New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium GIAC GSSP-Java Dumps Questions Answers

Page: 1 / 10
Total 275 questions

GIAC Secure Software Programmer - Java Questions and Answers

Question 1

Which of the following exceptions will be thrown by the getFeature() method if the feature value cannot be assigned or retrieved?

Options:

A.

IllegalArgumentException

B.

SAXNotSupportedException

C.

NullPointerException

D.

SAXNotRecognizedException

Buy Now
Question 2

Which of the following methods belongs to the Refreshable interface?

Options:

A.

commit

B.

destroy

C.

isReadOnly

D.

isCurrent

Question 3

You have written the following code snippet.

1. public class Read {

2. protected int ReadText(int x) { return 0; }

3. }

4. class Text extends Read {

5. /*insert code here*/

6. }

Which of the following methods, inserted independently at line 5, will compile?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

private int ReadText(long x) { return 0; }

B.

protected long ReadText(int x, int y) { return 0; }

C.

protected long ReadText(long x) { return 0; }

D.

protected int ReadText(long x) { return 0; }

E.

private int ReadText(int x) { return 0; }

F.

public int ReadText(int x) { return 0; }

G.

protected long ReadText(int x) { return 0; }

Question 4

Which of the following data type values is returned by the System.in.read() console input function?

Options:

A.

String

B.

Integer

C.

Float

D.

Character

Question 5

Which of the following tags is used to include resources from within the same servlet container?

Options:

A.

B.

C.

D.

Question 6

Which of the following exceptions is thrown to indicate that a servlet is temporarily unavailable?

Options:

A.

ServletException

B.

ApplicationException

C.

IllegalStateException

D.

IOException

E.

UnavailableException

F.

IllegalAccessException

Question 7

You work as a Software Developer for NewTech Inc. You write a bean class using Enterprise JavaBeans 3.0. The class uses the @DeclareRoles ("ADMIN, HR, DBA, USER") annotation to declare the security roles. The class contains a method named showResult(). You want to ensure that the ADMIN role is granted privilege to the showResult() method. Moreover, if a role that is not allowed to access the method tries to call the method, an error message must be shown. Assuming that there is no security-related element in the deployment descriptor, which of the following will you use to accomplish the task?

Each correct answer represents a part of the solution. Choose two.

Options:

A.

The isCallerInRole() method

B.

The getCallerPrincipal() method

C.

The @RolesAllowed("ADMIN") annotation

D.

The @PermitAll annotation

Question 8

Which of the following is the return type of the getInitParameter() method of the ServletContext interface?

Options:

A.

Enumeration

B.

String

C.

String array

D.

ServletContext

E.

Integer

Question 9

In which of the following locations the helper classes of a session bean class reside?

Options:

A.

EJB JAD file

B.

Deployment descriptor

C.

META-INF directory

D.

EJB JAR file

Question 10

Which of the following exceptions will be thrown if the commit() method fails?

Options:

A.

DestroyFailedException

B.

NullPointerException

C.

LoginException

D.

SecurityException

Question 11

Which of the following classes of java.util.logging prints a brief summary of the LogRecord in a human readable format?

Options:

A.

XMLFormatter

B.

SimpleFormatter

C.

StreamHandler

D.

MemoryHandler

Question 12

You work as a developer for PassGuide Inc. You have implemented a session bean with a method doPrint(), which behaves differently depending on the caller's security role. Only MANAGER in the security roles "ADMIN" and "MANAGER" are allowed to call the method. Which of the following actions are appropriate to accomplish if there is no security-related metadata in the deployment descriptor?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Annotate method doPrint() with @RolesAllowed({"ADMIN","MANAGER"}).

B.

Annotate method doPrint() with @PermitAll.

C.

If EJBContext.isCallerInRole("ADMIN") returns true, implement the behavior defined for MANAGER in role "ADMIN".

D.

If EJBContext.getCallerPrincipal returns role "ADMIN", implement the behavior for MANAGER in role ADMIN.

Question 13

Which of the following methods causes the currently executing thread object to temporarily pause and allow other threads to execute?

Options:

A.

sleep()

B.

notify()

C.

finalize()

D.

interrupted()

E.

yield()

F.

notifyAll()

Question 14

Which of the following statements can be used by a Programmer to suggest the JVM to perform garbage collection?

Options:

A.

Runtime.getRuntime().freeMemory();

B.

Runtime.getRuntime().totalMemory();

C.

new Thread().destroy();

D.

System.gc();

E.

System.runFinalization();

F.

System.setOut();

Question 15

Which of the following statements about the String, StringBuffer, and StringBuilder classes are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

The StringBuffer class offers faster performance than the StringBuilder class.

B.

The StringBuffer class is thread-safe while the StringBuilder class is not.

C.

A character in a string can be searched using the indexOf() operator.

D.

The return type of the trim() method present in the String class is void.

Question 16

You write the following code.

class Father {public void Method() {System.out.println("I am Father");}}

public class Son extends Father {public static void main(String argv[]) {Son son = new Son();son.Method();}

private void Method() {System.out.println("I am Son");}}

Which of the following will be the result, when you try to compile and run the code?

Options:

A.

I am Father will be displayed as the output.

B.

A runtime error will result.

C.

I am Son will be displayed as the output.

D.

The code will execute but without displaying any output.

E.

A compile-time error will result.

Question 17

You work as a Programmer for InfoTech Inc. You write the following code.

1. public class InnerDemo{

2. public static void main(String[] args) {

3. Car c = new Car();

4. // insert code here

5. e.test();

6. }

7. }

8. class Car{

9. class Engine{

10. void test() {System.out.println("test"); }

11. }

12. }

Which of the following options should you add to line 4 so that the code compiles and produces the output "test"?

Options:

A.

Car.Engine e = c.new Engine();

B.

Engine e = c. new Engine();

C.

c.Engine e = Car.new Engine();

D.

Car.Engine e = Car.new Engine();

Question 18

Which of the following deployment descriptor elements must contain the element as its mandatory sub-element?

Options:

A.

B.

C.

D.

Question 19

Which of the following methods is used to encrypt or decrypt data in a single step?

Options:

A.

wrap()

B.

update()

C.

digest()

D.

doFinal()

Question 20

You work as a Software Developer for BlueTech Inc. You create code using EJB 3.0. You want to ensure that each new record is checked for validation before it is inserted into the database. Which of the following callback methods will you use to write the logic for validation?

Options:

A.

PostUpdate

B.

PreUpdate

C.

PostLoad

D.

PrePersist

Question 21

Which of the following classes is an engine class that provides an opaque representation of cryptographic parameters?

Options:

A.

DSAPublicKeySpec

B.

AlgorithmParameterGenerator

C.

DSAParameterSpec

D.

AlgorithmParameters

Question 22

The following JSP scriptlet is given.

<% response.setContentType("text/html; charset=ISO-8859-1"); %>

Which of the following directives is the equivalent directive for the scriptlet given above?

Options:

A.

<%@ include contentType="text/html; pageEncoding=ISO-8859-1" %>

B.

<%@ include contentType="text/html; charset=ISO-8859-1" %>

C.

<%@ page contentType="text/html; charset=ISO-8859-1" %>

D.

<%@ taglib contentType="text/html; pageEncoding=ISO-8859-1" %>

Question 23

Mark works as a Programmer for InfoTech Inc. He develops a class named Data that imports all the required packages. The class Data uses a method named PrintData(), which uses a method that checks whether the caller has a BeanUser security role. Which of the following code of the method PrintData() will satisfy the requirement?

