SOA C90.03 Exam Dumps - Actual Questions Answers

Cloud X (owned by Cloud Provider X) provides Physical Server A which hosts Virtual Servers A and B. Virtual Server B hosts Ready-Made Environments A and B. Cloud Service Consumer A uses Virtual Server A as part of an IaaS leasing agreement in which Cloud Consumer A is charged a fixed monthly fee for unlimited access. Cloud Service Consumers B and C use Ready-Made Environments A and B respectively as part of a PaaS leasing agreement based on per-minute usage fees. In both cases, access is monitored via Pay-For-Use Monitor A, which keeps track of log-in and log-out times in order to calculate the usage charges that are billed to Cloud Consumers B and C.

Physical Server A begins to become unstable. Over the course of a 24 hour period, the server shuts down three times, taking down Virtual Servers A and B with it. This causes numerous problems for Cloud Service Consumers A, B and C, which lose connections and encounter a variety of exceptions.

A subsequent investigation of the log files generated by Pay-For-Use Monitor A reveals that the three server crashes coincided with the usage periods of Ready-Made Er n'ronment B b> Cloud Service Consumer B. De 'elopers at the Cloud Consumer 3 organization confirm they did not actually log in during those periods, which leads Cloud Provider X to discover that another cloud service consumer has been posing as Cloud Service Consumer B in order to maliciously access Ready-Made Environment B, Virtual Server B, and Physical Server B on Cloud X. The investigation concludes that the malicious cloud service consumer was able to carry out the attack successfully by obtaining a weak password being used by developers from Cloud Consumer B.

Which of the following statements accurately identifies the type of security threat that corresponds to the described attack - and -provides a solution that can directly mitigate this type of security threat within Cloud X?

A company is planning to build and launch a new SaaS product that will be available for use by the general public. It intends to build the service on-premise and then deploy it in a public cloud. The company has the following set of four requirements for the implementation of the new service:

1. The cloud service needs to exchange messages primarily by using HTTP methods and other features provided by HTTP.

2. The cloud service needs to store highly structured data with potentially complex relationships.

3. The cloud service needs to be deployed on a dedicated virtual server that can be administered with a high level of control by the cloud consumer's own cloud resource administrator.

4. The cloud service needs to be deployed with a minimal amount of integration testing.

For this project, the company has a very limited budget. The company is assessing the IT resources that are offered by Clouds X and Y within the constraints of its limited budget.

Cloud X can offer an IaaS environment with very few proprietary characteristics that includes a database that supports only no relational storage, as well as support for the deployment and usage of REST services.

Cloud Y can offer a PaaS environment with a pre-configured virtual server that includes native support for WSDL and SOAP, as well as a database that supports only relational storage. The implementation of a new service within Cloud Y will require compliance to a high level of proprietary characteristics.

As previously listed, the company has identified four specific implementation requirements for its new cloud service. Which of the following statements correctly identifies how many of the four requirements Clouds X and Y can directly fulfill?