CAS-002 · Question #43
CAS-002 Question #43: Real Exam Question with Answer & Explanation
The correct answer is B: Users and services are distributed, often times over the Internet. SOA (Service-Oriented Architecture) exposes functionality as interoperable web services (e.g., SOAP or REST), often over the Internet, which introduces two key security concerns: (B) Services and users are distributed across the enterprise and often over the Internet, expanding t
Question
Options
- AUsers and services are centralized and only available within the enterprise.
- BUsers and services are distributed, often times over the Internet
- CSOA centrally manages legacy systems, and opens the internal network to vulnerabilities.
- DSOA abstracts legacy systems as a virtual device and is susceptible to VMEscape.
- ESOA abstracts legacy systems as web services, which are often exposed to outside threats.
Explanation
SOA (Service-Oriented Architecture) exposes functionality as interoperable web services (e.g., SOAP or REST), often over the Internet, which introduces two key security concerns: (B) Services and users are distributed across the enterprise and often over the Internet, expanding the attack surface far beyond the internal network perimeter. (E) Legacy systems are abstracted and exposed as web services, making them accessible to outside threats they were never originally designed to withstand. Option A is incorrect because SOA is inherently distributed, not centralized. Option C incorrectly frames SOA as centralizing legacy systems. Option D confuses SOA with virtualization - VMEscape is a hypervisor vulnerability, completely unrelated to SOA architecture.
Community Discussion
No community discussion yet for this question.