JavaBeat Certifications Certifications Kits Articles Interview Questions OCAJP 7 OCPJP 5 OCPJP 6 OCEJWCD 6 SCBCD 5.0 SCEA SCJA

SCEA Mock Exams - 5

101   What do Isolatable and Durable mean with reference to ACID?

 

A     Isolatable means only 1 transaction can execute at a time.

B     Isolatable means the transaction is the same as other transactions in structure.

C     Isolatable means a transaction must execute without the interference from other processes or transactions.

D     Isolatable means the transaction was started and finished in the same VM.

E     Durable means the transaction is the same as other transactions in structure.

F     Durable means the integrity of the underlying data source is maintained.

G     Durable means data must be written to the data source before the transaction is complete.

H     Durable means the transaction was started and finished in the same VM.

 

Choices C and G are correct.ACID stands for Atomic, Consistent, Isolatable and Durable. All transactions must adhere to this. Isolatable means a transaction must execute without the interference from other processes or transactions. And Durable means data must be written to the data source before the transaction is complete.

 

 

 

102   You are writing an application that will allow people to communicate directly with each other. The application will consist of a frame with two panels, they will type their messages in the top panel and read messages in the bottom panel. What is the best way to implement this application, as an Applet or a standard Java application?

 

A     As an Applet.

B     As a standard Java application.

 

Choice B is correct.

 

The reason for choosing the standard Java application over an Applet is all due to security restrictions. In the question is says that the users will need to communicate directly with each other, not back to the server from which the applet was downloaded. This wouldn't be allowed under standard Applet security permissions and although the security settings can be fully customized to allow applets to connect to different machine that is not what applets were designed for. Another key point to the question is that there is no requirement that this communication tool be made available over the web. So creating this as a standard Java application is the most appropriate choice.

 

 

 

 

103   What is true about CMT (Container Managed Transactions)?

 

A     Works for both Entity and Session beans.

B     It is more flexible than BMT. Can handle transactions at a much finer granularities than BMT.

C     It is less flexible than BMT. Cannot handle transactions at a finer granularity than BMT.

D     Does not work for both Entity and Session beans.

 

 

Choices A and C are correct.

 

Entity Beans can only use Container Managed Transactions (CMT) but Session Beans can use either CMT or Bean Managed Transactions (BMT). So choice D is the other way around. CMT is less flexible than BMT and cannot handle transactions at the same level of granularity as BMT, so choice B is incorrect as well.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction3.htmlIn an enterprise bean with container-managed transactions, the EJB container sets the boundaries of the transactions. You can use container-managed transactions with any type of enterprise bean: session, entity, or message-driven. Container-managed transactions simplify development because the enterprise bean code does not explicitly mark the transaction's boundaries. The code does not include statements that begin and end the transaction.http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.htmlIn a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions instead. Although beans with container-managed transactions require less coding, they have one limitation: When a method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will make coding your bean difficult, you should consider using bean-managed transactions.

 

 

 

104   You are developing an online shopping store for an art gallery. The company aims to bring fine art to the masses and expects a huge volume of traffic through the site. The site allows customers to pay for goods and arrange delivery methods using credit cards. You have read through the requirements and have a rough design in your head. Which of the following is the most appropriate rough design for this site?

 

A     Have an Entity Bean to represent the customer. Use a Servlet to manage the users session and use BMT to manage the transactions.

B     Have an Entity Bean to represent the customer. Use a Stateful Session Bean to manage the users session and use BMT to manage the transactions.

C     Have an Entity Bean to represent the customer. Use a Servlet to manage the users session and use CMT to manage the transactions.

D     Have an Entity Bean to represent the customer. Use a Stateful Session Bean to manage the users session and use CMT to manage the transactions.

 

Choice C is correct.

 

The key to this question is the choice of Transactions Bean Managed Transactions or Container Managed Transactions. There is no need to control transactions at a fine level of granularity and Entity Beans cannot take part in BMT. Hence CMT may be a better choice. The Servlet is a more appropriate choice for handling the users session however you would still need another Stateful Session Bean for the business logic of the application.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction3.htmlIn an enterprise bean with container-managed transactions, the EJB container sets the boundaries of the transactions. You can use container-managed transactions with any type of enterprise bean: session, entity, or message-driven. Container-managed transactions simplify development because the enterprise bean code does not explicitly mark the transaction's boundaries. The code does not include statements that begin and end the transaction.http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.htmlIn a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions instead. Although beans with container-managed transactions require less coding, they have one limitation: When a method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will make coding your bean difficult, you should consider using bean-managed transactions.

