Last Updated on February 20, 2022 by Admin 2

GSSP-Java : GIAC Secure Software Programmer-Java : Part 12

  1. The java.util.logging package provides the classes and interfaces of the Java platform’s core logging facilities. Which of the following are the main target uses of logs?

    Each correct answer represents a complete solution. Choose all that apply.

    • Problem diagnosis by field service engineers
    • Problem diagnosis by the development organization
    • Problem diagnosis by end users and system administrators
    • Problem diagnosis by developers
  2. Which of the following statements about serialization are true?

    Each correct answer represents a complete solution. Choose all that apply.

    • Transient variables cannot be serialized.
    • Externalizable is a marker interface and does not define any method.
    • Serializable is a marker interface and does not define any method.
    • Static variables cannot be serialized.
  3. Which of the following elements contains the <filter> element in the deployment descriptor?

    • <servlet>
    • <filters>
    • <web-app>
    • <filter-mapping>
    • <servlet-mapping>
  4. Which of the following classes is an engine class designed to provide conversions between opaque cryptographic keys and allows you to build an opaque key object from a given key specification?

    • KeyPair
    • KeyFactory
    • CertificateFactory
    • KeyPairGenerator
  5. Which of the following methods are used in the verification of a signature?

    Each correct answer represents a complete solution. Choose all that apply.

    • initVerify
    • update
    • verify
    • initSign
  6. Which of the following statements about exceptions in message-driven beans are true?

    Each correct answer represents a complete solution. Choose two.

    • Message-driven beans must not throw any application exception.
    • The message-listener interface of a message-driven bean cannot generate system exceptions.
    • The message-listener interface of a message-driven bean can throw the java.rmi.RemoteException.
    • The isCallerInRole() method called on a message-driven bean will throw an exception.
    • Message-driven beans must not throw any checked exception.
  7. Which of the following, in JDBC 2.0, are the sub interfaces of the Statement interface?

    Each correct answer represents a complete solution. Choose two.

    • ParsedStatement
    • CompiledStatement
    • PreparedStatement
    • CallableStatemen
  8. Which of the following circumstances can prevent the execution of code in a finally block?

    Each correct answer represents a complete solution. Choose two.

    • An exception arising in the try block that precedes the finally block.
    • An exception arising in the finally block itself.
    • No exception condition arising in the try block that precedes the finally block.
    • The use of the System.exit(0); statement in the finally block.
  9. Which of the following are correct if LoginContext enforces the requisite flag to each LoginModule in the configuration file?

    Each correct answer represents a complete solution. Choose all that apply.

    • If LoginModule succeeds, authentication continues down the LoginModule list.
    • If LoginModule succeeds or fails, authentication still continues to proceed down the LoginModule list.
    • The LoginModule is required to succeed.
    • If LoginModule fails, control immediately returns to the application (authentication does not proceed down the LoginModule list).
  10. Mark works as a Programmer for InfoTech Inc. He develops a code snippet for a class named

    servletClassA that extends the HttpServlet class. Which of the following HttpServlet class methods are not required to be overridden by the servletClassA?

    Each correct answer represents a complete solution. Choose all that apply.

    • doDelete()
    • doPost()
    • doGet()
    • doOptions()
    • service()
  11. Mark works as a Programmer for InfoTech Inc. He creates a method named roomBooking() and this method throws IndexOutOfBoundsException. Which of the following roles will automatically handle the exception?

    • Bean Provider
    • Application Assembler
    • Bean Deployer
    • Container
  12. What will happen when you try to compile and execute the following code?

    class strconcat {public static void main(String args[])
    {String str =” Correct answers”;String perc =”a”+”b”;System.out.println(80+ ‘%’ + str);}}
    Note. The ASCII value of % is 37.

    • It will compile and execute successfully and will print 80 Correct answers as the output.
    • It will compile and execute successfully and will print 117 Correct answers as the output.
    • It will compile and execute successfully and will print 80% Correct answers as the output.
    • It will fail to compile because % cannot be concatenated to a string.
  13. Wilbert works as a Software Developer for Wintos Inc. He writes the following code.

    1. public class tcf
    2. {
    3. public static void main(String[] args)
    4. {
    5. try
    6. {
    7. int x = 5 / 0;
    8. System.exit(0);
    9. }
    10. catch(ArithmeticException e)
    11. {
    12. System.out.println(“Within catch”);
    13. }
    14. finally
    15. {
    16. System.out.println(“Within finally”);
    17. }
    18. }
    19. }
    What will happen when he tries to compile and execute the code?

    • It will compile and print Within catch as the output.
    • It will compile and execute successfully but will not print anything.
    • It will compile and print Within catch and Within finally as the output.
    • It will compile and print Within finally as the output.
  14. Which of the following methods specifies which LoginModules should be used for a particular application, and in what order the LoginModules should be invoked?

    • getLogger
    • getConfiguration
    • getResourceBundle
    • getAppConfigurationEntry
  15. Peter works as a Programmer in Magi Net Inc. He writes the following code.

    1. class Ques0190{
    2. public static void main(String[] argv){
    3. byte a = 100;
    4. switch(a){
    5. case 10.
    6. System.out.println(“ten”);
    7. case 100.
    8. System.out.println(“hundred”);
    9. case 1000.
    10. System.out.println(“thousand”);
    11. }
    12. }
    13. }
    What will happen when Peter attempts to compile and execute the code?

    • The code will compile and execute displaying hundred.
    • The code will not compile because 1000 is not assignment compatible with a byte data type.
    • The code will not compile because the argument to the switch cannot be a primitive type byte value.
    • The code will compile and execute displaying hundred followed by thousand.
  16. You work as a Software Developer for TechnoZen Inc. You create an application using Java. You define a method, named myMethod. You also define a class, named myClass, within myMethod.

    Which of the following rules governs the access to the variables of the enclosing method?

    • myClass can access only final variables.
    • myClass can access only static variables.
    • myClass can access only transient variables.
    • myClass can access any variable.
  17. Which of the following methods of the HttpSession interface can be called upon an invalidated session without throwing the IllegalStateException?

    • getAttribute()
    • getServletContext()
    • getAttributesNames()
    • invalidate()
    • getLastAccessedTime()
  18. Which of the following methods are used to customize object serialization so that the objects will be able to apply default serialization?

    Each correct answer represents a complete solution. Choose two.

    • readObject()
    • setDefault()
    • writeObject()
    • getDefault()
  19. Which of the following statements about the <web-resource-collection> element are true?

    Each correct answer represents a complete solution. Choose all that apply.

    • It can have at the most one <url-pattern> sub-element.
    • It has <web-resource-name> as one of its sub-elements.
    • If there is no <http-method> sub-element, no HTTP method will be constrained.
    • It is a sub-element of the <security-constraint> element.
  20. Which of the following statements about the form-based authentication are true?

    Each correct answer represents a complete solution. Choose two.

    • It provides a weaker security check than the HTTP Digest and HTTPS Client authentications.
    • It requires a hidden field that supplies the login-constraint used by the application.
    • It requires that the action of the login form must be j_security_check.
    • It transmits username and password over the network in the form of Base64 encoding.