Java - Interview Questions and Answers for 'Security' | Search Java Interview Question - javasearch.buggybread.com
Javasearch.buggybread.com
Share

Search Java Interview Questions


 2137 questions in repository.
 There are more than 200 unanswered questions.
Click here and help us by providing the answer.
Label / Company      Label / Company / Text

   



Spring Security


   




Interview Questions and Answers for 'Security' - 6 question(s) found - Order By Newest

Advanced level question. Frequently asked in High end product companies. Frequently asked in Cognizant ( Based on 2 feedbacks )
  Q1. Why is String immutable in Java ?Core Java
Anonymous
Ans. 1. String Pool - When a string is created and if it exists in the pool, the reference of the existing string will be returned instead of creating a new object. If string is not immutable, changing the string with one reference will lead to the wrong value for the other references.

Example -

String str1 = "String1";
String str2 = "String1"; // It doesn't create a new String and rather reuses the string literal from pool

// Now both str1 and str2 pointing to same string object in pool, changing str1 will change it for str2 too

2. To Cache its Hashcode - If string is not immutable, One can change its hashcode and hence it's not fit to be cached.

3. Security - String is widely used as parameter for many java classes, e.g. network connection, opening files, etc. Making it mutable might possess threats due to interception by the other code segment.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like      Discuss      Correct / Improve     java   oops   string   string class   immutable   advanced     Barclays  Jungo  Cloudera  Allston  Man Group  Prokarma  Optimus  Gamesys  ABS  TransPerfect  Fidelity  Deloitte  Zalando  Cognizant (CTS)  Zeta Interactive  SuccessFactors   EchoStar  InterGlobe Technologies  HCL Technologies  Intuit  JP Morgan  Optimus Information  Faichi Solutions  Blip  Adobe  Subex Limited  Remo Software  Allstate  IBM  Bizmatics  Bytecode Cyber Security  Calsoft Systems  IDS Infotech      expert        frequent

Try 4 Question(s) Test


Advanced level question usually asked to senior developers , leads and architects.
 Q2. How does volatile affect code optimization by compiler?Core Java
Admin
info@buggybread.com
Ans. Volatile is an instruction that the variables can be accessed by multiple threads and hence shouldn't be cached. As volatile variables are never cached and hence their retrieval cannot be optimized.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like      Discuss      Correct / Improve     java   java keywords   volatile   synchronization   compiler optimization   variable caching   architecture     Embedded security  Driver engineer  Sokrati      expert


 Q3. How does making string as immutable helps with securing information ? How does String Pool pose a security threat ?Core Java2017-06-22 11:32:57

Ans. String is widely used as parameter for many java classes, e.g. network connection, opening files, etc. Making it mutable might possess threats due to interception by the other code segment or hacker over internet.

Once a String constant is created in Java , it stays in string constant pool until garbage collected and hence stays there much longer than what's needed. Any unauthorized access to string Pool pose a threat of exposing these values.


 Help us improve. Please let us know the company, where you were asked this question :   

   Like      Discuss      Correct / Improve     Security  String pool   string immutable


 Q4. What is a certificate authority ?Security2017-01-23 12:58:48

Ans. A trusted organization which issues public key certificates and provides identification to the bearer.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like      Discuss      Correct / Improve     authentication  auth certificates


 Q5. What is ACL ?Operating System2017-03-01 09:45:12

Ans. Access Control List or ACL is the list of permissions attached to an object in the File System.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like      Discuss      Correct / Improve     acl  file system  file security  object security  operating system


 Q6. Java doesn't provide exclusive access to memory like C/C++ and other lower level languages ? What are the advantanges and disadvantages ?Core Java2017-05-20 16:22:05

Ans. Yes, doesn't provide exclusive access as we cannot allocate and deallocate memory exclusively as Java internally manages it. The advantage of this is that it relieves the coder for such tasks and helps protect from many bugs that may get introduced with imperfect coding. Moreover as java garbage collector collects all unclaimed memory or objects, it helps the application from memory leaks.

On the flip side , as coder doesn't have extensive excess to memory , it is upto java to decide on the state for programming construct and data storage and hence may introduce some security risks. For example - Java keeps string literals in string pool and there is no exclusive way to remove it and hence may stay and sensitive data in string pool may introduce security issues. Moreover when we overwrite a value or object for a variable / reference, it is upto java to purge those values and hence it may stay in memory for a while till java decide that it is no longer referenced and hence should be removed and hence makes it vulnerable for inappropriate access.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like      Discuss      Correct / Improve     disadvantages of garbage collection  advantages and disadvantages of java memory management  java for security applications  java with sensitive data  memory management




Subscribe to Java News and Posts. Get latest updates and posts on Java from Buggybread.com
Enter your email address:
Delivered by FeedBurner



comments powered by Disqus
 

Help us and Others Improve. Please let us know the questions asked in any of your previous interview.

Any input from you will be highly appreciated and It will unlock the application for 10 more requests.

Company Name:
Questions Asked:
         

X Close this

2 person from Ashburn are looking for questions for 'Security'. Connect with them to better prepare for your interview.Click here and post a message

X Close this

Help Us Improve.
Please share your
interview experience.

Company Name:   


Questions Asked: