Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Arcitura Education S90.20 Exam - Topic 1 Question 20 Discussion

Services A, B, and C reside in Service Inventory A and Services D, E, and F reside in Service Inventory B .Service B is an authentication broker that issues WS-Trust based SAML tokens to Services A and C upon receiving security credentials from Services A and C .Service E is an authentication broker that issues WS-Trust based SAML tokens to Services D and F upon receiving security credentials from Services D and E .Service B uses the Service Inventory A identify store to validate the security credentials of Services A and C .Service E uses the Service Inventory B identity store to validate the security credentials of Services D and F .To date, the two service inventories have existed independently from each other. However, a requirement has emerged that the services in Service Inventory A need to be able to use the services in Service Inventory B, and vice versa. How can cross-service inventory message exchanges be enabled with minimal changes to the existing service inventory architectures and without introducing new security mechanisms?
B) The current security mechanism already fulfills the requirement because SAML tokens can be used across multiple security-domains. The only change required is for each authentication broker to be configured so that it issues service inventory-specific assertions for SAML tokens originating from other service inventories.
A) Because SAML tokens cannot be used across multiple security domains, authentication brokers C and E need to be replaced with one single authentication broker so that one token issuer is used for all services across both of the service inventories.
C) The individual domain service inventories need to be combined into one enterprise service inventory. The Service Perimeter Guard pattern can be applied to establish a contact point for request messages originating from outside the service inventory. Within the service inventory, services no longer need to be authenticated because they are all part of the same trust boundary.
D) The Trusted Subsystem pattern is applied to encapsulate Services B and E using a central utility service that balances request and response messages exchanged between Services B and E, depending on which service inventory the messages originate from. The utility service also contains transformation logic to ensure that the SAML tokens issued by Services B and E are compatible. This guarantees that an issued SAML token can be used across Service Inventories A and B without further need for runtime conversion.

Arcitura Education S90.20 Exam - Topic 1 Question 20 Discussion

Actual exam question for Arcitura Education's S90.20 exam
Question #: 20
Topic #: 1
[All S90.20 Questions]

Services A, B, and C reside in Service Inventory A and Services D, E, and F reside in Service Inventory B .Service B is an authentication broker that issues WS-Trust based SAML tokens to Services A and C upon receiving security credentials from Services A and C .Service E is an authentication broker that issues WS-Trust based SAML tokens to Services D and F upon receiving security credentials from Services D and E .Service B uses the Service Inventory A identify store to validate the security credentials of Services A and C .Service E uses the Service Inventory B identity store to validate the security credentials of Services D and F .To date, the two service inventories have existed independently from each other. However, a requirement has emerged that the services in Service Inventory A need to be able to use the services in Service Inventory B, and vice versa. How can cross-service inventory message exchanges be enabled with minimal changes to the existing service inventory architectures and without introducing new security mechanisms?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Denise at May 07, 2022, 07:43 AM

Limited Time Offer

25%

Off

Get Premium S90.20 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Erick
7 months ago
The Trusted Subsystem pattern sounds like a solid approach.
upvoted 0 times
...
Loreen
7 months ago
Centralizing authentication brokers might simplify things.
upvoted 0 times
...
Golda
8 months ago
Surprised to hear SAML can cross domains!
upvoted 0 times
...
Sheron
8 months ago
I disagree, combining inventories seems risky.
upvoted 0 times
...
Blair
8 months ago
SAML tokens can work across domains if configured right.
upvoted 0 times
...
Sina
8 months ago
Hmm, I'm not entirely sure about the difference between app content strategy and the other options here. I'll have to think this through carefully.
upvoted 0 times
...
Helaine
8 months ago
This is a good opportunity to apply my knowledge of high availability systems. I'll methodically go through each option and see which one best matches the information provided.
upvoted 0 times
...
Jesusita
8 months ago
This is a good question to test our understanding of Cisco's high availability features. I'm confident I can work through this and identify the correct statement about the Cisco Server Recovery Manager's behavior.
upvoted 0 times
...
Dustin
8 months ago
This question is a bit tricky, but I think I've got it. The way I see it, the statement is saying that the MCU port side handles the video forwarding, while the terminal side handles the video codec and multi-screen layout. So the statement is True.
upvoted 0 times
...

Save Cancel