A security architecture needs to be created in order to guarantee that messages that are sent to Service A must comply to a security policy that is published as part of Service A's service contract. The application of which of the following patterns will fulfill this requirement?

The use of XML schemas for data validation helps avoid several types of data-centric threats.

Service A is a Web service that accesses the Student table in a shared database in order to store XML-based student records. When invoked, the GetStudent operation of Service A uses a StudentID value to retrieve the record of a single student by executing an XPath query. An attacker sends a malicious message that manipulates the XPath query to return all the student records. Which of the following attacks was carried out?

Which of the following types of WS-SecurityPolicy assertions is required in order to determine whether derived keys are needed for a key agreement security session?

Service A is an agnostic service that is part of a complex service composition that relies on the use of several intermediaries for message routing purposes. Due to a recent malicious intermediary attack, public key cryptography and digital signatures have been added to Service A. Subsequently, the attacks stop. However, legitimate service consumers are experiencing latency when interacting with services from this complex service composition. Following an investigation, it is discovered that Service A has increased its system resource consumption in order to perform its new security-related functions. How can you improve Service A’s performance without compromising its security requirements and without introducing new security mechanisms?

Service A contains reporting logic that collects statistical data from different sources in order to produce a report document. One of the sources is a Web service that exists outside of the organizational boundary. Some of Service A's service consumers are encountering slow response times and periods of unavailability when invoking Service A. While investigating the cause, it has been discovered that some of the messages received from the external Web service contain excessive data and links to files (that are not XML schemas or policies). What can be done to address this issue?

The Trusted Subsystem pattern is applied to a service that provides access to a database. Select the answer that best explains why this service is still at risk of being subjected to an insufficient authorization attack.