Certification - Arcitura · 2019-10-13 · • Security Token Structures and Issuance (JWT, Username, X.509, SAML) • Authentication Sessions and Secure Conversations • Federation

®

Service SecuritySpecialist

SERVICE SECURITY SPECIALISTCertification


C E R T I F I E D

®

ServiceSecurity

T R A I N I N G

®

The SOA Certified Professional (SOACP) program from Arcitura provides formal education and accreditation programs dedicated to fields of practice associated with Service Technology, including microservices, service API design and management, service security and governance and service-oriented architecture.

TABLE OF CONTENTS

Arcitura Certification Programs16

Module 20: Security Lab for Services,

Microservices & SOA14

Exam(s)

Training & Certification

Module 18: Fundamental Security for Services,

Microservices & SOA

Module 19: Advanced Security for Services,

Microservices & SOA

06

05

04

08

10

12

Module 1: Fundamental SOA, Services &

Microservices

Module 2: Service Technology Concepts

4

TRAINING & CERTIFICATIONThe Service Security Specialist track is comprised of SOACP Modules 1, 2, 18, 19 and 20, the outlines for which are provided in the upcoming pages. The final course module consists of a series of lab exercises that require participants to apply their knowledge of the preceding courses in order to fulfill project requirements and solve real world problems. Completion of these courses as part of a virtual or on-site workshop results in each participant receiving an official digital Certificate of Completion, as well as a digital Training Badge from Acclaim/Credly.

A Certified Service Security Specialist has comprehensive knowledge of common threats and vulnerabilities associated with services-based solutions and modern service technologies, and has demonstrated proficiency in establishing contemporary security technology architectures through the mastery of security patterns, practices and industry technologies. Depending on the exam format chosen, attaining the Service Security Specialist Certification can require passing a single exam or multiple exams. Those who achieve this certification receive an official digital Certificate of Excellence, as well as a digital Certification Badge from Acclaim/Credly with an account that supports the online verification of certification status.

For more information, visit: www.arcitura.com/soacp/security.



C E R T I F I E D

®

ServiceSecurity

T R A I N I N G

®

5Copyright © Arcitura Education Inc. www.arcitura.com

®

EXAM(S)You can take exams anywhere in the world via Pearson VUE testing centers, Pearson VUE online proctoring and Arcitura on-site exam proctoring at your location.

You are provided with three flexible exam format options:

• Complete Exam S90.SSE, a single combined exam for the entire Service SecuritySpecialist certification track. Recommended for those who want to only take a singleexam that encompasses all course modules within this track.

• Complete the partial version of Exam S90.SSE. Recommended for those who havealready obtained a SOACP certification and would like to achieve the Service SecuritySpecialist Certification without having to be retested on SOACP Modules 1 and 2.

• Complete one module-specific exam for each course module in Service SecuritySpecialist Certification track. This is recommended for those who want to progressgradually through the track and who would like to be assessed after each coursemodule before proceeding to the next.

Visit www.arcitura.com/soacp/exams for more information. (Note that not all exam formats may be available via all exam delivery options.)

It is recommended that you prepare for the exam(s) by acquiring the Service Security Specialist Certification eLearning kit bundle or the printed Service Security Specialist Certification study kit bundle or by attending an instructor-led workshop that includes SOACP Modules 1, 2, 18, 19 and 20. The current public workshop calendar can be viewed at www.arcitura.com/workshops. To learn more about having a private workshop delivered at your location, visit www.arcitura.com/private.

6

Fundamental SOA, Services & Microservices

MORE INFOFor curriculum information, visit www.arcitura.com/soacp

MODULE

01 This course provides an easy to understand, end-to-end overview of contemporary service-oriented computing, including concepts and technologies pertaining to modern-day services and microservices, as well as business and technology-related topics pertaining to service-oriented architecture (SOA).

The following primary topics are covered:• Business and Technology Drivers for SOA, Services and Microservices• Strategic Goals and Benefits of Service-Oriented Computing• Plain English Introduction to Services and Microservices• Fundamental Characteristics of a Service-Oriented Architecture• Understanding Service-Orientation as a Design Paradigm, including

coverage of the Four Pillars of Service-Orientation• Introduction to Service Layers, Service Models and

Service Compositions• Service Inventories, Service Layers and Service API Governance

and Management• Introduction to Common Service Technologies, including API

Gateways, Virtualization, Containerization• Introduction to Cloud Computing and Cloud Services• Adoption Impacts and Requirements, including considerations for

Governance, Infrastructure, Performance and Standardization


CONTENTSThis course is available as part of an Arcitura Study Kit in full-color printed and eLearning formats. In addition to the base course materials used during training workshops, additional materials designed for self-study purposes are also included.

