Web Services Security Interview Question-Answer

Q.1 SOAP stands for?

       A. Simple Object Access Protocol

       B. Simple Object Access Process

       C. Standard Object Access Protocol

       D. Standard Object Access Process

Ans : Simple Object Access Protocol

Q.2 Web services are language and platform independent.

       A. True

       B. False

Ans : True

Q.3 Which of the following is a standard format to describe a Web service?

       A. Web Services Definition Language

       B. Web Services Design Language

       C. Web Services Description Language

       D. Web Services Development Language

Ans : Web Services Description Language

Q.4 To exchange information between computers, requests are encoded in ________ and sent via ___________.

       A. XML, HTTP POST

       B. HTML, HTTP GET


       D. XML, HTTP GET


Q.5 Which among the following is a software system designed to support interoperable machine-to-machine interaction over a network?

       A. Java Services

       B. Browser Action

       C. Web Services

       D. Struts Services

Ans : Web Services

Q.6 Which of the following is a authentication mechanism for the application level?

       A. HTTP Basic

       B. HTTP Digest

       C. SAML

       D. SSL

       E. All option

Ans : All option

Q.7 Which of the following operates in tunnel mode?

       A. SSL

       B. PGP

       C. IPSec

       D. All the above options

Ans : IPSec

Q.8 Kerberos is a protocol used for ___________.

       A. Encryption

       B. Authentication

       C. Authorization

Ans : Authentication

Q.9 Which of the following is not an OASIS standard for Web service security?

       A. SMIL

       B. SAML

       C. WS-Secure Conversation

       D. None of the options

Ans : SMIL

Q.10 HTTP is an _________ layer protocol.

       A. Transport

       B. Application

       C. Network

Ans : Application

Q.11 The Web services protocol for creating and sharing security context:

       A. WS-Trust

       B. WS-Secure Conversation

       C. WS-SecurityPolicy

       D. WS-PolicyAttachment

Ans : WS-Secure Conversation

Q.12 Authentication and authorization information from the requester is usually represented in the form of ‘_______’.

       A. Hashes

       B. Tickets

       C. Digests

       D. Tokens

Ans : Tokens

Q.13 SOAP Digital Signatures exploits _____________________ to digitally sign SOAP messages.

       A. Symmetric Key Cryptography

       B. Obfuscation algorithms

       C. Hash Algorithms

       D. Public Key Cryptography

Ans : Public Key Cryptography

Q.14 How many predominant roles are defined in the Web service architecture

       A. Two

       B. Four

       C. Three

       D. Five

Ans : Three

Q.15 An XML based framework for describing, discovering and integrating Web services.

       A. Unified Design, Description and Integration

       B. Universal Description, Discovery and Integration

       C. Universal Development, Design and Integration

       D. Unified Description, Definition and Integration

Ans : Universal Description, Discovery and Integration

Q.16 The three major roles in the Web service architecture.

       A. SOAP, WSDL, UDDI

       B. Service Provider, Service Requester, Service Registry

       C. Service Transport, XML Messaging, Service Description

Ans : Service Provider, Service Requester, Service Registry

Q.17 Strong authentication schemes along with message time stamp and sequence numbering can be used as a countermeasure against ________________.

       A. Man in the middle attacks

       B. Spoofing

       C. Message Interception

       D. Replay Attacks

Ans : Replay Attacks

Q.18 Which of the following are authentication mechanisms for the application level?

       A. Kerberos

       B. SAML

       C. SPKM

       D. X.509

       E. All of these

Ans : X.509

Q.19 The major security issue to be considered for Web services:

       A. Authentication

       B. Network Security

       C. Confidentiality

       D. All the options

Ans : All the options

Q.20 HTTP encompasses in-built support for Basic and Digest authentication

       A. True

       B. False

Ans : True

Q.21 IPSec is usually implemented at the operating system level.

       A. True

       B. False

Ans : True

Q.22 A part of UDDI that acts as an interface between Web service applications.

       A. WSDL

       B. SOAP Messages

       C. Service Registry

Ans : WSDL

Q.23 WS-Security headers include mechanisms for:

       A. Signature

       B. Authorization

       C. Authentication

       D. Encryption

Ans : Authorization

Q.24 Which among the following enhances WS-Security to facilitate a mechanism for issuing, renewing, and validating security tokens?

       A. WS-SecurityPolicy

       B. WS-Secure Conversation

       C. WS-PolicyAttachment

       D. WS-Trust

Ans : WS-Trust

Q.25 Access control for services, resources, devices are based on the _________ of the requester.

       A. Authenticity

       B. Authority

       C. Identity

       D. All the options

Ans : Authority

Q.26 Which of the following facilitates the encoding of messages in a common XML format?

       A. Service Description

       B. XML Messaging

       C. Service Definition

       D. None of the options

Ans : XML Messaging

Q.27 Service description is handled by _____________________.

       A. SOAP

       B. UDDI

       C. WSDL

Ans : WSDL

Q.28 HTTP, FTP, SMTP are included in which layer of the Web service protocol stack?

       A. Service transport

       B. Service Discovery

       C. XML Messaging

Ans : Service transport

Q.29 Signing and encrypting messages are used to ensure:

       A. Checking token information

       B. Checking ticket information

       C. Data Integrity

       D. Confidentiality

       E. All the options

Ans : All the options

Q.30 SSL provides direct support for role-based authorization.

       A. True

       B. False

Ans : False

Leave a Comment