Service Consumer A were transmitted in plaintext. Furthermore, vulnerabilities to replay attacks and malicious intermediaries have been detected. Which of the following statements describes a solution that can counter these types of attacks?

Also, list the industry standards required by the proposed solution.

AApply the Data Origin Authentication pattern together with the Data Confidentiality pattern in order to establish message-layer security that guarantees the confidentiality and integrity of messages exchanged by Service Consumer A and Service A .Further, a security policy can be created to require that security credentials submitted to Service A must be digitally signed and encrypted and also contain a timestamp to validate the actual time the request was issued. Industry standards that can be used for this solution are WS-Policy, WS-Security-Policy, XMLEncryption, and XML-Signature.

BApply the Service Perimeter Guard pattern together with the Trusted Subsystem pattern to establish a perimeter service that can perform security functions on behalf of Service A .Theutility service can verify the validity of the request messages from Service Consumer A by authenticating the request message against an identity store. If the request message is authenticated, the utility service then sends it to Service A for further processing. All communications between Service A and Service Consumer A can be encrypted using the public key of the intended recipient, and signed using the private key of the sender. Industry standards that can be used for this solution are XML-Encryption, XML-Signature, and WS-Trust.

CApply the Service Perimeter Guard pattern to establish a perimeter service that can perform security functions on behalf of-Service A .Next, apply the Data Confidentiality pattern so that the security credential information provided by Service Consumer A with the request message is encrypted with the secret key shared between the perimeter service and Service Consumer A .The perimeter service evaluates the credentials and if successfully authenticated, forwards the request message to Service A .Transport-layer security is used to protect message exchanges between Service A and Service Consumer A .

DApply the Trusted Subsystem pattern together with the Data Origin Authentication pattern in order to establish a utility service-that performs the security processing on behalf of Service A .Service Consumer A must digitally sign all request messages and encrypt the credential information using the public key of the utility service. The utility service can then verify the security credentials and the digital signature to establish the validity of the request message. If the request message is permitted, the utility service establishes a composite trust domain that encompasses Service Consumer A, Service A, Database A, and the legacy system. Because all communications remain within a single trust domain, malicious intermediaries will not be able to gain access to any exchanged data.

Show Answer

Correct Answer: A

Unlock All Questions for Arcitura Education S90.20 Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 30 Questions & Answers