 

 

 

 

 

105   When would you use the DAO pattern in regards to a Stateful Session Bean?

 

DAO = Date Access Object CMP = Container Managed Persistence BMP = Bean Managed Persistence

 

A     When using CMP to reduce dependence on underlying data store.

B     When using BMP to reduce dependence on underlying data store.

C     When using BMP to increase performance.

D     When using CMP to increase performance.

E     You wouldn't use a DAO with Stateful Session Beans.

F     When writing to a temporary store when ejbPassivate() is called

 

Choice E is correct.

 

You would normally use a DAO with BMP Entity Beans or Stateless Session Beans. Entity Beans permanently persist data and can survive server crashes. Choices C and D are incorrect because you would never use a DAO with CMP irrespective of the type of bean you were dealing with. The Data Access Object does not improve the performance of your application.When you use Bean Managed Persistence you are writing all the SQL needed to persist the bean yourself. This means that you are using database specific SQL and the same SQL might not work with a different database vendor. For simple operations like Catalog Retrieval, a Stateless Session Bean is often employed with DAO as well.The flow for such operations often looks like:JSPāController (Request Processor / Request Dispatcher)āService LocatorāSession BeanāDAOāDatabaseWith both BMP Entity Beans and Stateless Session Beans, the Data Access Object pattern (DAO) is used to reduce the dependency between Enterprise Beans and the underlying database. This means that the data object manages the connection to the data source and if the data source changes you only need update this one object, the change doesn't affect the rest of your application.With Stateful Session Beans, the data is never permanently stored in a database. Therefore they cannot survive a server crash. Stateful Session Beans, as the name suggests, are used for maintaining conversational state with clients. They are generally more expensive in terms of resources (they are not pooled) and are therefore not normally used for simple database operations such as catalog retrieval.

 

 

 

 

 

106   What is the most important item in this list that should be considered when designing an application?

 

A     Scalability

B     Maintainability

C     Reliability

D     Meeting the needs of the customer

E     Performance

F     Ensuring the application is produced on time and within budget

G     Secure

H     That the application is technically the best possible solution

I     Availability

J     Extensibility

 

 

Choice D is correct.

 

The most important consideration when designing an application is that it meets the needs of the customer. Ensuring the application is produced on time and within budget is something that should be done but it is not the number one concern. The application does not have to be the best possible solution under the circumstances. As long as it meets the customer''s needs, it is considered adequate. Performance - A measure of the system in terms of response time or number of transactions per unit time. Load Distribution (e.g. DNS Round Robin) and Load Balancing are two techniques that aid in higher performance. Other development and deployment related tasks such as Application Tuning, Server Tuning, and Database Tuning also help the system perform better.Scalability - The ability of a system to perform and behave in a satisfactory manner with increases in load.Reliability - The ability of a system to assure the integrity and consistency of the application and all its data as the load increases.Availability - The ability of a system to assure that all services and resources are always accessible. This can be achieved through fault tolerance (the ability to prevent system failures in the event of service(s) / component(s) failures, commonly implemented via redundancy) techniques such as Active and Passive Replication.Extensibility - The ability to easily add new functionality to the existing system. This can be achieved by using best practices and well-defined architecture and design techniques.Maintainability - Ability to easily correct flaws in the existing system.Security - The ability to protect a system and all its components and services against potential attacks. Security attacks generally try to compromise confidentiality and integrity of the system. Sometimes they also take the form of 'Denial of Service' (DoS) attacks that bring down a system by flooding it with messages. Security can be addressed by the use of technologies (firewalls, DMZ, data encryption, Digital Certificates and so on) and methodologies (good security policies and procedures.)Manageability - The ability to monitor and perform preventive maintenance on a system.

