Certified Cloud Security Professional – CCSP – Question353

What must SOAP rely on for security since it does not provide security as a built-in capability?

A.
Encryption
B. Tokenization
C. TLS
D. SSL

Correct Answer: A

Explanation:

Explanation: Simple Object Access Protocol (SOAP) uses Extensible Markup Language (XML) for data passing, and it must rely on the encryption of those data packages for security. TLS and SSL (before it was deprecated) represent two commons approaches to using encryption for protection of data transmissions. However, they are only two possible options and do not encapsulate the overall concept the question is looking for. Tokenization, which involves the replacement of sensitive data with opaque values, would not be appropriate for use with SOAP because the actual data is needed by the services.