← Back to exam page

S90.19 Advanced SOA Security

Loading demo links...

Showing 7–9 of 10 questions

Question 7

The same security policy has been redundantly implemented as part of the service contracts for Web services A, B and

C. In order to reduce the effort of maintaining multiple redundant service policies, it has been decided to centralize policy enforcement across these three services. Which of the following industry standards will need to be used for Web services A, B and C in order for their service contracts to share the same security policy document?

Select an option, then click Submit answer.

  • WS-PolicyAttachment

  • WS-SecureConversation

  • In order to reduce the effort of maintaining multiple redundant service policies, it has been decided to centralize policy enforcement across these three services. Which of the following industry standards will need to be used for Web services A, B and C in order for their service contracts to share the same security policy document?



    WS-Trust

  • WS-Security
Question 8

Service A is only authorized to access one service capability of Service B. Service B acts as a trusted subsystem for several underlying resources which it accesses using its own set of credentials. Service B can therefore not become a victim of an insufficient authorization attack initiated by Service A.

Select an option, then click Submit answer.

  • True

  • False

Question 9

The application of the Service Loose Coupling principle does not relate to the use of security policies as part of service contracts.

Select an option, then click Submit answer.

  • True

  • False