 

 

 

 

 

107   Which list shows the correct order of Enterprise Beans in terms of resources?Note: Heaviest to lightest.

 

A     Stateful Session Bean, Stateless Session Bean, Entity Bean

B     Entity Bean, Stateful Session Bean, Stateless Session Bean

C     Stateful Session Bean, Entity Bean, Stateless Session Bean

D     Entity Bean, Stateless Session Bean, Stateful Session Bean

E     Stateless Session Bean, Stateful Session Bean, Entity Bean

F     Stateless Session Bean, Entity Bean, Stateful Session Bean

 

 

Choice B is correct.

 

An Entity Bean is the heaviest bean in terms of resources usage. The state of an Entity Bean is permanently persisted in a database. Making a connection to the database is expensive in terms of CPU time so this bean has to be the most expensive. Stateful Session Beans maintain their state by the Container writing the beans state to a temporary store such as a file. Stateless Session Beans are least expensive because they have no state to persist, even temporarily.

 

 

 

 

108   You need to maintain a user's session for a web application. Which protocol do you use? Note: There is no secure data in this application.

 

A     IIOP

B     HTTPS

C     SHTTP

D     HTTP

E     JRMP

 

 

Choice D is correct.

 

This is a trick question. At first you would think that the best possible choice would be to use HTTPS. However all the question is actually asking is how to maintain a user's session. This can be done through URL re-writing, cookies or letting the web server handle the session. Most modern web servers can track clients and maintain sessions for them. There is also no need for the security that HTTPS would give you and as encrypting each users session would be expensive in terms of CPU time choice B cannot be correct. JRMP and IIOP are Stateful protocols but are not suitable for web applications.

 

 

 

 

 

 

 

 

109   You are designing an application to be used to edit photographs. The aim of the application is to provide effects such as converting a color picture to black and white, enlarging certain areas of the print, creating a watercolor effect etc. At the moment the application is structured so that the photographic image is represented by one object, other objects represent each effect and a control object is used to co-ordinate with these objects. When the user selects the color to black and white effect it changes the state of the Color object to Black and White. This then needs to co-ordinate with the control object and apply the effect. Basically as the state of the effects objects changes it need to co-ordinate with the photographic image object.Which design pattern do you use?

 

A     Chain of Responsibility.

B     Notifier

C     Observer

D     Mediator

E     Command

F     State

 

Choice D is correct.

 

The key to this question is that this application uses a Control object to co-ordinate state changes between objects. The Mediator pattern allows you to co-ordinate state changes between other objects by using one object. There is no design pattern called the Notifier in the Gang of Four book or in the J2EE blueprint patterns catalog. Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction independently."The other patterns were:Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request. Chain the receiving objects and pass the request along the chain until an object handles it."Command - (GOF 233):"Encapsulate a request as an object, thereby letting you parameterize clients with different requests, queue or log requests, and support undoable operations"State - (GOF 305):"Allow an object to alter its behaviour when its internal state changes. The object will appear to change its class."Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them interchangeable. Strategy lets the algorithm vary independently from clients that use it."

 

 

110   You are designing an application that will need to use SSL to transmit data securely from one application to another. You know that you can easily get hold of existing implementations of SSL to use in your application but you'd like to learn more about SSL and have decided to implement your own version. You know that as part of the SSL handshake the client and server must agree a method of encryption. The problem is you don't know which method of encryption that will be. Which design pattern will help with this? Note: This is not a web-based application.

 

A     Decorator

B     Interpreter

C     Strategy

D     Composite

E     Template Method

 

Choice C is correct.

 

There are really only two possible answers for this question, the Strategy pattern and the Template Method pattern. The Strategy pattern is the better choice because the algorithms are encapsulated so that they can be used interchangeably. So you can add RSA, DES, etc. and then during the handshake the server can select the appropriate encryption object.Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them interchangeable. Strategy lets the algorithm vary independently from clients that use it."The other patterns were:Interpreter - (GOF 243):"Given a language, define a representation for its grammar along with an interpreter that uses the representation to interpret sentences in the language."Decorator - (GOF 175):"Attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassing for extending functionality."Composite - (GOF 163):"Compose objects into tree structures to represent part-whole hierarchies. Composite lets clients treat individual objects and compositions of objects uniformly."Template Method - (GOF 325):"Define the skeleton of an algorithm in an operation, deferring some steps to subclasses. Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure."

