Which of the following approaches represents a valid means of utilizing generic security logic?

The Data Confidentiality pattern is applied to all of the services in a service inventory. As a result, all message data must be encrypted.

Responses issued by Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) services need to be ___________ and ___________ so that it can be determined whether these responses were sent by a trusted certificate authority or a malicious program pretending to be a certificate authority.

Digital signatures use encryption and hashing.

Security specialists at an organization require that messages exchanged between two services are kept private. There is an added requirement to check if the messages were tampered with. The application of which of the following patterns fulfills these requirements?

The owner of a service inventory reports that the public key related to a certain private key has been lost. There is a concern that this was the result of a security breach. A security specialist recommends contacting the certificate authority in order to add the corresponding certificate to the certificate authority's Certificate Revocation List (CRL). However, the certificate authority responds by indicating that this is not necessary. Which of the following answers explains this response?

The application of the Service Composability principle can be supported by the application of the Brokered Authentication pattern.

Using transport-layer security, an active intermediary that takes possession of a message can compromise:

A service that issues a SAML assertion is called a Policy Decision Point (PDP) while a service that accepts a SAML assertion is called a SAML authority.