Q1. Given the JAX-RS root resource class fragment: Choose the statement that best describes the configuration that would be required to support the access control constraint shown: 

A. No further configuration is required - the JavaEE runtime will pick up the security constraint and configure the web container to match. 

B. The developer will have to configure the web container to require authenticated access to the URLs corresponding to this resource, so the proper information can be propagated to the EJB container. 

C. The developer will have to turn on authentication in the web container configuration file, so that all incoming requests are authenticated in order to be processed. 

D. The developer will have to configure the web container to require authenticated access to the URLs corresponding to this resource, and then map web-tier roles to ejb-tier roles, since the JAX-RS and EJB runtimes cannot use the same set of roles. 

View Answer

Q2. Which two statements are true about WSDL 1.1 and the Basic Profile? (Choose two.) 

A. WSDL does NOT recommend a specific system for user-defined datatypes. 

B. WSDL recommends the use of XML Schema for user-defined datatypes. 

C. WSDL mandates the use of XML Schema for user-defined datatypes. 

D. Basic Profile recommends the use of XML Schema for user-defined datatypes. 

E. Basic Profile mandates the use of XML Schema for user-defined datatypes. 

F. Basic Profile recommends the use of either XML Schema or DTD for user-defined datatypes. 

View Answer

Q3. A purchase order Web service is designed to be synchronous, request-response, and HTTP-based. The existing service processes the request immediately. Because of new business requirements, the service can take up to ten days to perform a credit check before processing the order. Which two design changes should be made? (Choose two.) 

A. The client needs to use dynamic proxies instead of stubs. 

B. The client needs to develop and deploy a Web service to accept callbacks. 

C. The service only needs to change the WSDL from rpc-literal to document-literal. 

D. The client and the service need to establish a mechanism to correlate the messages. 

E. Given delays of up to ten days, a polling strategy is more efficient than callback. 

View Answer

Q4. A Web service needs to encrypt certain SOAP headers when responding. Which statement about this encryption is true? 

A. The Web service runtime is the appropriate place for such encryption. 

B. The Web service business logic is the appropriate place for such encryption. 

C. Either the Web service business logic or runtime is appropriate for such encryption. 

D. Neither the Web service business logic nor runtime is appropriate for such encryption. 

E. Transport level security protocol like SSL should be used to meet the requirements without code changes. 

View Answer

Q5. Which of the following is NOT a correct way of configuring handlers on a Web Service client ? (Choose one) 

A. Specify the handlers in jaxws-catalog.xml and make it available in the classpath of the client 

B. Create a handlerchain as list of handlers and call setHandlerChain() with that list on the Binding object. 

C. Programmatically configure the handlers by setting a custom HandlerResolver on the service instance and create proxies from that service. 

D. Specify handlers in handler chain configuration XML file and add @HandlerChain referencing handler configuration file to the Web Service references for clients running in JavaEE Container. 

View Answer

Q6. Given the JAX-RS root resource class fragment: 

Choose the statement that best describes the configuration that would be required to support the access control constraint shown: 

A. No further configuration is required - the JavaEE runtime will pick up the security constraint and configure the web container to match. 

B. The developer will have to configure the web container to require authenticated access to the URLs corresponding to this resource, so the proper information can be propagated to the EJB container. 

C. The developer will have to turn on authentication in the web container configuration file, so that all incoming requests are authenticated in order to be processed. 

D. The developer will have to configure the web container to require authenticated access to the URLs corresponding to this resource, and then map web-tier roles to ejb-tier roles, since the JAX-RS and EJB runtimes cannot use the same set of roles. 

View Answer

Q7. A student developer has created a new library of math functions to share with friends in a linear algebra class. The developer is having difficulty getting people to come over to the dorm to see the new code library, so he decides to deploy it as a Web service so that everyone can enjoy the features via the Internet. One of the functions has this WSDL definition: 

<portType name="MyMathLib"><operation name="incCtr"><input message="tns:incCtr"/></operation></portType> 

Which two statements are true about this Web service? (Choose two.) 

A. This is an asynchronous receive. 

B. This indicates a one-way message exchange pattern 

C. The client must use SOAPFaultException to display any errors. 

D. It must send a SOAP fault back to the sender. 

E. It must NOT send a SOAP fault back to the sender. 

View Answer

Q8. Which two statements are true about public key digital signatures applied to Web services? (Choose two) A. The receiver verifies that the message matches the digital signature using its own private key. 

B. The sender creates a digital signature using its own private key and sends that signature along with the original document. 

C. The sender creates a digital signature using its own public key and sends that signature along with the original document. 

D. The receiver verifies that the message matches the digital signature using the sender's public key. 

View Answer

Q9. An airline built and deployed a back-end application to manage reservations. To support interoperability with as large a base of standalone client applications as possible, the services provided by this back-end application are exposed as XML-based restful web services. Management just added a new requirement that AJAX-based web application clients be supported, too. One of the developers suggested that it is enough to extend the existing application to support both XML-based and JSON-based restful web services. Assuming the developer is correct, choose the sentence that best describes an attempt to introduce this ability as this developer suggests (Choose one): 

A. The attempt will fail, because JAX-RS does not support both XML- and JSON- based restful services in parallel. 

B. The attempt will be trivial to implement, since JAX-RS just needs for the application to specify that both XML- and JSON-based interaction will be supported. 

C. The attempt can succeed, but it will require a significant amount of new code, since JAX-RS does support both XML- and JSON-based interaction - but not single resource can support both kinds of interaction simultaneously. 

D. The attempt will fail, because there is more to the difference between XML-based and JSON-based interactions than just the data representation used. 

View Answer

Q10. Which of the following is NOT true about configuring handlers on a Web Service endpoint? (Choose one) 

A. EE container automatically processes the handlers packaged in the application and configures it on the applicable endpoint 

B. Handlers can be configured using @HandlerChain annotation on endpoints configured with @WebService 

C. Handlers can be configured using @HandlerChain annotation on endpoints configured with @WebServiceProvider 

D. Handlers can be configured for endpoints in the deployment descriptor (webservices.xml) 

View Answer