310-083 Sun Certified Web Component Developer for J2EE 5 Set 7

Which path is required to be present within a WAR file?


Options are :

  • /WEB-INF/classes
  • /index.html
  • /MANIFEST-INF
  • /classes
  • /WEB-INF/web.xml
  • /META-INF/index.xml
  • /WEB-INF/index.html

Answer : /WEB-INF/web.xml

310-083 Sun Certified Web Component Developer for J2EE 5 Set 8

Which statement is true about web container session management?


Options are :

  • If the web application uses HTTPS, then the web container may use the data on the HTTPS request stream to identify the client
  • The JSESSIONID cookie is stored permanently on the client so that a user may return to the web application and the web container will rejoin that session.
  • To activate URL rewriting, the developer must use the HttpServletResponse.setURLRewriting method.
  • Access to session-scoped attributes is guaranteed to be thread-safe by the web container

Answer : If the web application uses HTTPS, then the web container may use the data on the HTTPS request stream to identify the client

A developer has created a web application that includes a servlet for each use case in the

application. These servlets have become rather difficult to maintain because the request

processing methods have become very large. There is also common processing code in many

servlets because these use cases are very similar. Which two design patterns can be used

together to refactor and simplify this web application? (Choose two.)

A. Proxy

B. View Helper

C. Front Controller

D. Session Facade

E. Business Delegate

F. Model-View-Controller


Options are :

  • C,F
  • A,F
  • B,F
  • D,F

Answer : C,F

web component accesses a local EJB session bean with a component interface of

com.example.Account with a home interface of com.example.AccountHome and a JNDI reference

of ejb/Account. Which makes the local EJB component accessible to the web components in the

web application deployment descriptor?


Options are :

  • ejb/Account Session com.example.AccountHome com.example.Account
  • ejb/Account Session com.example.AccountHome com.example.Account
  • ejb/Account Session com.example.AccountHome com.example.Account
  • ejb/Account Session com.example.AccountHome com.example.Account

Answer : ejb/Account Session com.example.AccountHome com.example.Account

310-019 Sun Certified Associate.Java Platform Se Exam Set 1

One of the use cases in your web application uses many session-scoped attributes. At the end of

the use case, you want to clear out this set of attributes from the session object. Assume that this

static variable holds this set of attribute names:

201. private static final Set<String> USE_CASE_ATTRS;

202. static {

203. USE_CASE_ATTRS.add("customerOID");

204. USE_CASE_ATTRS.add("custMgrBean");

205. USE_CASE_ATTRS.add("orderOID");

206. USE_CASE_ATTRS.add("orderMgrBean");

207. }

Which code snippet deletes these attributes from the session object?


Options are :

  • for ( String attr : USE_CASE_ATTRS ) { session.removeAttribute(attr); }
  • session.removeAll(USE_CASE_ATTRS);
  • session.deleteAllAttributes(USE_CASE_ATTRS);
  • for ( String attr : USE_CASE_ATTRS ) { session.deleteAttribute(attr); }
  • for ( String attr : USE_CASE_ATTRS ) { session.remove(attr); }

Answer : for ( String attr : USE_CASE_ATTRS ) { session.removeAttribute(attr); }

A developer is designing a web application that must support multiple interfaces, including:

an XML web service for B2B

HTML for web-based clients

WML for wireless customers

Which design pattern provides a solution for this problem?


Options are :

  • Chain of Responsibility
  • Business Delegate
  • Model-View-Controller
  • Session Facade
  • Data Access Object

Answer : Model-View-Controller

For which three events can web application event listeners be registered? (Choose three.)

A. when a session is created

B. after a servlet is destroyed

C. when a session has timed out

D. when a cookie has been created

E. when a servlet has forwarded a request

F. when a session attribute value is changed


Options are :

  • A,B,D
  • A,C,E
  • A,C,F
  • A,B,C

Answer : A,C,F

310-019 Sun Certified Associate.Java Platform Se Exam Set 2

A developer is designing the presentation tier for a web application that relies on a complex

session bean. The session bean is still being developed and the APIs for it are NOT finalized. Any

changes to the session bean API directly impacts the development of the presentation tier. Which

design pattern provides a means to manage the uncertainty in the API?