Options:

A.

public void PrintData()

{

@DeclareRoles("BeanUser")

@Resource SessionContext ctx;

@RolesAllowed("BeanUser")

Principal caller = ctx.getCallerPrincipal();

if (ctx.getCallerIdentity("BeanUser")) {

System.out.println("It is the correct user");}

else{System.out.println("It is the incorrect user");}//more code}

B.

public void PrintData()

{@DeclareRoles("BeanUser")

@Resource SessionContext ctx;

@RolesAllowed("BeanUser")

Principal caller = ctx.getEJBHome();

if (!isCallerInRole(ctx)) {System.out.println("It is the correct user");}

else{System.out.println("It is the incorrect user");}//more code}

C.

public void PrintData()

{@DeclareRoles("BeanUser")

@Resource SessionContext ctx;

@RolesAllowed("BeanUser")

Principal caller = ctx.getCallerPrincipal();

if (ctx.isCallerInRole("BeanUser")) {

System.out.println("It is the correct user");}

else{System.out.println("It is the incorrect user");}//more code}

D.

public void PrintData()

{@DeclareRoles("BeanUser")

@Resource SessionContext ctx;

@RolesAllowed("BeanUser")

Principal caller = ctx.getCallerPrincipal();

if (ctx.getStatus("BeanUser")) {System.out.println("It is the correct user");}

else{System.out.println("It is the incorrect user");}//more code}

Question 24

Which of the following statements about the isCallerInRole() method are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

It can be called from the PostConstruct and PreDestroy callback methods of a stateful session bean.

B.

It is present in the UserTransaction interface.

C.

It cannot be called from a message-driven bean.

D.

It can be invoked only from the business method of an enterprise bean.

Question 25

You have created a Java application that will retrieve and insert data into a database table. Which of the following objects will you use to pass the JDBC Driver to obtain a connection to the database server?

Options:

A.

DriverManager

B.

ResultSet

C.

Connection

D.

Statement

Question 26

Which of the following statements correctly describe the features of the singleton pattern?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Singletons are used to control object creation by limiting the number to one but allowing the flexibility to create more objects if the situation changes.

B.

Singletons can only be stateless, providing utility functions that need no more information than their parameters.

C.

A singleton class may disappear if no object holds a reference to the Singleton object, and it will be reloaded later when the singleton is needed again.

D.

The behavior of a singleton can be obtained by static fields and methods such as

java.lang.Math.sin(double).

Question 27

Mark works as a Programmer for InfoTech Inc. He develops a Website that uses HTML and processes HTML validation. Which of the following are the advantages of the HTML application?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

It provides password protection for a Web page or directory

B.

It can be accessed by more visitors.

C.

It provides faster loading.

D.

It is easier to update and maintain the site.

E.

It protects the source or images of a HTML Web page.

F.

It puts less load on the server.

Question 28

Which of the following listeners causes an object of the implementing class to be notified when it is added to or removed from a session?

Options:

A.

HttpSessionListener

B.

HttpSessionActivationListener

C.

HttpSessionAttributeListener

D.

HttpSessionBindingListener

Question 29

Peter works as a Software Developer for Neon Inc. He is developing an application in Java. He declares an interface. Which of the following field declarations are valid within the body of an interface?

Each correct answer represents a complete solution. Choose three.

Options:

A.

final static int answer=42;

B.

public static int answer = 42;

C.

private final static int answer=42;

D.

public int answer=42;

E.

int answer;

Question 30

Which of the following methods are used to customize object serialization so that the objects will be able to apply default serialization?

Each correct answer represents a complete solution. Choose two.

Options:

A.

readObject()

B.

setDefault()

C.

writeObject()

D.

getDefault()

Question 31

You work as a Software Developer for BlueWell Inc. Your team creates a Web site for online shopping.

All payments are made through credit cards. Hence, you want to ensure that the information transferred between the customers and your Web site is encrypted. Which of the following authentication mechanisms will you use to accomplish the task?

Options:

A.

FORM

B.

DIGEST

C.

BASIC

D.

CLIENT-CERT

Question 32

Which of the following statements about data integrity of a container are true?

Each correct answer represents a complete solution. Choose two.

Options:

A.

It ensures that an eavesdropper cannot read an HTTP message being sent from a client to a container.

