A company has an extensive list of Miscellaneous XML Threats that they require protection from. The list includes: ?XML Entity Expansion and RecursionAttacks ?XML Wellformedness-based Parser Attacks ?Memory Space Breach and Buffer Overflow Attacks ?Public Key DoS Attacks ?Resource Hijack Attacks What must the solution implementer do to protect SOA Applications exposed via a WSDL and a Web Service Proxyservice?
A. Enable the web service proxy's ultiple Message XML Denial of Service (MMXDoS) Protection".Enable the web service proxy's ?ultiple Message XML Denial of Service (MMXDoS) Protection".
B. Web service proxy default options protect against these threats. No configuration is required.
C. Enable the web service proxy's QL Injection Protection?Enable the web service proxy's ?QL Injection Protection?
D. Enable the web service proxy's ingle Message XML Denial of Service (XDoS) Protection".Enable the web service proxy's ?ingle Message XML Denial of Service (XDoS) Protection".
正解:B
質問 2:
A solution implementer is writing a stylesheet that accepts input as shown in the followingexhibit:
Given the information in the exhibit, which XPath expression locates the element named Pay:payload?
A. /pay:payload/pay:payload
B. /msg:message/..//*/payload/msg:message/..//*/payload
C. /msg:message/*/msg:message/*
D. //*/Customer/..//*/Customer/..
正解:D
質問 3:
A solution implementer needs to add custom headers required by the back-end system to all request messages. A stylesheet based Transform action is used to add the necessary headers. Which DataPower capabilities can the solution implementer use to verify that the requiredheaders have been added properly? (choose 2)
A. <xsl:message> to print the header values to the audit log file and check the audit log file during testing.
B. The multi-step probe to check the values in the Headers tab before and after the Transform action.
C. Debug logging at the backendservice to confirm that the necessary header values have been added.
D. The Headers tab in the service to view the Header Injection parameters.
E. <xsl:message> to print the header values to the system log file and checkthe system log file during testing.
正解:B,E
質問 4:
An SLM Policy has been associated with a web service proxy to restrict access to a backend web service if one of a number of conditions has been met. The list of conditions are described in a series of SLM statements. What Evaluation Method mustthe solution implementer select in the SLM Policy to ensure that every SLM statement is checked until a throttle condition is executed?
A. terminate-at-first-reject
B. terminate-at-first-action
C. terminate-at-first-refuse
D. terminate-at-first-filter
正解:A
質問 5:
A solution implementer needs to integrate a DataPower appliance with an IMS COBOL application. The multi-protocol gateway is created with an HTTP Front Side Handler and an IMS Connect backside URL of the form dpims://. The EBCDIC HeaderConversion is configured as "on" in the IMS Connect object. What benefit(s) can the solution implementer achieve by using this Header Conversion option?
A. Converts both IMS headers and payload to EBCDIC encoding
B. Converts IMS headers to ASCII encoding
C. Converts IMS headers to EBCDIC encoding
D. Converts bothIMS headers and payload to ASCII encoding
正解:C
質問 6:
In the Configured Rules section of the Policy Editor, two request rules are listed, Rule_One, followed by Rule_Two, and both use the same matching rule.
What occurs when a message that satisfies the matching rule is received?
A. This policy will fail during execution, since it cannot be determined which rule should be executed.
B. The policy will not be applied, since the Policy Editor will not allow a configuration of rules that have the same match.
C. Rule_One will be executed, followed by Rule_Two, since all rules that satisfy the match are executed.
D. Only Rule_One will beexecuted since it is the first rule that matches the request.
正解:D
Nanahara -
問題の解説部分でも語句説明が丁寧なのでインプットもしやすい点も良いと思います。確実にC2180-274勉強したいかたにおすすめです。