Return to site

JAVA CERTIFICATION QUESTION: Secure serialization and deserialization

· java,ocp

The objective here is to make serialization and deserialization secure while making often-changing code easier to maintain.

For this advanced-level Java SE 11 quiz, imagine you are working on an application that makes extensive use of serialization of business objects.

Fields are being added to, and removed from, the business object classes over time;

this is causing problems with old serialized representations becoming inconsistent with new code.

Which change best facilitates managing these changes and keeping the business object working? Choose one.

A) Implement java.io.Externalizable and choose which variables to serialize.

B) Make unwanted instance variables private.

C) Make unwanted instance variables transient.

D) Add a serialPersistentFields array and refer to it from writeObject / readObject when writing or reading required variables.

 

The answer is D.