An application developer is creating a WorkLight project that contains a Native API application. When creating the Native API application, the developer has provided the
Project name as well as the native API name. The developer is now presented with an option to choose which specific environment they would like to create the Native API for.
Which environment types are the supported options for a valid Native API application that the application developer can choose from?
Answer : B
Explanation:
Your native application requires the content of such a Native API application. This content depends on the selected mobile environment, and your native application requires it to use the corresponding IBM Worklight native API:
-> The IBM Worklight Objective-C client-side API, if your Native API application is for the iOS environment
-> The IBM Worklight Java™ client-side API, if your Native API application is for the
Android environment -
-> The IBM Worklight Java client-side API, if your Native API application is for the
Java Platform, Micro Edition(Java ME)
In Worklight 6.2 you can also use native C# API applications for Windows Phone 8
References:
http://www.ibm.com/support/knowledgecenter/SSZH4A_6.1.0/com.ibm.worklight.dev.doc/d evref/ r_development_guidelines_for_using_native_api.html https://www.ibm.com/support/knowledgecenter/
SSZH4A_6.2.0/com.ibm.worklight.dev.doc/devref/c_app_desc_native_api_wp8.html
An application developer intends to use Worklight Android native APIs to develop a performance intensive mobile application.
Which one of the following permissions in AndroidManifest.xml should the application developer use so the application can communicate with the Worklight Server?
Answer : A
Explanation:
The INTERNET permission is required by Worklight Quality Assurance to connect with the
IBM Worklight Quality Assurance server.
References:
http://www.ibm.com/support/knowledgecenter/api/content/SSFRDS_6.0.0/com.ibm.mqa.ua u.doc/topics/ t_InstallingTheAndroidProductionLibraries.html
An application developer has implemented the following security test to protect a mobile application.
<mobileSecurityTest name=mobileTest>
<testUser realm=myMobileLoginForm/>
<testDeviceID provisioningType=none />
</mobileSecurityTest>
The corporate security team has recently learned about cross-site request forgery (XSRF) attacks against the company's website. The corporate security team wants to prevent further attacks and has asked the developer to protect the mobile application against XSRF attacks.
What step must the application developer take to protect against XSRF attacks?
Answer : A
Explanation:
The mobileSecurityTest contains:
* The following realms, enabled by default: wl_anonymousUserRealm, wl_antiXSRFRealm, wl_remoteDisableRealm and wl_deviceNoProvisioningRealm. * The user and device realms that you must specify.
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.1.0/com.ibm.worklight.dev.doc/ devref/ r_security_tests.html
An application developer wants to use Simple Data Sharing to pass data to another application that is currently being developed.
What must the application developer do in Worklight Studio to enable this capability for this hybrid application?
Answer : D
Explanation:
To enable simple data sharing, you must modify the application descriptor.
Procedure -
-> Add an Android or iOS environment.
-> Add the Simple Data Sharing option.
-> Enable the Simple Data Sharing option and specify an application family name.Etc.
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.dev.doc/ devref/ t_enabling_simple_data_sharing_hybrid.html
The following is part of a HTTP adapter invocation result.
college:{
class:{
description: Class object
student: {
description: Students marks details,
title:Top Stories
},
studentmarks: [
name: Mirjana Lucic-Baroni.,
marks: 90,
level: Level one
name: Rose Way.,
marks: 87,
level: null
} }
An application developer needs to send only the name and marks information to a mobile application using the adapter xsl file.
Which xsl file code snippet will enable the application developer to achieve this?
Answer : B
Explanation:
For each studentmarks select the the name and marks.
While developing an Android-based hybrid application, the application developer is required to use a pure Native Activity before navigating to a Web view.
Which interface should the application developer implement for the Activity that has the
Web view?
Answer : D
Explanation:
public interface WLInitWebFrameworkListener
Implementing class will receive notification on Worklight web framework initialization.
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.apiref.do c/html/refjavaworklight-android- native/html/com/worklight/androidgap/api/WLInitWebFrameworkListener.html
An application developer is securing an application by using an adapter. The application developer has registered the following procedures in the adapter's xml file.
<procedure name=submitAuthentication />
<procedure name=requestForData securityTest=AuthAdapterTest />
Which function must the application developer invoke in the authentication adapter at the end of the login sequence to consider the user's session authenticated?
Answer : B
Explanation:
WL.Server.setActiveUser creates a user identity in a specified realm.
It is used in authenticator adapters at the end of the login sequence. Creates a user identity in the specified realm with the properties in the specified identity parameter. As a result of this method, the user's session is considered authenticated.
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.0.0/com.ibm.worklight.help.doc/ apiref/ r_method_wl_server_setactiveuser.html
A mobile application developer needs to modify the direct update interface of an application to set a custom message requested by a client. To accomplish this task, the application developer needs to use the handleDirectUpdate function.
How should the application developer implement this requirement?
Answer : D
Explanation:
The handler function should have two parameters (directUpdateData, directUpdateContext)
, and the directUpdateContext.start() function should be used.
