Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

SOA S90-18A Exam -

Free S90-18A Sample Questions:

Q: 1
Which of the following is not a hashing algorithm?
A. MD5
B. X.509
C. SHA-1
D. SHA-256
Answer: B

Q: 2
The application of the Data Origin Authentication pattern only provides message integrity.
A. True
B. False
Answer: B

Q: 3
Service A relies on a shared identity store. Service B has its own identity store. Service C also has its own identity store, but must also access the shared identity store used by Service A. Which service has the least reduction in autonomy as a result of its relationship with identity store mechanism(s)?
A. Service A
B. Service B
C. Service C
D. The autonomy of all services is affected equally
Answer: B

Q: 4
The requirement to defer security related state data at runtime relates directly to the application of which service-orientation principle?
A. Service Loose Coupling
B. Service Autonomy
C. Service Abstraction
D. None of the above.
Answer: D

Q: 5
The use of XML-Encryption supports the application of the Service Abstraction principle because the actual message remains hidden from the attacker.
A. True
B. False
Answer: B

Q: 6
Service A sends a message to Service B which reads the values in the message header to determine whether to forward the message to Service C or Service D. Because of recent attacks on Services C and D, it has been decided to protect the body content of messages using some form of encryption. However, certain restrictions within the design of Service B will not permit it to be changed to support the encryption and decryption of messages. Only Services A, C and D can support message encryption and decryption. Which of the following approaches fulfill these security requirements without changing the role of Service B?
A. Transport-layer security is implemented between all services.
B. Message-layer security is implemented between all services.
C. Service B is removed. Instead, the routing logic is added to Service A.
D. None of the above
Answer: B

Q: 7
The application of the Brokered Authentication pattern is best suited for a scenario whereby a service consumer does not need to re-authenticate itself with multiple services.
A. True
B. False
Answer: B

Q: 8
The SAML and WS-Security industry standards can be applied to the same service composition architecture.
A. True
B. False
Answer: A

Q: 9
As a requirement for accessing Service B, Service A needs to encrypt its request message.
Service B decrypts the message, makes some changes, encrypts the message, and then forwards it to Service C. However, the message does not make it to Service C. Instead, a runtime error is raised by a service agent that does not support encryption. This service agent only requires access to the message header in order to route the message to the appropriate instance of Service C. It is therefore decided that the header part of the message will not be encrypted. Which of the following can be used to address this requirement?
A. certificate authority
C. non-repudiation
D. None of the above
Answer: D

Q: 10
Digital signatures use encryption and hashing.
A. True
B. False
Answer: A

© 2014, All Rights Reserved