Last Updated on February 20, 2022 by Admin 2
GSSP-Java : GIAC Secure Software Programmer-Java : Part 12
-
The java.util.logging package provides the classes and interfaces of the Java platform’s core logging facilities. Which of the following are the main target uses of logs?
Each correct answer represents a complete solution. Choose all that apply.
- Problem diagnosis by field service engineers
- Problem diagnosis by the development organization
- Problem diagnosis by end users and system administrators
- Problem diagnosis by developers
-
Which of the following statements about serialization are true?
Each correct answer represents a complete solution. Choose all that apply.
- Transient variables cannot be serialized.
- Externalizable is a marker interface and does not define any method.
- Serializable is a marker interface and does not define any method.
- Static variables cannot be serialized.
-
Which of the following elements contains the <filter> element in the deployment descriptor?
- <servlet>
- <filters>
- <web-app>
- <filter-mapping>
- <servlet-mapping>
-
Which of the following classes is an engine class designed to provide conversions between opaque cryptographic keys and allows you to build an opaque key object from a given key specification?
- KeyPair
- KeyFactory
- CertificateFactory
- KeyPairGenerator
-
Which of the following methods are used in the verification of a signature?
Each correct answer represents a complete solution. Choose all that apply.
- initVerify
- update
- verify
- initSign
-
Which of the following statements about exceptions in message-driven beans are true?
Each correct answer represents a complete solution. Choose two.
- Message-driven beans must not throw any application exception.
- The message-listener interface of a message-driven bean cannot generate system exceptions.
- The message-listener interface of a message-driven bean can throw the java.rmi.RemoteException.
- The isCallerInRole() method called on a message-driven bean will throw an exception.
- Message-driven beans must not throw any checked exception.
-
Which of the following, in JDBC 2.0, are the sub interfaces of the Statement interface?
Each correct answer represents a complete solution. Choose two.
- ParsedStatement
- CompiledStatement
- PreparedStatement
- CallableStatemen
-
Which of the following circumstances can prevent the execution of code in a finally block?
Each correct answer represents a complete solution. Choose two.
- An exception arising in the try block that precedes the finally block.
- An exception arising in the finally block itself.
- No exception condition arising in the try block that precedes the finally block.
- The use of the System.exit(0); statement in the finally block.
-
Which of the following are correct if LoginContext enforces the requisite flag to each LoginModule in the configuration file?
Each correct answer represents a complete solution. Choose all that apply.
- If LoginModule succeeds, authentication continues down the LoginModule list.
- If LoginModule succeeds or fails, authentication still continues to proceed down the LoginModule list.
- The LoginModule is required to succeed.
- If LoginModule fails, control immediately returns to the application (authentication does not proceed down the LoginModule list).
-
Mark works as a Programmer for InfoTech Inc. He develops a code snippet for a class named
servletClassA that extends the HttpServlet class. Which of the following HttpServlet class methods are not required to be overridden by the servletClassA?
Each correct answer represents a complete solution. Choose all that apply.
- doDelete()
- doPost()
- doGet()
- doOptions()
- service()
-
Mark works as a Programmer for InfoTech Inc. He creates a method named roomBooking() and this method throws IndexOutOfBoundsException. Which of the following roles will automatically handle the exception?
- Bean Provider
- Application Assembler
- Bean Deployer
- Container
-
What will happen when you try to compile and execute the following code?
class strconcat {public static void main(String args[])
{String str =” Correct answers”;String perc =”a”+”b”;System.out.println(80+ ‘%’ + str);}}
Note. The ASCII value of % is 37.- It will compile and execute successfully and will print 80 Correct answers as the output.
- It will compile and execute successfully and will print 117 Correct answers as the output.
- It will compile and execute successfully and will print 80% Correct answers as the output.
- It will fail to compile because % cannot be concatenated to a string.
-
Wilbert works as a Software Developer for Wintos Inc. He writes the following code.
1. public class tcf
2. {
3. public static void main(String[] args)
4. {
5. try
6. {
7. int x = 5 / 0;
8. System.exit(0);
9. }
10. catch(ArithmeticException e)
11. {
12. System.out.println(“Within catch”);
13. }
14. finally
15. {
16. System.out.println(“Within finally”);
17. }
18. }
19. }
What will happen when he tries to compile and execute the code?- It will compile and print Within catch as the output.
- It will compile and execute successfully but will not print anything.
- It will compile and print Within catch and Within finally as the output.
- It will compile and print Within finally as the output.
-
Which of the following methods specifies which LoginModules should be used for a particular application, and in what order the LoginModules should be invoked?
- getLogger
- getConfiguration
- getResourceBundle
- getAppConfigurationEntry
-
Peter works as a Programmer in Magi Net Inc. He writes the following code.
1. class Ques0190{
2. public static void main(String[] argv){
3. byte a = 100;
4. switch(a){
5. case 10.
6. System.out.println(“ten”);
7. case 100.
8. System.out.println(“hundred”);
9. case 1000.
10. System.out.println(“thousand”);
11. }
12. }
13. }
What will happen when Peter attempts to compile and execute the code?- The code will compile and execute displaying hundred.
- The code will not compile because 1000 is not assignment compatible with a byte data type.
- The code will not compile because the argument to the switch cannot be a primitive type byte value.
- The code will compile and execute displaying hundred followed by thousand.
-
You work as a Software Developer for TechnoZen Inc. You create an application using Java. You define a method, named myMethod. You also define a class, named myClass, within myMethod.
Which of the following rules governs the access to the variables of the enclosing method?
- myClass can access only final variables.
- myClass can access only static variables.
- myClass can access only transient variables.
- myClass can access any variable.
-
Which of the following methods of the HttpSession interface can be called upon an invalidated session without throwing the IllegalStateException?
- getAttribute()
- getServletContext()
- getAttributesNames()
- invalidate()
- getLastAccessedTime()
-
Which of the following methods are used to customize object serialization so that the objects will be able to apply default serialization?
Each correct answer represents a complete solution. Choose two.
- readObject()
- setDefault()
- writeObject()
- getDefault()
-
Which of the following statements about the <web-resource-collection> element are true?
Each correct answer represents a complete solution. Choose all that apply.
- It can have at the most one <url-pattern> sub-element.
- It has <web-resource-name> as one of its sub-elements.
- If there is no <http-method> sub-element, no HTTP method will be constrained.
- It is a sub-element of the <security-constraint> element.
-
Which of the following statements about the form-based authentication are true?
Each correct answer represents a complete solution. Choose two.
- It provides a weaker security check than the HTTP Digest and HTTPS Client authentications.
- It requires a hidden field that supplies the login-constraint used by the application.
- It requires that the action of the login form must be j_security_check.
- It transmits username and password over the network in the form of Base64 encoding.