 

 

 

111   You are a Computer Science lecturer at a top University. You are giving a presentation of a new piece of software you have written. Basically you have written the next generation spell checker, the reason yours is so good is that it can learn the common typing mistakes of an individual user. You have already sold licenses to many major software vendors and plan to retire in the Sun. However before you go they all require slight changes in the logic to suit their individual needs. What design pattern will help you slightly change the logic in a class to be used in many applications?

 

A     Strategy

B     Adapter

C     Mediator

D     Interpreter

E     Template Method

 

Choice E is correct.

 

Template Method - (GOF 325):"Define the skeleton of an algorithm in an operation, deferring some steps to subclasses. Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure."The other design patterns:Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them interchangeable. Strategy lets the algorithm vary independently from clients that use it."Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction independently."Interpreter - (GOF 243):"Given a language, define a representation for its grammar along with an interpreter that uses the representation to interpret sentences in the language."

 

 

 

112   When would you use the Visitor pattern?

 

A     You need two unconnected objects to be able to send messages to each other.

B     You need two connected objects to be able to send messages to each other.

C     You need to create a new operation on an object and you will change the classes of elements on which it operates.

D     You need to create a new operation on an object without changing the classes of elements on which it operates.

 

 

Choice D is correct.

 

To solve the problem described in choice A, you would use the Adapter pattern. There is no problem described in choice B as the objects are already connected and would be able to send messages to each other. In the Visitor pattern you don't change the classes of elements on which it operates.Visitor - (GOF 331):"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates."

 

 

 

 

113   You have been reading the Gang of Four pattern book again and you suddenly notice a similarity between a design pattern and publish-subscribe messaging. What design pattern is similar to publish-subscribe messaging?

 

A     Publisher pattern.

B     Flyweight pattern.

C     Observer pattern.

D     Chain of Responsibility pattern.

E     Subscribe pattern.

F     Visitor pattern.

G     Proxy pattern.

 

Choice C is correct.

 

The observer pattern is similar to publish-subscribe messaging. There are no patterns called Publisher or Subscribe in the Gang of Four pattern book.Observer - (GOF 293):"Define a one-to-many dependency between objects so that when one object changes state, all its dependents are notifies and updated automatically."The other patterns were:Visitor - (GOF 331):"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates."Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request. Chain the receiving objects and pass the request along the chain until an object handles it."Flyweight - (GOF 195):"Use sharing to support large numbers of fine-grained objects efficiently."Proxy - (GOF 207): "Provide a surrogate or placeholder for another object to control access to it."Publish Subscribe Messaging: Generally Pub/Sub is used when a one to many broadcast of messages is required. 'Producers' sends messages to many clients via virtual channels called 'Topics.'  'Consumers' receive messages by subscribing to topics. Consumers receive a copy of all messages in the topic they have subscribed to. The Publish Subscribe Architecture is generally a push-based model. Consumers may optionally establish 'durable' subscriptions that allow them to collect messages after periods of inactivity.

 

 

 

 

 

114   Which statements describe Publish-Subscribe Messaging and which describe Point To Point Messaging?

 

A     Publish-Subscribe Messaging is a message queue system.

B     Publish-Subscribe Messaging = One sender and one receiver.

C     Point To Point Messaging = N senders and one receiver.

D     Publish-Subscribe Messaging = 1 sender and n receivers.

E     Point To Point Messaging is a message queue system.

F     Point To Point Messaging = One sender and one receiver.

 

 

Choices D and F are correct.

 

Publish/Subscribe is like someone publishing one message on a bulletin board and that message being read by/emailed to many subscribers. (One - many). Point to point messaging is a one-to-one relationship e.g. a message from one application to another. (From one point to one other point)For more detailed explanations:Publish Subscribe Messaging: Generally Pub/Sub is used when a one to many broadcast of messages is required. 'Producers' sends messages to many clients via virtual channels called 'Topics.' 'Consumers' receive messages by subscribing to topics. Consumers receive a copy of all messages in the topic they have subscribed to. The Publish Subscribe Architecture is generally a push-based model. Consumers may optionally establish 'durable' subscriptions that allow them to collect messages after periods of inactivity.Point-to-Point Messaging: Point-to-point: The point to point messaging model allows both 'send and receive' and 'send and forget' messages, via virtual channels called 'queues.' The p2p model typically uses a 'pull' or 'polling' model. In this model, clients generally request messages from queues.