The following example handleDirectUpdate function implements a custom message in the direct update dialog: wl_directUpdateChallengeHandler.handleDirectUpdate = function(directUpdateData,directUpdateContext) { var customDialogTitle = 'Custom Title Text'; var customDialogMessage = 'Custom
Message Text'; var customButtonText = 'Custom Button Text';
WL.SimpleDialog.show(customDialogTitle, customDialogMessage, [{ text : customButtonText, handler : function() { directUpdateContext.start();
}
}]); };
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.dev.doc/ dev/ c_customizing_direct_update_ui_android_wp8_ios.html
An application developer has implemented certificate based authentication. The developer wants to enforce that the application immediately authenticates with a certificate when connecting to the Worklight server.
What must the application developer do to configure this security setting for the Android environment?
Answer : A
Explanation: Section: (none)
Explanation -
Application authenticity is based on certificate keys that are used to sign the application bundle.
The following sections present an example of how application authenticity is enabled for iOS and Android: The first step in enabling application authenticity is to modify your authenticationConfig.xml file to add relevant authenticity realms to your security tests:
If you use <mobileSecurityTest>, you must add the <testAppAuthenticity/> child element to this file.
If you use <customSecurityTest>, you must add <test realm=wl_authenticityRealm/> child element to the file. Etc.
Reference:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.1.0/com.ibm.worklight.dev.doc/ dev/ c_ibm_worklight_app_authentication_overview.html
An application developer intends to submit a notification to all the device subscriptions of a specified user using IBM Worklight Server side APIs.
Which JavaScript server side method will enable the application developer to accomplish this task?
Answer : B
Explanation:
WL.Server.notifyAllDevices submits a notification to all a specified user's device subscriptions.
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.0.0/com.ibm.worklight.help.doc/ apiref/ r_method_wl_server_notifyalldevi.html
An application developer has determined that Worklight does not provide an authenticator that meets the complex needs of the application being developed. It is decided that the developer must implement a custom authenticator.
Which interface must the application developer implement?
Answer : D
Explanation:
Your custom authenticator class must implement the
com.worklight.server.auth.api.WorkLightAuthenticator interface.
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.dev.doc/ devref/ t_custom_authenticator.html
An application developer is developing an Android based Hybrid application but the application is returning an error on the startup process.
What are two valid initialization failure statuses that the application developer can identify on the startup process?
FAILURE_NOT_ENOUGH_SPACE -
Answer : D
Explanation:
The initialization status can be:
FAILURE_INTERNAL -
FAILURE_UNZIP -
FAILURE_CHECKSUM FAILURE_NOT_ENOUGH_SPACE
References:
http://www.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.dev.doc/d ev/ c_start_hybrid_app_android_in_webview.html
An application developer is using Worklight skins to support multiple from factors on an
Android based hybrid application that will run on phones and tablet devices. The developer built skins that modify the color and size of the text in the application based on the device that it is running on. To switch between them, the developer needs to modify a file in the
Worklight project.
What is the name of the file that the application developer needs to modify to set the skins to apply at runtime?
Answer : C
Explanation:
To set which skin to apply at run time, implement the function getSkinName() in the file skinLoader.js.
References:
https://www.ibm.com/support/knowledgecenter/SSHS8R_6.3.0/com.ibm.worklight.dev.doc/ devref/ c_developing_application_skins.html
An application developer is concerned about the performance of JSONStore API in a native iOS application and would like to collect that information.
Which code snippet will enable the application developer to accomplish this?
Answer : C
Explanation:
Performance metrics are collected every time a JSONStore API is called with information about the start and end times of an operation. You can use this information to determine how much time various operations take in milliseconds. Examples iOS
JSONStoreOpenOptions* options = [JSONStoreOpenOptions new];
[options setAnalytics:YES];
[[JSONStore sharedInstance] openCollections:@[...] withOptions:options error:nil];
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.dev.doc/ devref/ c_jsonstore_analytics.html
An application developer wants to protect their application against specific malware and repackaging attacks by implementing application authenticity testing via the console. Per the requirements, the developer wishes to implement a check where the Worklight Server will test the authenticity of an application. If the application fails the authenticity check, the
Worklight Server will output a message to the log containing relevant information, but the application will still run as expected.
Which type of application authenticity should the application developer implement via the console with the above requirements?
Answer : D
Explanation:
Worklight Console allows enabling or disabling the application authenticity realm in run time. This feature is useful for the Development and QA environments. There are three modes you can set:
-> Enabled, blocking – means that the application authenticity check is enabled. If the application fails the check,it is not served by a Worklight server.
-> Enabled, serving – means that the application authenticity check is enabled. If the application fails the check,it is still served by a Worklight server.
-> Disabled – means that the application authenticity check is disabled.
References:
https://www.ibm.com/support/knowledgecenter/SSZH4A_6.1.0/com.ibm.worklight.dev.doc/ dev/ c_ibm_worklight_app_authentication_overview.html