Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Sun 310-232 Exam - Cheat-Test.com

Free 310-232 Sample Questions:

1.An airline built and deployed a back-end application to manage reservations. To support interoperability with as large a base of standalone client applicat ions as possible, the services provided by this back-end application are exposed as XML-based restful web services.
Management just added a new requirement that AJAX -based web application clients be supported, too. One of the developers suggested that it is enough to extend the existing application to support both XML-based and JSON-based restful web services. Assuming the developer is correct, choose the sentence that best describes an attempt to introduce this ability as this developer suggests (Choose one):
A. The attempt will fail, because JAX-RS does not support both XML- and JSON- based restful services in parallel.
B. The attempt will be trivial to implement, since JAX-RS just needs for the application to specify that both XML- and JSON-based interaction will be supported.
C. The attempt can succeed, but it will require a significant amo unt of new code, since JAX-RS does
support both XML- and JSON-based interaction - but not single resource can support both kinds of interaction simultaneously.
D. The attempt will fail, because there is more to the differe nce between XML-based and JSON-based interactions than just the data representation used.
Answer: B

2.A company is refactoring an existing website to use Web services clients. The application retrieves lists of parts and displays them to the users in a browser window. P reviously, the data was stored as files on the web server and, in order to access the files, the user would simply click on a hyperlink. Now the data must be dynamically generated via a service that another developer has created. They want the easiest way to refactor their website to use Web services. Which three client-side technologies should they use? (Choose three.)
A. SOAP
B. REST
C. Javascript
D. XML
E. JSON
F. JAVA
Answer: B,C,E

3.A developer wants to use WebServiceContext in the web service endpoint. Which of the following is the correct way to get WebServiceContext object ? (Choose one)
A. @WebService
public class MyService {
@WebServiceContext
WebServiceContext ctxt;
public String echo(String str) {
...
}
B. @WebService
public class MyService {
WebServiceContext ctxt;
public String echo(String str) {
ctxt = jndi.lookup("java:com/env/WebServiceContext");
}
C. @WebService
public class MyService {
@Inject
WebServiceContext ctxt;
public String echo(String str) {
...
}
D. @WebService
public class MyService {
@Resource
WebServiceContext ctxt;
public String echo(String str) {
...
}
Answer: D

4.In designing the security for your enterprise application with multiple W eb services, you don't want that each of the services handle user authentication by itself. Then which of the following you can use in your design?
A. enable secure conversation for each service
B. a centralized Policy Decision Point (PDP) via XACML
C. a Security Token Service (STS)
D. use transport level security with SSL
Answer: C

5.An organization has business logic implemented in EJB components. Current clients use container-managed, role-based security to access the business logic using RMI. Management has determined that the business logic must be made available to non-RMI clients using a Web service.
Which container-managed Web service security mechanism would the development team?use to allow Web service clients to use the current security model? (Choose one)
A. XKMS
B. XACML
C. XML Digital Signature
D. HTTP Basic Authentication
E. annotations mapped to the JAX-WS runtime
Answer: D

6.A developer creates a Web service for his company's inventory service. He uses servlet container to deploy the web service and wants to enable basic authentication for all web service invocations.
Where does the developer configure security requirements for the above case?
A. sun-jaxws.xml
B. web.xml
C. webservices.xml
D. domain.xml
Answer: B

7.Choose the option that best describe the deployer's choices, when deploying an EJB that is also exposed as a RESTful web service using JAX-RS (Choose one):
A. The EJB can only be deployed to a web container, since RESTful access to the EJB requires a web container to support the HTTP interaction needed.
B. The EJB can be deployed to any EJB or web container that would support local references to the EJB from the JAX-RS runtime in the ejb container.
C. The EJB can be deployed to any EJB or web container that would support local references to the EJB from the JAX-RS runtime in the web container.
D. The EJB can be deployed to an EJB or web container that is visible to the JAX-RS runtime, even on an application server separate from the JAX-RS runtime, since EJBs support local or remote interactions via RMI.
Answer: C

8.An automobile manufacturer publishes a Web service for use by their suppliers. The manufacturer has stringent security requirements that require suppliers to verify their identity. Data integrity and confidentiality must be maintained between the client and the serv er. Which two technologies can be used to meet the requirements? (Choose two)
A. XACML and XKMS
B. SSL with mutual authentication
C. Message level security with WS-Security
D. Private network and XML Signature
Answer: B,C

9.A developer needs to write a Web service that supports user sessions that timeout after 120 seconds.
Which configuration file is correct for the developer use? (Choose one)
A. web.xml
B. server.xml
C. ejb-jar.xml
D. service-config.xml
Answer: A

10.Which security technologies are not included in WS -Security?
A. encryption
B. handshake for credential exchange and session establishment
C. security tokens
D. digital signatures
Answer: B

11.A developer is creating a web service endpoint using a stateless session EJB for the business logic of an application. Choose two methods to select role based access control for the business logic ? (Choose two)
A. Using method-permission element in ejb-jar.xml
B. Using .htaccess file in the application's ear
C. Using <security-role> element in web.xml
D. By specifying security annotations like @RolesAllowed in the EJB class
Answer: A,D

12.Which of the following security technology is not covered in Metro project? (Choose one.)
A. WS-Trust
B. WS-SecurityPolicy
C. WS-SecureConversation
D. XACML
Answer: D

13.A Web service needs to encrypt certain SOAP headers when responding. Which statement about this encryption is true?
A. The Web service runtime is the appropriate place for such encryption.
B. The Web service business logic is the appropriate place for such encryption.
C. Either the Web service business logic or runtime is appropriate for such encryption.
D. Neither the Web service business logic nor runtime is appropriate for such encryption.
E. Transport level security protocol like SSL should be used to meet the requirements without code
changes.
Answer: A

14.An automobile manufacturer publishes a Web service for use by their suppliers. The manufacturer has stringent security requirements that require suppliers to verify their identity. Data integrity and confidentiality must be maintained between the client and the server. Which two meet all of these requirements? (Choose two.)
A. X.509 and XKMS
B. XACML and XKMS
C. SSL and mutual authentication
D. XML Encryption and XML Digital Signature
E. Private network and XML Signature
Answer: C,D

15.Which two statements are true about public key digital signatures appli ed to Web services? (Choose two)
A. The receiver verifies that the message matches the digital signature using its own private key.
B. The sender creates a digital signature using its own private key and sends that signature along with the original document.
C. The sender creates a digital signature using its own public key and sends that signature along with the original document.
D. The receiver verifies that the message matches the digital signa ture using the sender's public key.
Answer: B,D

16.Which of the following WS-Security token profiles is not supported in Metro?
A. X509 Token Profile
B. Kerberos Token Profile
C. SAML Token Profile
D. SOAP with Attachments (SWA) profile
E. Right Expression Language (REL) Token Profile
Answer: E


© 2014 Cheat-Test.com, All Rights Reserved