Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Arcitura Education S90.19 Exam - Topic 5 Question 27 Discussion

A service uses specialized screening logic that compares the size of a message against a maximum allowable size value. This value is specified for an incoming request message for a specific service capability. Upon a mismatch, the service rejects the request message and instead generates an error message. What type of attack has this security architecture not addressed?
D) None of the above
A) XML parser attack
B) Buffer overrun attack
C) Exception shielding attack

Arcitura Education S90.19 Exam - Topic 5 Question 27 Discussion

Actual exam question for Arcitura Education's S90.19 exam
Question #: 27
Topic #: 5
[All S90.19 Questions]

A service uses specialized screening logic that compares the size of a message against a maximum allowable size value. This value is specified for an incoming request message for a specific service capability. Upon a mismatch, the service rejects the request message and instead generates an error message. What type of attack has this security architecture not addressed?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Rima at May 09, 2022, 07:29 AM

Limited Time Offer

25%

Off

Get Premium S90.19 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ilda
7 months ago
Exception shielding is also a concern, but not the main one.
upvoted 0 times
...
Curtis
7 months ago
I think it's just buffer overruns that are missed here.
upvoted 0 times
...
Ty
8 months ago
Wait, are we sure it doesn't address XML parser attacks too?
upvoted 0 times
...
Erasmo
8 months ago
Totally agree, buffer overruns are a big risk!
upvoted 0 times
...
Harrison
8 months ago
This doesn't cover buffer overrun attacks.
upvoted 0 times
...
Carylon
8 months ago
Okay, I think I've got it. The key is that the search has to not violate a "reasonable" or "legitimate" expectation of privacy. That means it's constitutional, not illegal or unethical.
upvoted 0 times
...
Doyle
8 months ago
Okay, I think I've got this. Adding an element to an enum without a default is considered a breaking change in Avro, since it can cause compatibility issues with existing data. I'm pretty sure that's the right answer.
upvoted 0 times
...
Cornell
8 months ago
Okay, let's see here. Adding a data operation that specifies the false conditions sounds like it could be a good approach, but I'm not entirely sure. I'll have to think this through.
upvoted 0 times
...

Save Cancel