Curious about Actual Arcitura Education Certified SOA Security Specialist (S90.19) Exam Questions?

A service receives a message containing an XML document that expands to a very large size as it is processed by the parser. As a result, the service becomes unavailable to service consumers. The service was subjected to which type of attack?

An attacker is able to gain access to a service and invokes the service. Upon executing the service logic, the attacker is able to gain access to underlying service resources, including a private database. The attacker proceeds to delete data from the database. The attacker has successfully executed which type of attack?

The application of the Trusted Subsystem pattern directly supports the goals of the Service Loose Coupling principle.

Service A is only authorized to access one service capability of Service B . Service B acts as a trusted subsystem for several underlying resources which it accesses using its own set of credentials. Service B can therefore not become a victim of an insufficient authorization attack initiated by Service A .

The use of derived keys is based on symmetric encryption. This is similar to asymmetric encryption because different keys can be derived from a session key and used separately for encryption and decryption.