Options are :

  • View Helper
  • Composite View
  • Intercepting Filter
  • Business Delegate
  • Front Controller
  • Chain of Responsibility

Answer : Business Delegate

Given a portion of a valid Java EE web application's directory structure:

MyApp

|

|-- Directory1

| |-- File1.html

|

|-- META-INF

| |-- File2.html

|

|-- WEB-INF

|-- File3.html

You want to know whether File1.html, File2.html, and/or File3.html is protected from direct access

by your web client's browsers.

What statement is true?


Options are :

  • Only File1.html is directly accessible.
  • All three files are directly accessible
  • Only File1.html and File2.html are directly accessible
  • Only File1.html and File3.html are directly accessible
  • Only File3.html is directly accessible.
  • Only File2.html and File3.html are directly accessible
  • Only File2.html is directly accessible.

Answer : Only File1.html is directly accessible.

You have created a servlet that generates weather maps. The data for these maps is calculated

by a remote host. The IP address of this host is usually stable, but occasionally does have to

change as the corporate network grows and changes. This IP address used to be hard coded, but

after the fifth change to the IP address in two years, you have decided that this value should be

declared in the deployment descriptor so you do NOT have the recompile the web application

every time the IP address changes. Which deployment descriptor snippet accomplishes this goal?


Options are :

  • WeatherServlet.hostIP 127.0.4.20
  • WeatherServlet.hostIP 127.0.4.20
  • WeatherServlet.hostIP 127.0.4.20
  • WeatherServlet.hostIP 127.0.4.20
  • WeatherServlet.hostIP 127.0.4.20

Answer : WeatherServlet.hostIP 127.0.4.20

310-019 Sun Certified Associate.Java Platform Se Exam Set 3

You are developing several tag libraries that will be sold for development of third-party web

applications. You are about to publish the first three libraries as JAR files: container-tags.jar,

advanced-html-form-tags.jar, and basic-html-form-tags.jar. Which two techniques are appropriate

for packaging the TLD files for these tag libraries? (Choose two.)

A. The TLD must be located within the WEB-INF directory of the JAR file.

B. The TLD must be located within the META-INF directory of the JAR file.

C. The TLD must be located within the META-INF/tld/ directory of the JAR file.

D. The TLD must be located within a subdirectory of WEB-INF directory of the JAR file.

E. The TLD must be located within a subdirectory of META-INF directory of the JAR file.

F. The TLD must be located within a subdirectory of META-INF/tld/ directory of the JAR file.


Options are :

  • B,E
  • A,E
  • D,E
  • C,E

Answer : B,E

Given the definition of MyObject and that an instance of MyObject is bound as a session attribute:

8. package com.example;

9. public class MyObject implements

10. javax.servlet.http.HttpSessionBindingListener {

11. // class body code here

12. }

Which is true?


Options are :

  • The com.example.MyObject must be declared as a servlet event listener in the web application deployment descriptor
  • The valueUnbound method of the MyObject instance is called when the session to which it is bound times out.
  • Only a single instance of MyObject may exist within a session.
  • The unbound method of the MyObject instance is called when the session to which it is bound times out

Answer : The valueUnbound method of the MyObject instance is called when the session to which it is bound times out.

As a convenience feature, your web pages include an Ajax request every five minutes to a special

servlet that monitors the age of the user's session. The client-side JavaScript that handles the

Ajax callback displays a message on the screen as the session ages. The Ajax call does NOT

pass any cookies, but it passes the session ID in a request parameter called sessionID. In

addition, assume that your webapp keeps a hashmap of session objects by the ID. Here is a

partial implementation of this servlet:

10. public class SessionAgeServlet extends HttpServlet {

11. public void service(HttpServletRequest request, HttpServletResponse) throws IOException {

12. String sessionID = request.getParameter("sessionID");

13. HttpSession session = getSession(sessionID);

14. long age = // your code here

15. response.getWriter().print(age);

16. }

... // more code here

47. }

Which code snippet on line 14, will determine the age of the session?


