Arcitura Education S90.19 Exam - Topic 3 Question 16 Discussion

Actual exam question for Arcitura Education's S90.19 exam

Question #: 16
Topic #: 3

Service A, residing outside the private network of an organization, provides logic that sanitizes message error information on behalf of other services that reside inside the private network, behind a firewall. Where is the vulnerability in this architecture?

AThere is no central management of error messages. Instead, policy enforcement points should be used so that all services are required to comply with a policy that states that any error message generated needs to be free of sensitive data.

BThe sanitization logic resides outside the private network. Therefore, if communication between Service A and the services within the private network is compromised, an attacker can get access to sensitive data from non-sanitized messages generated by services inside the private network.

CThere is no single sign-on mechanism in place, which puts all services (within and outside the private network) at risk.

DNone of the above.

Show Suggested Answer

Suggested Answer: B

by Karl at May 05, 2022, 11:02 PM

Limited Time Offer

25%

5 months ago

Okay, I think I've got this. The key is to find a way to issue the rebate without creating a new Address Book number. Let me walk through the options.

upvoted 0 times

...