The web service is implemented as EJB and authorization is enabled at EJB method level, and Caller
configuration is enabled for Web Service Security. Which identity is used for authorization check?

A developer would like to restrict access to some operations of a Web service to a certain group of users.
Which is the most appropriate implementation choice for the Web service?

Which of the following situations is the best candidate for message-level security?

for a Web service request passing through multiple SOAP intermediaries, how would end-to-end security be
provided?

A developer is designing a Web service which must ensure the integrity and confidentiality of the message
from the provider to the consumer. The SOAP message will be routed by an Enterprise Service Bus (ESB) to
reach its final destination.
What should the developer use to complete the task?

A developer is designing a Web service. The message will contain sensitive data which must only be
processed by the final destination. The SOAP message will be routed through an external organization抯
Enterprise Service Bus (ESB) to reach its final destination. What level of security is required?

Which of the following characteristic is NOT true for WS-SecureConversation?

Which of the following statements most appropriately describe WS-SecureConversation?

Which of the following scenarios are typical for using WS-Security Kerberos Token Profile?

Which statement is true for WS-Security Kerberos Token Profile?