Options are :

  • session.getLastAccessed().getTime() - session.getCreationTime().getTime();
  • session.getLastAccessedTime().getTime() - session.getCreationTime().getTime();
  • session.getMaxInactiveInterval() - session.getCreationTime();
  • session.getMaxInactiveInterval();
  • session.getLastAccessed() - session.getCreationTime();
  • session.getLastAccessedTime() - session.getCreationTime();

Answer : session.getLastAccessedTime() - session.getCreationTime();

310-019 Sun Certified Associate.Java Platform Se Exam Set 4

You need to store a floating point number, called Tsquare, in the session scope. Which two code

snippets allow you to retrieve this value? (Choose two.)

A. float Tsquare = session.getFloatAttribute("Tsquare");

B. float Tsquare = (Float) session.getAttribute("Tsquare");

C. float Tsquare = (float) session.getNumericAttribute("Tsquare");

D. float Tsquare = ((Float) session.getAttribute.("Tsquare")).floatValue();

E. float Tsquare = ((Float) session.getFloatAttribute.("Tsquare")).floatValue;

F. float Tsquare = ((Float) session.getNumericAttribute.("Tsquare")).floatValue;


Options are :

  • D,E
  • A,D
  • B,D
  • C,D

Answer : B,D

Given:

3. public class MyTagHandler extends TagSupport {

4. public int doStartTag() {

5. // insert code here

6. // return an int

7. }

8. // more code here

...

18. }

There is a single attribute foo in the session scope.

Which three code fragments, inserted independently at line 5, return the value of the attribute?

(Choose three.)

A. Object o = pageContext.getAttribute("foo");

B. Object o = pageContext.findAttribute("foo");

C. Object o = pageContext.getAttribute("foo",

PageContext.SESSION_SCOPE);

D. HttpSession s = pageContext.getSession();

Object o = s.getAttribute("foo");

E. HttpServletRequest r = pageContext.getRequest();

Object o = r.getAttribute("foo");


Options are :

  • C,D,E
  • A,C,E
  • B,C,D
  • A,B,C

Answer : B,C,D

Which two about WAR files are true? (Choose two.)

A. WAR files must be located in the web application library directory.

B. WAR files must contain the web application deployment descriptor.

C. WAR files must be created by using archive tools designed specifically for that purpose.

D. The web container must serve the content of any META-INF directory located in a WAR file.

E. The web container must allow access to resources in JARs in the web application library

directory.


Options are :

  • D,E
  • C,E
  • B,E
  • A,E

Answer : B,E

310-019 Sun Certified Associate.Java Platform Se Exam Set 5

Which defines the welcome files in a web application deployment descriptor? 


Options are :

  • welcome.jsp index.html
  • /welcome.jsp /index.html
  • /welcome.jsp /index.html
  • Welcome welcome.jsp Index index.html
  • welcome.jsp index.html

Answer : welcome.jsp index.html

Which two security mechanisms can be directed through a sub-element of the <user-dataconstraint>

element in a web application deployment descriptor? (Choose two.)

A. authorization

B. data integrity

C. confidentiality

D. authentication


Options are :

  • B,C
  • B,D
  • A,C
  • A,B

Answer : B,C

You are designing an n-tier Java EE application. You have already decided that some of your

JSPs will need to get data from a Customer entity bean. You are trying to decide whether to use a

Customer stub object or a Transfer Object. Which two statements are true? (Choose two.)

