Q1. In which order do LogicalHandlers and SOAPHandlers configured on a Web Service endpoint execute on an incoming message ? (Choose one)
A. SOAPHandlers in the order specified in configuration are executed first and later the LogicalHandlers specified in the order get executed
B. LogicalHandlers in the order specified in configuration are executed first and later the SOAPHandlers specified in the order get executed
C. All the handlers are executed in the order specified in the configuration
D. All the handlers are executed in the reverse order specified in the configuration.
Answer: A
Q2. In designing the security for your enterprise application with multiple Web services, you don't want that each of the services handle user authentication by itself. Then which of the following you can use in your design?
A. enable secure conversation for each service
B. a centralized Policy Decision Point (PDP) via XACML
C. a Security Token Service (STS)
D. use transport level security with SSL
Answer: C
Q3. Which two statements are true about public key digital signatures applied to Web services? (Choose two)
A. The receiver verifies that the message matches the digital signature using its own private key.
B. The sender creates a digital signature using its own private key and sends that signature along with the original document.
C. The sender creates a digital signature using its own public key and sends that signature along with the original document.
D. The receiver verifies that the message matches the digital signature using the sender's public key.
Answer: BD
Q4. Which of the following security technology is not covered in Metro project? (Choose one.)
A. WS-Trust
B. WS-SecurityPolicy
C. WS-SecureConversation
D. XACML
Answer: D
Q5. Which two statements are true about WSDL 1.1 and the Basic Profile? (Choose two.)
A. WSDL does NOT recommend a specific system for user-defined datatypes.
B. WSDL recommends the use of XML Schema for user-defined datatypes.
C. WSDL mandates the use of XML Schema for user-defined datatypes.
D. Basic Profile recommends the use of XML Schema for user-defined datatypes.
E. Basic Profile mandates the use of XML Schema for user-defined datatypes.
F. Basic Profile recommends the use of either XML Schema or DTD for user-defined datatypes.
Answer: BE
Q6. Which three statements about parsers are true? (Choose three.)
A. SAX and StAX are bi-directional.
B. DOM and StAX are bi-directional.
C. StAX is a push API, whereas SAX is pull.
D. SAX is a push API, whereas StAX is pull.
E. SAX and StAX are read-only.
F. SAX and DOM can write XML documents.
G. StAX and DOM can write XML documents.
Answer: BDG
Q7. Given the resource class fragment: Choose the code fragment below that would secure access only to the Resource update() method (Choose one):
A. <security-constraint>
<web-resource-collection>
<url-pattern>/rest</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
B. <security-constraint>
<web-resource-collection>
<url-pattern>/rest</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
C. <security-constraint>
<web-resource-collection>
<url-pattern>/rest/id</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
D. <security-constraint>D.<security-constraint>
<web-resource-collection>
<url-pattern>/id</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
Answer: B
Q8. Which two statements are true about creating a Web service with JAX-WS? (Choose two.)
A. Stateless Web services must be created with HTTP servlet endpoints.
B. Creating the portable artifacts by hand is slow, but makes a service easier to maintain.
C. All Java-based endpoints share a common packaging model.
D. EJBs can serve as endpoints if hosted in a container with runtime and service support.
E. JAX-WS supports creating services from source and compiled code without a WSDL.
Answer: DE
Q9. Choose the types of Enterprise Beans that can be made into JAX-RS root resources (Choose two):
A. Stateful Session Beans
B. Stateless Session Beans
C. Message-Driven Beans
D. Singleton Beans
Answer: BD
Q10. XML Signature and XML Encryption provide the foundation for message level security in Web services. Which statement about XML signature is NOT true?
A. use detached signatures, where the digital signature covers sibling elements or external data
B. use enveloping signatures, where the digital signature element encloses the data to be signed
C. use enveloping signatures, where the digital signature is a child element of the data to be signed
D. use enveloped signatures, where the digital signature is a child element of the data to be signed
Answer: C