 

 

 

 

 

115   As part of an application you are developing you need to move the state of an object but not its behavior. What should you use?

 

A     HTTPS

B     CORBA

C     RMI

D     JRMP

E     IIOP

 

Choice B is correct.

 

CORBA only moves the state of an object but RMI moves the objects behavior as well. Choice A is not appropriate as it is a stateful protocol and is not a framework for moving objects. Choices D and E are incorrect as they are both names of protocols used by RMI and CORBA respectively. These are both protocols, not frameworks for moving objects.

 

 

 

 

116   Which of the following is an accurate description of what the java.text package used for with regards to Internationalization?

 

A     Contains dictionaries of foreign languages.

B     Contains classes used to read text in foreign languages.

C     Contains classes that support locale-specific manipulation of text.

D     Contains classes used to convert text into languages that use special symbols.

 

Choice C is correct.

 

The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/text/package-summary.htmlProvides classes and interfaces for handling text, dates, numbers, and messages in a manner independent of natural languages. This means your main application or applet can be written to be language-independent, and it can rely upon separate, dynamically linked localized resources. This allows the flexibility of adding localizations for new localizations at any time.

 

 

 

 

117   Which of the following statements about the Properties class are true?

 

A     Is used to get access to local system resources such as files etc

B     To store information about the program, like an external configuration file.

C     It should only be used to store Strings.

D     It should be used to store all types of objects.

 

Choice C is correct.

 

Although choice D is technically correct this kind of use is strongly discouraged (see below for an explanation). The Properties class stores no information about the Program and gives you no access to local system resources so choices A and B are incorrect.The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/util/Properties.htmlThe Properties class represents a persistent set of properties. The Properties can be saved to a stream or loaded from a stream. Each key and its corresponding value in the property list is a string. A property list can contain another property list as its "defaults"; this second property list is searched if the property key is not found in the original property list. Because Properties inherits from Hashtable, the put and putAll methods can be applied to a Properties object. Their use is strongly discouraged as they allow the caller to insert entries whose keys or values are not Strings. The setProperty method should be used instead. If the store or save method is called on a "compromised" Properties object that contains a non-String key or value, the call will fail.

 

 

 

 

 

 

118   You've designed an application that allows customers to buy chapters of e-books. Due to the success of the project this will be launched as a worldwide application. You need to be able to get access to the users environment to tell what language your application should display the text in. What class will help you do this?

 

A     Localization class

B     Properties class

C     Locale class

D     National class

E     International class

F     Environment class

G     Runtime class

 

Choice C is correct.

 

There are no classes called Localization, National, International and Environment as part of the Java Development Kit. The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/util/Locale.htmlA Locale object represents a specific geographical, political, or cultural region. An operation that requires a Locale to perform its task is called locale-sensitive and uses the Locale to tailor information for the user. For example, displaying a number is a locale-sensitive operation--the number should be formatted according to the customs/conventions of the user's native country, region, or culture.The Properties class represents a persistent set of properties. The Properties can be saved to a stream or loaded from a stream. Each key and its corresponding value in the property list is a string.Every Java application has a single instance of class Runtime that allows the application to interface with the environment in which the application is running. The current runtime can be obtained from the getRuntime method.

 

 

 

 

 

119   What is true about the following diagram?

 

A     Class1 has a public attribute called AnAttribute

B     Class1 has a private attribute called AnAttribute

C     Class2 has a public attribute called AnAttribute

D     Class2 has a private attribute called AnAttribute

 

Choice D is correct.

 

The diagram shown here is a class diagram. Attributes are shown above methods. The symbols used to describe visibility in UML are:+ public, # protected, - privateFor more information about UML please go to:http://www.uml.org/

 

 

 

 

120   You have been developing a 3-Tier web application to sell imported cars at huge discounts to customers. You have many types of customers, ranging from individuals to corporate customers. You have Entity Beans to represent the Cars and Stateful Session Beans for the business logic involved in pricing and selling a car. In the Session Bean there are methods that apply discounts depending on who the customer is. You only want the client to be able to execute these methods for corporate customers. Is it possible to specify which methods can and can't be executed on a Session Bean or will this kind of security need to be coded by the developer?

 

A     Yes this is possible.

B     No this will need to be coded by the Developer.

C     It is not possible to do this even by writing you own code.

 

Choice A is correct.

