Serialization & Deserialization

What is serialization?

The process of converting an object into a format that can be stored or transmitted.

What is deserialization?

The process of reconstructing an object from its serialized form.

Why is serialization needed?

To save an object's state or send it over a network.

Name common formats used for serialization.

JSON, XML, YAML, Protocol Buffers, Avro.

What is Java’s built-in mechanism for serialization?

Implementing the Serializable interface.

What method is used to serialize an object in Java?

ObjectOutputStream.writeObject()

What method is used to deserialize an object in Java?

ObjectInputStream.readObject()

What is a serialVersionUID in Java?

A unique identifier to verify compatibility during deserialization.

What is the risk of deserialization?

Security vulnerabilities, such as remote code execution if data is tampered with.

What is custom serialization?

Overriding default serialization by implementing writeObject and readObject methods.

How can performance be improved in serialization?

By using more efficient formats like Protocol Buffers or Avro.

What is deep serialization?

Serializing an object along with the objects it references.

What is a common use case of serialization?

Storing session data or sending objects in distributed systems.

What happens if a non-serializable field is encountered?

Java throws a NotSerializableException.

What annotation can be used to ignore a field during serialization?

transient keyword in Java.