Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home IBM C5050-408

IBM C5050-408 Exam Practice Questions (P. 3)

  • Full Access (74 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #11
An application developer has started configuring header-based authentication for an application. So far, the developer has implemented the security test and login module as follows:
<securityTests>
<customSecurityTest name="HeaderTest">
<test realm="RealmHeader" isInternalUserID="true" />
</customSecurityTest>
</securityTests>
<loginModules>
<loginModule name="HeaderLogin">
<className>com.worklight.core.auth.ext.HeaderLoginModule</className>
<parameter name="user-name-header" value="username"/>
</loginModule>
</loginModules>
Which of the following is a valid realm definition that the application developer can use for this header login module?
  1. A
    <realms> <realm name="RealmHeader" loginModule="HeaderLogin"/> </realms>
  2. B
    <realms> <realm name="RealmHeader" loginModule="HeaderLogin"> <onLoginUrl>/login.html</onLoginUrl> </realm> </realms>
  3. C
    <realms> <realm name="RealmHeader" loginModule="HeaderLogin"> <className>com.worklight.core.auth.ext.HeaderAuthenticator</className> </realm> </realms>
  4. D
    <realms> <realm name="RealmHeader" loginModule="HeaderLogin"> <className>com.worklight.integration.auth.ext.HeaderAuthenticator</className> <parameter name="login-page" value="/login.html"/> <parameter name="error-page" value="/loginError.html"/> </realm>

Correct Answer:
D
Each realm has a name, a loginModule specification, a className of an authenticator implementation and optional parameters.
Example:
<realm name="WASLTPARealm" loginModule="WASLTPAModule">
<className>com.worklight.core.auth.ext.WebSphereFormBasedAuthenticator</className>
<parameter name="login-page" value="/login.html"/>
<parameter name="error-page" value="/loginError.html"/>
</realm>
References:
https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-6-3/authentication-security/authentication-concepts/

Question #12
An application developer has determined that Worklight does not provide an authenticator that meets the complex needs of the application being developed. It is decided that the developer must implement a custom authenticator.
Which interface must the application developer implement?
  1. A
    com.worklight.core.auth.api.CustomAuthenticator
  2. B
    com.worklight.core.auth.api.AuthenticationService
  3. C
    com.worklight.server.auth.api.CustomAuthenticator
  4. D
    com.worklight.server.auth.api.WorkLightAuthenticator

Correct Answer:
D
Your custom authenticator class must implement the com.worklight.server.auth.api.WorkLightAuthenticator interface.
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.dev.doc/devref/t_custom_authenticator.html

Question #13
An application developer has implemented certificate based authentication. The developer wants to enforce that the application immediately authenticates with a certificate when connecting to the Worklight server.
What must the application developer do to configure this security setting for the Android environment?
  1. A
    Add protection for static resources in the authenticationConfig.xml file.
  2. B
    Add the certificate-based securityTest as an attribute to the android element in the applicationDescriptor.xml file.
  3. C
    Enable and configure certificate based authentication in the worklight.properties file.
  4. D
    Enable WebShere Application Server application security to enforce authentication by WebShere Application Server.

Correct Answer:
A
Application authenticity is based on certificate keys that are used to sign the application bundle.
The following sections present an example of how application authenticity is enabled for iOS and Android:
The first step in enabling application authenticity is to modify your authenticationConfig.xml file to add relevant authenticity realms to your security tests:
If you use <mobileSecurityTest>, you must add the <testAppAuthenticity/> child element to this file.
If you use <customSecurityTest>, you must add <test realm="wl_authenticityRealm"/> child element to the file.
Etc.
Reference:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.1.0/com.ibm.worklight.dev.doc/dev/c_ibm_worklight_app_authentication_overview.html

Question #14
An application developer is implementing the server-side components for custom device provisioning. To accomplish this task, the developer has created the adapter named ProvisioningAdapter. Finally, two functions must be added to complete the task.
What must the two functions do that the application developer should add to the adapter?
  1. A
    Validate the certificate from the device is still valid. Validate that the device is authorized to be provisioned.
  2. B
    Validate the certificate from the device is still valid. Validate the provisioning request.
  3. C
    Validate that the device provisioning is triggered. Validate that the login module provides the correct credentials.
  4. D
    Validate that the device provisioning is triggered.

Correct Answer:
B
With Custom device provisioning you can validate:
Certificate Signing Request during initial provisioning flow.
Certificate during every application start.
References:
https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-6-3/authentication-security/custom-device-provisioning/

Question #15
An application developer is working with the Worklight administrator to secure a mobile application using adapter based authentication. The administrator provides the following configuration in the authenticationConfig.xml file.
<securityTests>
<customSecutityTest name="AuthenticationAdapter-securityTest">
<test isInternalUserID="true" realm="AdapterAuthRealm"/>
</customSecutityTest>
</secutityTests>
<realms>
<realm loginModule="AdapterAuthLoginModule" name="AdapterAuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="AuthAdapter.onAuthRequired"/>
<parameter name="logout-function" value="AuthAdapter.onLogout"/>
</realm>
<realms>
<loginModules>
<loginModule name="AdapterAuthLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
</loginModules>
What must the application developer do to ensure security is enforced as required?
  1. A
    Create a Worklight adapter named AuthAdapter and implement the onAuthRequired and onLogout functions properly.
  2. B
    Create a Worklight adapter named AuthAdapter and implement the onAuthRequired, onLogout, and submitCredentials functions.
  3. C
    Create a Java class for the login module named AuthAdapter that implements the interface defined by com.worklight.core.auth.ext.NonValidatingLoginModule paying particular attention to implementing the onAuthRequired and onLogout methods.
  4. D
    Create a Java class named AuthAdapter that implements the interface defined by com.worklight.integration.auth.AdapterAuthenticator paying particular

Correct Answer:
C

Previous Questions Next Questions

All Pages