• Workbook • Self-Study Guide• Supplement• Symbol Legend Poster• Mind Map Poster• Flashcards • Audio Tutor Recordings (usb)

eLEARNINGDigital versions of the above course materials are available as part of an eLearning Study Kit.

8


Service Technology Concepts

MODULE

02 This course focuses on modern service technologies, models and concepts that have established de facto implementation mediums for building contemporary services-based solutions. Also covered are fundamental terms, concepts and models pertaining to cloud computing and cloud-based services.

The following primary topics are covered:• Comparing Service Implementation Mediums• Service Roles and Service Agents• Message Exchange Patterns and Service Activities• Basic XML, XML Schema, JSON and JSON Schema Concepts• HTTP Methods, Response Codes and Headers• Basic REST Service Concepts, including Properties and Constraints• REST Services, Contracts, Resources and Messaging• Hypermedia and Late Binding• Basic WSDL and SOAP Concepts• WS-* Technologies• Web Service Contracts, Messaging and Registries• Cloud Computing Concepts• Vertical and Horizontal Scaling• Multitenancy, Elasticity and Resiliency• On-Demand Usage, Ubiquitous Access and Measured Usage• Public, Private and Hybrid Clouds• IaaS, PaaS and SaaS



• Workbook • Self-Study Guide• Mind Map Poster• Flashcards• SOA with REST eBook • Web Service Contract Design eBook• Audio Tutor Recordings (usb)


10

This course provides essential techniques, patterns and industry technologies that pertain to establishing security controls and security architectures for services, microservices and service-oriented solutions.

The following primary topics are covered:

• Security and the Service-Oriented Architectural Model• SOA Security Considerations for Service and Composition Architectures• Security Implications of Service-Orientation Principles• Trust, Claims, Tokens, Identity, Authentication, Authorization,

Transport and Message Layer Security• Encryption, Hashing, Digital Signatures, Identity and

Access Management (IAM)• Public Key Infrastructure (PKI), Digital Certificates, Certificate

Authorities, Single Sign-On (SSO)• REST Services and JSON Industry Standards• JavaScript Object Signing and Encryption (JOSE) Framework, OAuth2• HTTP Basic and Digest Authentication, API Key, JWT with X.509 certificates• Service Interaction Security Patterns (Data Confidentiality, Data Origin

Authentication, Direct Authentication, Brokered Authentication)• Web Services and XML Industry Standards• XML Encryption, XML Signature, WS-Security, Token Profiles, SAML• Microservice Security Considerations• Implementing SOA Security and Service-Orientation Security


Fundamental Security for Services,Microservices & SOA

MODULE

18



• Workbook • Self-Study Guide• Mind Map Poster• Flashcards• Audio Tutor Recording (usb)


12

This course covers a series of technical and complex security topics pertaining to contemporary service-oriented solution design, infrastructure, microservices, API gateways and modern service technologies.

The following primary topics are covered:

• Understanding SOA Security Threats• STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure,

Denial-of-Service, Elevation of Privilege)• SOA Security Patterns for Internal Service Architecture (Exception

Shielding, Message Screening, Trusted Subsystem, Service Perimeter Guard)

• Security Token Structures and Issuance (JWT, Username, X.509, SAML)• Authentication Sessions and Secure Conversations• Federation and Trust Brokering Security• Policy Design and Governance• REST Security Controls and Designs• Open API Specification (OAS v 3.0), Open ID Connect• Web service Security Controls and Designs• WS-Policy, WS-SecurityPolicy, WS-Trust and WS-Secure

Conversation with SAML• Microservices and Containerization Security Considerations• Security Extensions and Controls for API Gateways and ESBs• Security Risks and Considerations for Cloud-based Services and

Service Compositions• Preparing for Common SOA Security Threats


Advanced Security for Services,Microservices & SOA

MODULE

19



• Workbook • Self-Study Guide• Mind Map Posters• Flashcards• Audio Tutor Recording (usb)


14

As a continuation of course modules 18 and 19, this hands-on workshop allows attendees to apply the security concepts, techniques, patterns and technologies previously covered in order to complete a set of exercises.

