Table of Contents
Question
Which of the following statements are true, when considering the security of INSTRUCTIONAL communications to runtime resources? (Select 3)
A. By default the connection is native TCP and not encrypted
B. The runtime resource can be configured to use certificate-based encryption for all inbound communication
C. The login agent will automatically use a certificate if the runtime resource is configured to use one
D. The connection will be established via .NET remoting and will be encrypted as long as the “Use Secure Connections” flag is set
E. A central setting within Blue Prism can be used to prevent all associated Runtime Resources from accepting any instructional communications which are not encrypted.
Answer
B. The runtime resource can be configured to use certificate-based encryption for all inbound communication
C. The login agent will automatically use a certificate if the runtime resource is configured to use one
E. A central setting within Blue Prism can be used to prevent all associated Runtime Resources from accepting any instructional communications which are not encrypted.
Explanation
The correct answers are B, C and E. Here is a detailed explanation:
B. The runtime resource can be configured to use certificate-based encryption for all inbound communication This is true because the runtime resource can be configured to leverage a local certificate for securing the instructional connections from various sources, such as Control Room, Scheduler or external systems. The certificate common name must match the paths used for communication and the devices connecting to the runtime resource must trust the issuer.
C. The login agent will automatically use a certificate if the runtime resource is configured to use one This is true because the login agent is a .NET service that listens on a designated port (default: 8181) on each device hosting runtime resource. If the runtime resource is configured to use a certificate, the login agent will also use it for encrypting the communication.
E. A central setting within Blue Prism can be used to prevent all associated Runtime Resources from accepting any instructional communications which are not encrypted. This is true because there is a setting in System > Settings called “Require secure inbound instructional connections” that can be enabled to only allow runtime resources that are configured to receive encrypted instructional connections to connect to the environment. This setting also ensures that any objects or processes that are exposed as web services are over HTTPS.
A. By default the connection is native TCP and not encrypted This is false because the connection between Blue Prism devices and the Application Server is provided by .NET Remoting which secures and encrypts the connection subject to some conditions. The connection between instructional sources and runtime resources is native TCP by default, but it can be encrypted by using certificates.
D. The connection will be established via .NET remoting and will be encrypted as long as the “Use Secure Connections” flag is set This is false because the connection between instructional sources and runtime resources is not established via .NET remoting, but via a .NET service listening on a designated port. The “Use Secure Connections” flag is not a valid setting in Blue Prism.
Reference
- Instructional connections to runtime resources (blueprism.com)
- Advanced information (blueprism.com)
- Securing Blue Prism Network Connectivity
- Security Guide Blue Prism_2020.pdf
Designing a Blue Prism (Version 6.0) Environment ATA02 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Designing a Blue Prism (Version 6.0) Environment ATA02 exam and earn Designing a Blue Prism (Version 6.0) Environment ATA02 certification.