Don't forget to create account on our site to get access to more material made only for free registered user.  

CCD-410 Certifcation CCA-500 Hadoop Administrator Exam HBase Certifcation CCB-400 Data Science Certifcation Hadoop Training with Hands On Lab

152 Practice Questions for Java WebService Certifications (Lifetime access & free updates on same machine)

Java WebService Training (JAX-WS and JAX-RS)

Q22. You have developed WebService, which will be consumed by your clients. However, you want Data integrity and confidentiality must be maintained between the client and the server. Which two meet all of these requirements?
 
A. X.509 and XKMS
B. XACML and XKMS
C. SSL and mutual authentication
D. XML Encryption and XML Digital Signature
E. Private network and XML Signature
 
 
Ans: C, D
Exp:
 
SSL:
 
Irrespective of the way a web service is implemented, most enterprise applications, including those that use web services, need to run in a secure environment. Transport Layer Security (TLS)/Secure Sockets Layer (SSL) is a point-to-point secure transport mechanism that can be used for authentication, message integrity, and confidentiality. TLS/SSL (or in this tip, simply "SSL") meets the security requirements of most enterprise application environments, and is widely adopted.
 
Java class for the web service. SSL has no impact on the Java code for the web service endpoint. The same code works for web services that use SSL or that don't use SSL.
 
One important aspect of secure communication through SSL is server authentication that is, confirming the identity of the server to the client. Another aspect is client authentication, where the dedicated server confirms the identity of the client. In SSL, you can have either server authentication or the combination of server and client authentication (but not client authentication alone). This tip uses the term "mutual authentication" to mean the combination of server and client authentication. (Note however that other documents might attach a different meaning to mutual authentication. For example, in some documents, the term client authentication is synonymous with mutual authentication.)
 
To enable SSL server authentication, you need to set the <transport-guarantee> element to CONFIDENTIAL. For a web service implemented as an EJB endpoint, you set the element in the sun-ejb-jar.xml deployment descriptor. For a web service implemented as a servlet, you set the element in the web.xml deployment descriptor.
 
In GlassFish, WSDL files are protected by SSL for endpoints with SSL or SSL mutual authentication. For SSL mutual authentication, you need to set the <auth-method> sub element of the <login-config> element to CLIENT-CERT. You also need to set the <transport-guarantee> element to CONFIDENTIAL. For instance, in sun-ejb-jar.xml;
 
XML DIGITAL SIGNATURE
The XML digital signature is designed to be used in XML transaction and provides authentication, data integrity, and non-repudiation. XML digital signature offers flexibility by allowing for one or more items to be signed, as well as both XML and non-XML data.  Additionally, it is used to sign only specific portions of the XML tree, rather than the complete document.
 
The XML signature itself will generally indicate the location of the original signed object. This reference can:
 
Be referenced by a URI within the XML signature
Reside within the same resource as the XML signature (the signature is a sibling)
Be embedded within the XML signature (the signature is the parent)
Have its XML signature embedded within itself (the signature is the child)
XML ENCRYPTION
XML Encryption gives developers a secure, uniform way to protect their XML documents. Using this scheme, only the data that should be encrypted will be, rather than the whole document.
 
XML KEY MANAGEMENT SPECIFICATION (XKMS)
XKMS consists of two parts: XKISS (XML Key Information Service Specification) and XKRSS (XML Key Registration Service Specification). XKISS defines a protocol for resolving or validating public keys contained in a signed and encrypted XML documents, while XKRSS defines a protocol for public key registration, revocation, and recovery.
 
The key aspect of XKMS is that it serves as a protocol specification between an XKMS client and in XKMS server. In doing this, the XKMS server provides trust services to its clients (in the form of web services) by performing various public key infrastructure (PKI) operations, such as public key validation, registration, recovery, and revocation on behalf of the clients.
 
EXTENSIBLE ACCESS CONTROL MARKUP LANGUAGE (XACML)
The primary goal of XACML is to standardize the access control language in XML syntax. There is no need to develop an application-specific access control language or to write the access control policy in multiple languages; instead, system administrators should need to understand only one standardized language.

152 Practice Questions for Java WebService Certifications (Lifetime access & free updates on same machine)

Java WebService Training (JAX-WS and JAX-RS)