2. 计算机
  3. Which of the following best describes how SAML, SOAP, and HTTP commonly work together in an environment that provides Web servic

Which of the following best describes how SAML, SOAP, and HTTP commonly work together in an environment that provides Web servic

admin2013-12-19  52
问题 Which of the following best describes how SAML, SOAP, and HTTP commonly work together in an environment that provides Web services?
选项 A、Security attributes are put into SAML format. Web service request and authentication data are encrypted in a SOAP message. Message is transmitted in an HTTP connection.
B、Security attributes are put into SAML format. Web service request and authentication data are encapsulated in a SOAP message. Message is transmitted in an HTTP connection over TLS.
C、Authentication data are put into SAML format. Web service request and authentication data are encapsulated in a SOAP message. Message is transmitted in an HTTP connection.
D、Authentication data are put into SAML format. HTTP request and authentication data are encapsulated in a SOAP message. Message is transmitted in an HTTP connection.
答案C
解析 C正确。举个例子,当你登录公司的门户网站并双击某个链接(比如Salesforce),你公司的门户网站会接受这个请求和你的身份认证数据,并以SAML格式对它们进行打包,然后把这些数据封装到SOAP消息中。该消息会通过HTTP连接传送到Salesforce供应商网站中,并且一旦你通过了身份认证,你就可以与供应商的软件进行交互。SAML将身份认证数据进行打包,SOAP打包的是Web服务请求和SAML数据,而请求是通过HTTP连接进行传输的。
A不正确。因为安全断言标记语言(SAML)是一种基于XML的开放标准,它主要用于在安全域名,即在实体提供者(断言生产者)和服务提供者(断言消费者)之间进行身份认证和授权数据交换。所以,身份认证数据与SAML而不是安全属性一起使用。同样地,SOAP仅封装消息,而不对数据进行加密。B不正确。因为身份认证数据通常与SAML一起使用,并且传输默认也不是通过TLS连接进行的。传输协议可以是SSL或TLS,但是这都不是本题所问的。
D不正确。因为SOAP封装了Web服务请求和数据,而不是HTTP。Web服务数据经过SOAP的封装后,然后会用HTTP进行封装,以便传输。
转载请注明原文地址:https://kaotiyun.com/show/FAhZ777K
0

CISSP认证

相关试题推荐
随机试题
最新回复(0)