Participants are required to analyze case study backgrounds and carry out a series of exercises to solve a number of inter-related problems, with the goal of producing a range of security solutions.


Security Lab for Services, Microservices & SOA

MODULE

20



• Lab Exercises Booklet• Self-Study Guide• Mind Map Poster• Flashcards• Audio Tutor Recording (usb)


16®

To learn more, visit: www.arcitura.com/nextgen

DEVOPSMODULE 01 Fundamental DevOps

DEVOPSMODULE 02 DevOps in Practice

DEVOPSMODULE 03 DevOps Lab

BLOCKCHAINMODULE 01 Fundamental Blockchain

BLOCKCHAINMODULE 02

Blockchain Technology & Architecture

BLOCKCHAINMODULE 03

Blockchain Technology & Architecture Lab

CertifiedDevOps

Specialist

CertifiedBlockchainArchitect

IoT MODULE 01 Fundamental IoT

IoT MODULE 02 IoT Technology & Architecture

IoT MODULE 03 IoT Technology & Architecture Lab

CertifiedIoT

Architect

CONTAINERIZATION

MODULE 01Fundamental Containerization

CONTAINERIZATION

MODULE 02Containerization Technology & Architecture

CONTAINERIZATION

MODULE 03Containerization Technology & Architecture Lab

CertifiedContainerization

Architect

MACHINELEARNING

MODULE 01Fundamental Machine Learning

MACHINELEARNING

MODULE 02Advanced Machine Learning

MACHINELEARNING

MODULE 03Machine Learning Lab

CertifiedMachineLearningSpecialist

AI MODULE 01 Fundamental Artificial Intelligence

AI MODULE 02 Advanced Artificial Intelligence

AI MODULE 03 Artificial Intelligence Lab

CertifiedArtificial

IntelligenceSpecialist

NEXT-GEN IT ACADEMY CERTIFICATIONS

DEVOPSMODULE 01 Fundamental DevOps

DEVOPSMODULE 02 DevOps in Practice

DEVOPSMODULE 03 DevOps Lab

BLOCKCHAINMODULE 01 Fundamental Blockchain

BLOCKCHAINMODULE 02

Blockchain Technology & Architecture

BLOCKCHAINMODULE 03

Blockchain Technology & Architecture Lab

CertifiedDevOps

Specialist

CertifiedBlockchainArchitect

IoT MODULE 01 Fundamental IoT

IoT MODULE 02 IoT Technology & Architecture

IoT MODULE 03 IoT Technology & Architecture Lab

CertifiedIoT

Architect

CONTAINERIZATION

MODULE 01Fundamental Containerization

CONTAINERIZATION

MODULE 02Containerization Technology & Architecture

CONTAINERIZATION

MODULE 03Containerization Technology & Architecture Lab

CertifiedContainerization

Architect

MACHINELEARNING

MODULE 01Fundamental Machine Learning

MACHINELEARNING

MODULE 02Advanced Machine Learning

MACHINELEARNING

MODULE 03Machine Learning Lab

CertifiedMachineLearningSpecialist

AI MODULE 01 Fundamental Artificial Intelligence

AI MODULE 02 Advanced Artificial Intelligence

AI MODULE 03 Artificial Intelligence Lab

CertifiedArtificial

IntelligenceSpecialist


To learn more, visit: www.arcitura.com/ccp

CLOUD CERTIFIED PROFESSIONAL (CCP) CLOUD SCHOOL

MODULE 03 Cloud Technology Lab

CertifiedCloud

TechnologyProfessional

MODULE 04 Fundamental Cloud Architecture

MODULE 05 Advanced Cloud Architecture

MODULE 06 Cloud Architecture Lab

CertifiedCloud

Architect

CertifiedCloud

Professional*

MODULE 07 Fundamental Cloud Security

MODULE 08 Advanced Cloud Security

MODULE 09 Cloud Security Lab

CertifiedCloud

SecuritySpecialist

MODULE 10 Fundamental Cloud Governance

MODULE 11 Advanced Cloud Governance

MODULE 12 Cloud Governance Lab

CertifiedCloud

GovernanceSpecialist

MODULE 13 Fundamental Cloud Storage

MODULE 14 Advanced Cloud Storage

MODULE 15 Cloud Storage Lab

CertifiedCloud

StorageSpecialist

MODULE 01 Fundamental Cloud Computing

MODULE 16 Fundamental Cloud Virtualization

MODULE 17 Advanced Cloud Virtualization

MODULE 18 Cloud Virtualization Lab

CertifiedCloud

VirtualizationSpecialist

MODULE 02 Cloud Technology Concepts

* The Certified Cloud Professional designation is automatically issued when achieving any other CCP certification. It can also be achieved by receiving passing grades on Exams C90.01 + C90.02.

18®

To learn more, visit: www.arcitura.com/bdscp

BIG DATA SCIENCE CERTIFIED PROFESSIONAL (BDSCP) BIG DATA SCIENCE SCHOOL

MODULE 01 Fundamental Big Data

MODULE 02 Big Data Analysis & Technology Concepts

CertifiedBig DataScience

Professional

MODULE 03 Big Data Analysis & Technology Lab

MODULE 04 Fundamental Big Data Analysis & Science

MODULE 05 Advanced Big Data Analysis & Science

CertifiedBig DataScientist

CertifiedBig Data

Professional*

MODULE 06 Big Data Analysis & Science Lab

CertifiedBig Data

Consultant

MODULE 07 Fundamental Big Data Engineering

MODULE 08 Advanced Big Data Engineering

CertifiedBig DataEngineer

MODULE 09 Big Data Engineering Lab

MODULE 10 Fundamental Big Data Architecture

MODULE 11 Advanced Big Data Architecture

CertifiedBig DataArchitect

MODULE 12 Big Data Architecture Lab

MODULE 13 Fundamental Big Data Governance

MODULE 14 Advanced Big Data Governance

MODULE 15 Big Data Governance Lab

CertifiedBig Data


* The Certified Big Data Professional designation is automatically issued when achieving any other BDSCP certification. It can also be achieved by receiving passing grades on Exams B90.01 + B90.02.


To learn more, visit: www.arcitura.com/soacp

SOA CERTIFIED PROFESSIONAL (SOACP) SOA SCHOOL

CertifiedSOA

Analyst

MODULE 04 Fundamental SOA Analysis & Modeling w/ Services & Microservices

MODULE 05 Advanced SOA Analysis & Modelingw/ Services & Microservices

MODULE 06 SOA Analysis & Modeling Labw/ Services & Microservices

CertifiedSOA

Architect

MODULE 07 Advanced SOA Design & Architecturew/ Services & Microservices

MODULE 08SOA Design & Architecture Labw/ Services & Microservices

CertifiedMicroservice

Architect

MODULE 10Advanced Microservice Architecture & Containerization

MODULE 11Microservice Architecture & Containerization Lab

CertifiedService

APISpecialist

MODULE 13Advanced Service API Design & Management

MODULE 14Service API Design & Management Lab

CertifiedService


MODULE 15Fundamental Service Governance & Project Delivery

MODULE 16Advanced Service Governance & Project Delivery

MODULE 17 Service Governance & Project Delivery Lab

CertifiedService

TechConsultant

MODULE 09Fundamental Microservice Architecture & Containerization

MODULE 12Fundamental Service API Design & Management

CertifiedServiceSecurity

Specialist

MODULE 18Fundamental Security for Services, Microservices & SOA

MODULE 19Advanced Security for Services, Microservices & SOA

CertifiedSOA

Professional*

MODULE 01Fundamental SOA, Services & Microservices

MODULE 02 Service Technology Concepts

MODULE 03 Design & Architecture w/ SOA, Services & Microservices

* The Certified SOA Professional designation is automatically issued when achieving any other SOACP certification. It can also be achieved by receiving passing grades on Exams S90.01B + S90.02B or S90.01B + S90.03B.

MODULE 20Security Lab for Services, Microservices & SOA

Copyright © Arcitura Education Inc. www.arcitura.comCopyright © Arcitura Education Inc.

www.arcitura.com

Certification - Arcitura · 2019-10-13 · • Security Token Structures and Issuance (JWT, Username, X.509, SAML) • Authentication Sessions and Secure Conversations • Federation

Documents