Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Arcitura Education S90.20 Exam - Topic 1 Question 29 Discussion

Service A provides a customized report generating capability. Due to infrastructure limitations, the number of service consumers permitted to access Service A concurrently is strictly controlled. Service A validates request messages based on the supplied credentials (1). If the authentication of the request message is successful, Service A sends a message to Service B (2) to retrieve the required data from Database A (3). Service A stores the response from Service B (4) in memory and then issues a request message to Service C (5). Service C retrieves a different set of data from Database A (6) and sends the result back to Service A (7). Service A consolidates the data received from Services B and C and sends the generated report in the response message to the service consumer (8). It has been discovered that attackers have been gaining access to confidential data exchanged between Service A and Service B, and between Service A and its service consumers. What changes can be made to this service composition architecture in order to counter this threat?
D) None of the above
A) Apply the Service Perimeter Guard pattern in order to protect message exchanges between Service A and its service-consumers. Apply the Direct Authentication pattern in order to protect message exchanges between Service A and Service B .
B) Apply the Direct Authentication pattern in order to protect message exchanges between Service A and its service consumers and between Service A and Service B .This approach will establish a password-based authentication mechanism that relies on a local identity store and will therefore prevent access by attackers.
C) Apply the Data Origin Authentication pattern to protect the final report sent by Service A to its service consumer. Service A can generate a message digest of the final report, after which it can sign the digest with its own private key. It then can send both the final report and the signed-message digest to its service consumer. This service consumer can generate its own message digest, decrypt the signed digest using the public key of Service A (which proves that Service A sent the message), and then compare the two digests. If the digests match, it guarantees that the final report was not tampered with during transmission.

Arcitura Education S90.20 Exam - Topic 1 Question 29 Discussion

Actual exam question for Arcitura Education's S90.20 exam
Question #: 29
Topic #: 1
[All S90.20 Questions]

Service A provides a customized report generating capability. Due to infrastructure limitations, the number of service consumers permitted to access Service A concurrently is strictly controlled. Service A validates request messages based on the supplied credentials (1). If the authentication of the request message is successful, Service A sends a message to Service B (2) to retrieve the required data from Database A (3). Service A stores the response from Service B (4) in memory and then issues a request message to Service C (5). Service C retrieves a different set of data from Database A (6) and sends the result back to Service A (7). Service A consolidates the data received from Services B and C and sends the generated report in the response message to the service consumer (8). It has been discovered that attackers have been gaining access to confidential data exchanged between Service A and Service B, and between Service A and its service consumers. What changes can be made to this service composition architecture in order to counter this threat?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Rory at Jun 25, 2022, 03:05 AM

Limited Time Offer

25%

Off

Get Premium S90.20 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Alida
7 months ago
None of these seem foolproof. We need a more robust solution!
upvoted 0 times
...
Lucy
7 months ago
C is interesting! I like the idea of using message digests for integrity.
upvoted 0 times
...
Alva
7 months ago
Wait, can we really trust a password-based system? Seems risky.
upvoted 0 times
...
Henriette
8 months ago
I think B is too simplistic. We need stronger measures.
upvoted 0 times
...
Mike
8 months ago
Sounds like A is the best option to secure those exchanges!
upvoted 0 times
...
Denny
8 months ago
I’m leaning towards option A, but I’m a bit confused about how the Direct Authentication pattern would work in this context. I feel like I need to review that part again.
upvoted 0 times
...
Arlene
8 months ago
I like the idea of using Data Origin Authentication from option C, especially since it involves signing the message digest. It seems like a solid way to ensure the integrity of the report, but I wonder if it’s enough on its own.
upvoted 0 times
...
Reyes
8 months ago
I think option B sounds familiar because we practiced a similar question about securing service communications with local identity stores. But I'm not confident about the effectiveness of just a password-based mechanism.
upvoted 0 times
...
Vannessa
8 months ago
I remember discussing the Service Perimeter Guard pattern in class, but I'm not entirely sure how it specifically applies to the interactions between Service A and its consumers.
upvoted 0 times
...
Yolando
8 months ago
I'm leaning towards People as the most important element. Getting the right team in place and empowering them is crucial for driving quality. The other elements flow from that in my view.
upvoted 0 times
...
Murray
8 months ago
Alright, I've got a strategy. I'll go through the options one by one, and try to match the description to the information provided in the output. That should help me narrow down the correct answer.
upvoted 0 times
...

Save Cancel