B.

Data integrity ensures that information has not been modified by a third party while it is in transit.

C.

It ensures that a hacker cannot alter the contents of an HTTP message while it is in transit from a container to a client.

D.

Data integrity ensures that information is made available to users who are authorized to access it.

Question 33

You work as a Software Developer for UcTech Inc. You are building a Web site that will contain study materials on the Java language. The company wants that members can access all the pages, but nonmembers have only limited access to the Web site pages. Which of the following security mechanisms will you use to accomplish the task?

Options:

A.

Authentication

B.

Data integrity

C.

Confidentiality

D.

Authorization

Question 34

You work as a programmer for PassGuide.Inc. You want to create a servlet filter that stores all request headers to a database for all requests to the Web application's home page "/work.jsp". Which of the following HttpServletRequest methods allows you to retrieve all of the request headers?

Options:

A.

java.util.Enumeration getRequestHeaders()

B.

java.util.Enumeration getHeaderNames()

C.

String[] getRequestHeaders()

D.

java.util.Iterator getRequestHeaders()

E.

java.util.Iterator getHeaderNames()

F.

String[] getHeaderNames()

Question 35

You work as a Web Deployer for UcTech Inc. You write the element for an application in which you write the sub-element as follows.

*

Who will have access to the application?

Options:

A.

No user

B.

It depends on the application.

C.

Only the administrator

D.

All users

Question 36

Which of the following circumstances can prevent the execution of code in a finally block?

Each correct answer represents a complete solution. Choose two.

Options:

A.

An exception arising in the try block that precedes the finally block.

B.

An exception arising in the finally block itself.

C.

No exception condition arising in the try block that precedes the finally block.

D.

The use of the System.exit(0); statement in the finally block.

Question 37

Mark works as a Programmer for InfoTech Inc. He develops the following code snippet.

import java.util.*;

public class DemoSet{

public static void main(String[] args){

TreeSet ts = new TreeSet();

ts.add("Sunday");

ts.add("Friday");

ts.add("Wednesday");

ts.add("Sunday");

ts.add("Monday");

Iterator it = ts.iterator();

while(it.hasNext()){

System.out.print(it.next() + " ");

}

}

}

What will be the output when he tries to execute the given code snippet?

Options:

A.

Wednesday Sunday Monday Friday

B.

An exception will be thrown at runtime.

C.

Friday Monday Sunday Wednesday

D.

Sunday Monday Wednesday Friday

Question 38

Mark works as a Programmer for InfoTech Inc. He develops a program that defines a class named Inventory that has an instance variable named NumOfItems. Which of the following properties will be applied by NumOfItems?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

It will not be visible in Static methods if it passed as a parameter.

B.

It will be visible in Static methods if it passed as a parameter.

C.

It will be available for all the instance methods of the class.

D.

It becomes available for garbage collection if it is no longer in scope.

Question 39

Which of the following pieces of codes will be placed at the line XXX to successfully compile the given class?

public interface Publication

{

String GetDetails();

}

public class Book implements Publication

{

//line XXX

}

Options:

A.

public String GetDetails(){}

B.

Object GetDetails(){}

C.

long GetDetails(){}

D.

private String GetDetails(){}

Question 40

Which of the following statements about the form-based authentication are true?

Each correct answer represents a complete solution. Choose two.

Options:

A.

It provides a weaker security check than the HTTP Digest and HTTPS Client authentications.

B.

It requires a hidden field that supplies the login-constraint used by the application.

C.

It requires that the action of the login form must be j_security_check.

D.

It transmits username and password over the network in the form of Base64 encoding.

Question 41

Given the following directory structure.

Assuming that the current directory is com, which of the below options can be used to create a jar file called TestJar.jar that contains all the files from the directory testApp?

Options:

A.

jar -zf TestJar.jar

B.

jar -cf TestJar.jar

C.

jar -tf TestJar.jar

D.

jar -cf TestJar.jar testApp

Page: 1 / 10
Total 275 questions