 

It is possible to specify who is allowed to access to business methods. Firstly you define security roles e.g.

<security-role>

      <description>A corporate customer</description>

      <role-name>Corporate</role-name>

</security-role>

 

Then you can grant method permissions, e.g.

<method-permission>

      <role-name> Corporate</role-name>

      <method>

            <ejb-name>CarSale</ejb-name>

            <method-name>ApplyDiscount</method-name>

      </method>

</method-permission>

 

 

 

 

121   What type of diagram is this diagram?

 

A     Deployment

B     Collaboration

C     Component

D     Activity

 

Choice C is correct.

 

The diagram shown here is a Component diagram. To see examples of other diagrams please visit:http://www.uml.org/

 

 

 

122   You work colleague is always boasting about how fast his PC is. So as a lighthearted joke you decide to write an applet to slow his PC down. Basically you are going to write an applet that tries to work out the square roots of huge numbers. In order to use up his resources, your applet will spawn a new thread every twenty to thirty seconds. Will this work or would the Java security manager stop it.

 

A     It will work.

B     The security manager kill the Applet as soon as it tries to use more resources than are specified in the security.policy file.

C     The Applet will only use up the memory it's initially allocated and therefore won't use up any more resources than that.

 

Choice A is correct.

 

Although Applets have very tight restrictions and execute within a sandbox they can actually use as many system resources as the operating system allows them. There is no reference to the amount of memory an Applet can use in the security.policy file so choice B is incorrect. Choice C is almost right but not the most appropriate choice. The operating system will allocate memory initially for the JVM to run in but it is possible for this to be extended once the JVM is running but this is entirely dependent on the operating system.

 

 

 

 

 

123   You have been given a JAR file that has been signed by a 3rd Party Vendor. A Trusted Certificate Authority (CA) has signed the 3rd Party Vendors certificate. Is it possible to add any more classes to this JAR file?True/False?

 

A     Yes

B     No

 

Choice A is correct.

 

When you sign a JAR file you are not signing the JAR file itself but individual files it contains. This means you can use a tool like WinZip to add new files (classes, images etc) to the existing JAR file without necessarily invalidating the signature. Note: The files that have been added won't be signed.

 

________________________________

Done upto here on 22.2.03

 

124   You are working on a new application that will help your company co-ordinate sales data across different departments. The aim is that everyone has the same sales data at the same time. This project needs to be finished as soon as possible. You have therefore bought some third party code to speed up the development process. The code has been signed and is packaged in a jar file. To test the signature the vendor of the software has emailed you the public key. What do you know about it?

 

A     The code is fully tested and performs the task it was designed for.

B     The jar file contains no malicious code.

C     The code could not have been modified after it was signed.

D     If the public key doesn't validate the signature then you know all the code is malicious.

E     The code could not have been modified after it was signed.

F     If the public key validates the signature then you know all the code is safe.

G     None of the above.

 

Choice G is correct.

 

There are two key elements to this question. Firstly this is a question about digital signatures, not digital certificates and secondly you were emailed the public key to validate the signature. You haven't been passed the public key in a secure fashion so how do you know that someone hasn't altered the code signed it and then intercepted the key that you were going to use to validate the signature. Digital certificates solve this problem and validate that a public key belongs to its real owner.Just because the code is signed it doesn't mean that it is fully tested and does what it is supposed to do. Choices B, C, D, E and F are incorrect because you don't know if you have the real public key to validate the signature.

 

 

 

 

125   You should use EJBs even if there is NO data to persist in your application but there are transactions.True/False?

 

A     TRUE

B     FALSE

 

Choice A is correct.

 

It is recommended that you use Enterprise Javabeans if Transactions are involved in the application. See below for more details.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/EJBConcepts2.htmlThe application must be scalable. To accommodate a growing number of users, you may need to distribute an application's components across multiple machines. Not only can the enterprise beans of an application run on different machines, but their location will remain transparent to the clients. Transactions are required to ensure data integrity. Enterprise beans support transactions, the mechanisms that manage the concurrent access of shared objects. The application will have a variety of clients. With just a few lines of code, remote clients can easily locate enterprise beans. These clients can be thin, various, and numerous.


javabeat | advertise | about us | contact | useful resources
Copyright (2004 - 2013), JavaBeat