A. The stub will increase network traffic.

B. The Transfer Object will decrease data staleness.

C. The stub will increase the logic necessary in the JSPs.

D. In both cases, the JSPs can use EL expressions to get data.

E. Only the Transfer Object will need to use a Business Delegate.

F. Using the stub approach allows you to design the application without using a Service Locator.


Options are :

  • A,D
  • A,C
  • A,E
  • A,B

Answer : A,D

310-019 Sun Certified Associate.Java Platform Se Exam Set 6

You have been contracted to create a web site for a free dating service. One feature is the ability

for one client to send a message to another client, which is displayed in the latter client's private

page. Your contract explicitly states that security is a high priority. Therefore, you need to prevent

cross-site hacking in which one user inserts JavaScript code that is then rendered and invoked

when another user views that content. Which two JSTL code snippets will prevent cross-site

hacking in the scenario above? (Choose two.)

A. <c:out>${message}</c:out>

B. <c:out value='${message}' />

C. <c:out value='${message}' escapeXml='true' />

D. <c:out eliminateXml='true'>${message}</c:out>

E. <c:out value='${message}' eliminateXml='true' />


Options are :

  • D,E
  • B,C
  • C,D
  • A,B

Answer : B,C

Which two are true concerning the objects available to developers creating tag files? (Choose

two.)

A. The session object must be declared explicitly.

B. The request and response objects are available implicitly.

C. The output stream is available through the implicit outStream object.

D. The servlet context is available through the implicit servletContext object.

E. The JspContext for the tag file is available through the implicit jspContext object.


Options are :

  • B,E
  • A,E
  • D,E
  • C,E

Answer : B,E

310-083 Sun Certified Web Component Developer for J2EE 5 Set 1

Which two statements are true about using the isUserInRole method to implement security in a

Java EE application? (Choose two.)

A. It can be invoked only from the doGet or doPost methods.

B. It can be used independently of the getRemoteUser method.

C. Can return "true" even when its argument is NOT defined as a valid role name in the

deployment descriptor.

D. Using the isUserInRole method overrides any declarative authentication related to the method

in which it is invoked.

E. Using the isUserInRole method overrides any declarative authorization related to the method in

which it is invoked.


Options are :

  • A,B
  • B,C
  • C,D
  • D,E

Answer : B,C

Your IT department is building a lightweight Front Controller servlet that invokes an application

logic object with the interface:

public interface ApplicationController {

public String invoke(HttpServletRequest request)

}

The return value of this method indicates a symbolic name of the next view. From this name, the

Front Controller servlet looks up the JSP URL in a configuration table. This URL might be an

absolute path or a path relative to the current request. Next, the Front Controller servlet must send

the request to this JSP to generate the view. Assume that the servlet variable request is assigned

the current HttpServletRequest object and the variable context is assigned the webapp's

ServletContext.

Which code snippet of the Front Controller servlet accomplishes this goal?


Options are :

  • RequestDispatcher view = request.getRequestDispatcher(viewURL); view.forward(request, response);
  • Dispatcher view = request.getDispatcher(viewURL); view.forwardRequest(request, response);
  • RequestDispatcher view = context.getRequestDispatcher(viewURL); view.forward(request, response);
  • Dispatcher view = context.getDispatcher(viewURL); view.forwardRequest(request, response);

Answer : RequestDispatcher view = request.getRequestDispatcher(viewURL); view.forward(request, response);

Given:

6. <myTag:foo bar='42'>

7. <%="processing" %>

8. </myTag:foo>

and a custom tag handler for foo which extends TagSupport.

Which two are true about the tag handler referenced by foo? (Choose two.)

A. The doStartTag method is called once.

B. The doAfterBody method is NOT called.

C. The EVAL_PAGE constant is a valid return value for the doEndTag method.

D. The SKIP_PAGE constant is a valid return value for the doStartTag method.

E. The EVAL_BODY_BUFFERED constant is a valid return value for the doStartTag method.


Options are :

  • A,B
  • A,D
  • A,C
  • A,E

Answer : A,C

310-083 Sun Certified Web Component Developer for J2EE 5 Set 2

Given that a scoped attribute cart exists only in a user's session, which two, taken independently,

ensure the scoped attribute cart no longer exists? (Choose two.)

