Питання до тесту «Secure Token and Storage Fundamentals in React Native»
undefined • 15 питань
Список усіх питань з тесту «Secure Token and Storage Fundamentals in React Native» (undefined). Переглядайте та практикуйтеся з окремими питаннями.
- Питання 1Один з чотирьохWhat is the primary reason access tokens should be kept in memory rather than persisted to disk in a React Native app?
- Питання 2Один з чотирьохWhy is `expo-secure-store` preferred over `AsyncStorage` for storing refresh tokens?
- Питання 3Один з чотирьохIn the access/refresh token pattern, why is the access token designed to be short-lived (e.g., 5-15 minutes)?
- Питання 4Один з чотирьохWhat problem does "refresh token rotation" specifically address?
- Питання 5Один з чотирьохWhy shouldn't sensitive clinical/PHI data be persisted via `redux-persist` using its default storage engine in a healthcare RN app?
- Питання 6Один з чотирьохWhat is the purpose of adding a biometric re-confirmation step (e.g., Face ID) on top of an already-valid OAuth session when the app returns from back...
- Питання 7Один з чотирьохIn the "single-flight" refresh pattern, what problem is being solved when multiple API calls receive a 401 simultaneously?
- Питання 8Один з чотирьохWhat is the main security benefit of sender-constrained tokens (e.g., via DPoP or mTLS client certificates) over a standard bearer refresh token?
- Питання 9Один з чотирьохWhy is certificate pinning relevant to protecting tokens, even though tokens are already stored securely on-device?
- Питання 10Один з чотирьохIf a refresh token is stolen by an attacker but rotation/reuse-detection somehow fails to catch it, which mechanism still bounds the potential damage?
- Питання 11Один з чотирьохWhich library combination is most appropriate for implementing a PKCE-compliant OAuth/OIDC login flow in an Expo-managed React Native app, while avoid...
- Питання 12Один з чотирьохYou need to store a refresh token securely in an Expo-managed RN app. Which snippet correctly does this using `expo-secure-store`?
- Питання 13Один з чотирьохIn an RTK Query setup, where is the correct place to implement the single-flight token-refresh-on-401 logic?
- Питання 14Один з чотирьохWhich approach correctly implements certificate pinning for API calls handling PHI in a React Native app?
- Питання 15Один з чотирьохA teammate suggests storing both the access token and refresh token together in a single `expo-secure-store` entry as a JSON string to simplify the co...