A Security Administrator has some concerns about the confidentiality of data when using SOAP.
Which of the following BEST describes the Security Administrator’s concerns?
A.
The SOAP header is not encrypted and allows intermediaries to view the header data. The
body can be partially or completely encrypted.
B.
The SOAP protocol supports weak hashing of header information. As a result the header and
body can easily be deciphered by brute force tools.
C.
The SOAP protocol can be easily tampered with, even though the header is encrypted.
D.
The SOAP protocol does not support body or header encryption which allows assertions to be
viewed in clear text by intermediaries.