A. ${cart = null}

B. <c:remove var="cart" />

C. <c:remove var="${cart}" />

D. <c:remove var="cart" scope="session" />

E. <c:remove scope="session">cart</c:remove>

F. <c:remove var="${cart}" scope="session" />

G. <c:remove scope="session">${cart}</c:remove>


Options are :

  • A,D
  • C,D
  • B,D
  • D,E

Answer : B,D

Which two are valid and equivalent? (Choose two.)

A. <%! int i; %>

B. <%= int i; %>

C. <jsp:expr>int i;</jsp:expr>

D. <jsp:scriptlet>int i;</jsp:scriptlet>

E. <jsp:declaration>int i;</jsp:declaration>


Options are :

  • A,B
  • A,D
  • A,E
  • A,C

Answer : A,E

You have been contracted to create a web site for a free dating service. One feature is the ability

for one client to send a message to another client, which is displayed in the latter client's private

page. Your contract explicitly states that security is a high priority. Therefore, you need to prevent

cross-site hacking in which one user inserts JavaScript code that is then rendered and invoked

when another user views that content. Which two JSTL code snippets will prevent cross-site

hacking in the scenario above? (Choose two.)

A. <c:out>${message}</c:out>

B. <c:out value='${message}' />

C. <c:out value='${message}' escapeXml='true' />

D. <c:out eliminateXml='true'>${message}</c:out>

E. <c:out value='${message}' eliminateXml='true' />


Options are :

  • D,E
  • A,C
  • B,C
  • C,D

Answer : B,C

310-083 Sun Certified Web Component Developer for J2EE 5 Set 3

You are building a web application with a scheduling component. On the JSP, you need to show

the current date, the date of the previous week, and the date of the next week. To help you

present this information, you have created the following EL functions in the 'd' namespace:

name: curDate; signature: java.util.Date currentDate()

name: addWeek; signature: java.util.Date addWeek(java.util.Date, int)

name: dateString; signature: java.util.String getDateString(java.util.Date)

Which EL code snippet will generate the string for the previous week?


Options are :

  • ${d:dateString[d:addWeek[d:curDate[], -1]]}
  • ${d:dateString(d:addWeek(d:curDate(), -1))}
  • ${d:dateString(addWeek(curDate(), -1))}
  • ${d:dateString[addWeek[curDate[], -1]]}

Answer : ${d:dateString(d:addWeek(d:curDate(), -1))}

Given:

3. class MyServlet extends HttpServlet {

4. public void doPut(HttpServletRequest req,

HttpServletResponse resp)

throws ServletException, IOException {

5. // servlet code here

...

26. }

27. }

If the DD contains a single security constraint associated with MyServlet and its only <httpmethod>

tags and <auth-constraint> tags are:

<http-method>GET</http-method>

<http-method>PUT</http-method>

<auth-constraint>Admin</auth-constraint>

Which four requests would be allowed by the container? (Choose four.)

A. A user whose role is Admin can perform a PUT.

B. A user whose role is Admin can perform a GET.

C. A user whose role is Admin can perform a POST.

D. A user whose role is Member can perform a PUT.

E. A user whose role is Member can perform a POST.

F. A user whose role is Member can perform a GET.


Options are :

  • A,B,C,F
  • A,B,C,E
  • A,B,C,D
  • A,B,D,E

Answer : A,B,C,E

Given in a single JSP page:

<%@ taglib prefix='java' uri='myTags' %>

<%@ taglib prefix='JAVA' uri='moreTags' %>

Which two are true? (Choose two.)

A. The prefix 'java' is reserved.

B. The URI 'myTags' must be properly mapped to a TLD file by the web container.

C. A translation error occurs because the prefix is considered identical by the web container.

D. For the tag usage <java:tag1/>, the tag1 must be unique in the union of tag names in 'myTags'

and 'moreTags'.


Options are :

  • A,C
  • A,D
  • A,B
  • B,D

Answer : A,B

310-083 Sun Certified Web Component Developer for J2EE 5 Set 4

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions