Sample Questions

Managing Users and Credentials

Which statement is a function of user management?

  • a) Restrict what operations/data the user can access
  • b) Auditing user activity in the system
  • c) Update email, mobile, first name, last name of the user
  • d) All of the above

Which statement about email template management in WSO2 Identity Server is incorrect?

  • a) WSO2 Identity Server supports HTML-based email templates
  • b) WSO2 Identity Server supports text-based email templates
  • c) Email templates can be configured tenant-wise.
  • d) Email templates can be configured user store-wise

Implementing Access Delegation for Web and Mobile Applications

Which token types are used during the UMA 2.0 flow?

  • a) PAT token
  • b) Kerberos token
  • c) NTLM token
  • d) OTP token

Which statement describes OAuth 2.0 more accurately?

  • a) It is an open standard used for access delegation
  • b) It is an open framework used for authentication
  • c) It is a framework designed for single sign-on
  • d) It is an open standard used for authentication and authorization

Setting up Single Sign-On for Web and Mobile Applications

What is the latest version of SAML?

  • a) 1
  • b) 1.1
  • c) 2
  • d) 3

OIDC is an __________ protocol.

  • a) Authorization
  • b) Authentication
  • c) User-management
  • d) All of the above

What is the purpose of having ‘Open Standards’?

  • a) When using application ecosystems ‘Open Standards’ are used to authenticate the users
  • b) To maintain a well defined message format for communication between the identity provider and service provider
  • c) The identity provider should expose a metadata file which describes the ‘Open Standards’ supported by the identity provider and when plugging a new application to the identity provider, the service provider should adhere to that metadata file information
  • d) Open standards are developed by the application developers and passed to the identity provider in the authentication request to preserve the security of sensitive data

Setting up Outbound Federation with Third-Party and Social Identity Providers

Based on the definition of identity federation, which protocols are ideal for identity federation?

  • A. OpenID Connect
  • B. SCIM
  • C. SAML
  • D. XACML
  • a) A and B only
  • b) A, C and D only
  • c) A and C only
  • d) A, B, C and D

Securing Access to Web and Mobile Applications with Strong and Adaptive Authentication

What is not a decision factor in Adaptive Authentication?

  • a) Request or environment factors
  • b) User behavior
  • c) Analytics and machine learning
  • d) Workflows

What authentication factor category does fingerprint data fall into?

  • a) Knowledge factor
  • b) Ownership factor
  • c) Inheritance factor
  • d) None of the above

Provisioning Users to External Systems with SCIM 2.0

Which is NOT a task that falls under a provisioning system?

  • a) Audit trails and reports
  • b) Workflow management
  • c) Single Sign-On
  • d) Password recovery capabilities

Implement Fine-grained Access Control Policies with XACML

What does XACML stand for?

  • a) eXtensible Access Control Markup Language
  • b) eXtensible Access Check Markup Language
  • c) eXtensible Authorization Control Markup Language
  • d) eXtensible Authentication Check Markup Language

Which statement about the responsibility of PEP is incorrect?

  • a) The PEP converts the request into an XACML authorization request
  • b) The PEP forwards the authorization request to the Policy Decision Point (PDP)
  • c) The PEP evaluates the authorization request against the policies it is configured with
  • d) The PEP forwards the decision coming from PDP