Arcitura Education Exam S90.19 Topic 3 Question 16 Discussion

Actual exam question for Arcitura Education's S90.19 exam

Question #: 16
Topic #: 3

Service A, residing outside the private network of an organization, provides logic that sanitizes message error information on behalf of other services that reside inside the private network, behind a firewall. Where is the vulnerability in this architecture?

AThere is no central management of error messages. Instead, policy enforcement points should be used so that all services are required to comply with a policy that states that any error message generated needs to be free of sensitive data.

BThe sanitization logic resides outside the private network. Therefore, if communication between Service A and the services within the private network is compromised, an attacker can get access to sensitive data from non-sanitized messages generated by services inside the private network.

CThere is no single sign-on mechanism in place, which puts all services (within and outside the private network) at risk.

DNone of the above.

Show Suggested Answer

Suggested Answer: B

by Karl at May 05, 2022, 11:02 PM

Limited Time Offer

25%

Off

Get Premium S90.19 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!