GIAC GSSP-Java Certification Practice Questions & Answers

Question 6 of 275

Mark works as a Programmer for InfoTech Inc. He develops the following deployment descriptor code.
<web-app . . . .>
<display-name>A Secure Application</display-name><servlet>
...
<security-role-ref >
<role-name>Manager</role-name>
<role-link>Admin</role-link>
</security-role-ref>
</servlet>
<security-role>
<role-name>Programmer</role-name>
</security-role>
<security-role>
<role-name>Admin</role-name>
</security-role>
<security-role>
<role-name>Employee</role-name>
</security-role>
</web-app>
Which of the following is a valid isUserInRole() method call that can be made if request is the
HttpServletRequest request?

A.

request.isUserInRole("Programmer");

B.

request.isUserInRole("Manager");

C.

request.isUserInRole("Admin");

D.

request.isUserInRole("Employee");

Question 7 of 275

Which of the following methods of the EJBContext interface can be called by both the BMT and CMT beans?
Each correct answer represents a complete solution. Choose all that apply.

A.

getCallerPrincipal()

B.

getRollbackOnly()

C.

getUserTransaction()

D.

isCallerInRole()

Question 8 of 275

Mark works as a Programmer for InfoTech Inc. He develops a deployment descriptor code that contains three valid
<security-constraint> elements.
All of them constraining a Web resource Res1, the
<auth-constraint> sub-element of the <security-constraint> elements are as follows.
<auth-constraint>Admin</auth-constraint>
<auth-constraint>Manager</auth-constraint>
<auth-constraint/>
Which of the following can access the resource Res1?

A.

Only Manager can access the resource.

B.

No one can access the resource.

C.

Everyone can access the resource.

D.

Only Admin can access the resource.

Question 9 of 275

Which of the following statements correctly describe the features of the singleton pattern?
Each correct answer represents a complete solution. Choose all that apply.

A.

Singletons are used to control object creation by limiting the number to one but allowing the flexibility to create more objects if the situation changes.

B.

Singletons can only be stateless, providing utility functions that need no more information than their parameters.

C.

A singleton class may disappear if no object holds a reference to the Singleton object, and it will be reloaded later when the singleton is needed again.

D.

The behavior of a singleton can be obtained by static fields and methods such as java.lang.Math.sin(double).

Question 10 of 275

Which of the following deployment descriptor elements must contain the <transport-guarantee> element as its mandatory sub-element?

A.

<user-data-constraint>

B.

<web-resource-collection>

C.

<auth-constraint>

D.

<login-config>