Advanced Security for Services, Microservices & SOA
irna
Wed, 12/20/2023 - 06:46
Exam Details
- Exam Code: S90.19B: Advanced Security for Services, Microservices & SOA
- Duration: 60 Minutes
- A passing grade on Exam S90.19B is a requirement for the following certification(s):
– Certified Service Security Specialist - Availability: On-Site Proctoring.
Price
--- Call Us ---
Duration
3 Days
Duration
3 Days
This course covers a series of technical and complex security topics pertaining to contemporary service-oriented solution design, infrastructure, microservices, API gateways and modern service technologies.
Key Outcomes:
Students will be able to know:
- SOA Security Threats
- SOA Security Patterns
- Policy Design and Governance
- Web service Security Controls and Designs
- Security Extensions and Controls for API Gateways and ESBs
- Preparing for Common SOA Security Threats
Objectives
- Understanding SOA Security Threats
- STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial-of-Service, Elevation of Privilege)
- SOA Security Patterns for Internal Service Architecture (Exception Shielding, Message Screening, Trusted Subsystem, Service Perimeter Guard)
- Security Token Structures and Issuance (JWT, Username, X.509, SAML)
- Authentication Sessions and Secure Conversations
- Federation and Trust Brokering Security
- Policy Design and Governance
- REST Security Controls and Designs
- Open API Specification (OAS v 3.0), Open ID Connect
- Web service Security Controls and Designs
- WS-Policy, WS-SecurityPolicy, WS-Trust and WS-Secure Conversation with SAML
- Microservices and Containerization Security Considerations
- Security Extensions and Controls for API Gateways and ESBs
- Security Risks and Considerations for Cloud-based Services and Service Compositions
- Preparing for Common SOA Security Threats