1.

You are the architect of a new web application that must support a wide variet y of requests with the potential that each request can have varying degrees of s pecialized logic. This system must support a flexible and extensible mechanism f or your developers to add request logic. Which design implementation should be selected to maximize flexibly and extensib ility? A. B. C. D. Implement Implement Implement Implement a controller object to perform action management. a front controller with a command handler. command objects and import them onto all JSP pages. scriptlets with page specific logic embedded into all JSP pages

Reference CloseCore J2EE design patterns - Front Controller/Command Handle r (Alur, Crupi, Malks). Option B is correct. Option A is incorrect because just a controller alone is not the best solution f or extensibility. Option C is incorrect because command objects are correct but importing on each JSP page is not appropriate for this solution. It does not address flexibility o r extensibility. Option D is incorrect because embedding logic in JSP pages allows for the least amount of flexibility. 2.Which two statements describe the advantages of designing an application using inheritance compared to designing and application using interfaces? (Choose two .) A.Inheritance B.Inheritance C.Inheritance defined. D.Inheritance Reference enforces encapsulation while interfaces do not. allows you to restrict the behavior of objects. is a way to form new classes using classes that have already been allows you to utilize an object in place of another object. CloseGang of Four - Inheritance (white-box reuse).

Options B, C are correct. Option A is incorrect because interfaces do help enforce encapsulation. Option D is incorrect because it allows you to utilize properties and methods of other objects. 3.Which two statements are true about a Model View Controller design approach wi th regards to separation of concern? (Choose two.) A.Using a Model View Controller approach implies coupling business functionality and presentation of views. B.Implementation logic is tightly coupled between the View and Model. C.A modification to the View will correspond to a modification of the Model. D.The Controller is the only part that knows about both the Model and the View. E.The design approach using a Model View Controller does address the separation of concern principle Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition - Third Edition. Options D, E are correct.

Option A is incorrect because separation of concerns and MVC design implies loos e coupling so there should not be significant coupling of the business layer and presentation layer. Option B is incorrect because the view and model should not know each others imp lementation logic. Option C is incorrect because it again defines a scenario of coupling where a ch ange in one aspect requires a change to another. 4.The online betting application in production originally expected less than 500 0 users a day because of the small market share the application caters to. You h ave expanded the services offered in this application and there has been a massi ve increase in users visiting your site. This has caused latency with response t ime. You have recommended adding 2 new web servers and 3 new application servers . What is the impact of adding additional servers? A.This B.This C.This D.This will will will will increase decrease increase decrease availability, extensibility, and decrease performance. manageability, performance, and increase maintainability. availability, performance, and reliability manageability, performance, and increase availability

Reference

ClosePractical Software Estimation: (M. A. Parthasarathy).

Option C is correct. Option A, B, D are incorrect because adding the additional servers will increase the performance of the application. The single web and application server had b een experiencing overload and the result was latency of the application response time. 5.You need to implement a printer controller. You want to control access to a se ries of printers and route print jobs. You only want one instance of this class because the algorithms used in job routing depend on this object holding exclus ive control over the printers. What pattern will give you clear separation of concern? A.Factory method B.Builder pattern C.Singleton pattern D.Prototype pattern Reference CloseCore J2EE Patterns Second Edition: (Alur, Crupi, Malks).

Option C is correct. Option A is incorrect because the factory method provides a simple decision maki ng class which returns one of several possible subclasses of an abstract base cl ass depending on data it is provided. Option B is incorrect because the builder pattern separates the construction of a complex object from its representation, so that several different representati ons can be created depending on the needs of the program. Option D is incorrect because the prototype pattern starts with an initialized a nd instantiated class and copies or clones it to make new instances rather than creating new instances. 6.Currently your application is deployed on a single application server and CPU

utilization is often maximized. You are going to remove static content and place the static content onto a web server. What would be a valid reason for removing the static content? A.This will accomplish nothing because you will have no way to access the static content on the web server from your application server. B.The application server is generally performing critical work, indicating that it is best to move static content serving off of the application server machine. C.It is easier to implement a solution where static content resides on a web ser ver and requires no configuration changes to implement. D.Packaging and placing the static content outside of the WAR file has no effect on manageability and maintainability Reference ClosePractical Software Estimation: (M. A. Parthasarathy).

Option B is correct. Option A is incorrect because you can get access to your web server from your ap plication server. This will require a combination of network changes, re-writing , and additional modifications that do add to the work load. Option C is incorrect because it adds difficulty and resources to make this solu tion work. Option D is incorrect because deployments will require more coordination with gr oups, and manageability will increase with maintainin your static content on one server and your application code on another. 7.Your organization has a legacy thick-client application. The issue is that the presentation and business logic are currently coupled. A change in presentation logic requires a change in business logic. A suggestion is to re-factor this in to a three-tier application and separate the business logic from the presentatio n logic. What non-functional requirement would you improve by separating the presentation layer from the business layers? A.Security B.Response Time C.Manageability D.Maintainability E.Performance Reference ClosePractical Software Estimation: (M. A. Parthasarathy).

Option D is correct. Option A is incorrect because securing a one-tier application is generally easie r than securing a three-tier application. With a three-tier you need to secure t he web server, application server, and database. Option C is incorrect because manageability of one-tier application is generally easier than tree-tier application. With a three-tier you need to manage the hea lth the web server, application server, and database. Options B, E are incorrect because performance and response time of a one-tier s ystem should be better than a three-tier. With a three-tier application the requ est/response cycle includes a web server, application server, and database. 8.consulting application architecture team has been brought in to help you desig n a web application prototype. You need to design a quick prototype to represent the web application with minimal amount of infrastructure resources. You will b

e utilizing an existing database for the prototype. This prototype will need to have minimal functionality and emphasize more browser-based look and feel qualit ies, rather than functionality. What is the correct architecture to implement for this prototype? A.Three-Tier prototype with web server, application server, and database. B.Thick client prototype that requires client PC install and database. C.N-Tier prototype with web server, exchange server, application server, and dat abase. D.Two-Tier prototype with web server and database. Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition - Third Edition. Option D is correct. Options A, C are incorrect because there are clearly limited resources and addin g additional resources will not add value to the prototype based on this example . Option B is incorrect because the prototype should reflect a web front end. You can get close to emulating rich clients but the appropriate solution is to imple ment a prototype that will represent the look and feel of the end product. 9.You have been contracted to architect a new accounting system. The system you are going to replace currently runs on two webservers and one database server. T he business logic is implemented using stored procedures. You have proposed to a rchitect the new system using 3 web servers, 2 applications servers, and one dat abase server. You are going to write the business logic in Java and deploy to th e application server, and push the presentation logic onto the web servers. What are three benefits of your proposed architecture? (Choose three.) A.Decreased scalability B.Thin Clients C.Improved separation of business logic D.Tight coupling of business logic and presentation tier E.Thick clients F.Improved scalability Reference CloseThe Java EE 5 Tutorial, Third Edition: For Sun Java System Application Server Platform Edition 9. Options B, C, F are correct. Option A is incorrect because chitecture. You can add a web Option D is incorrect because arating the business logic to he presentation tier. Option E is incorrect because tion layer, making the client you will increase scalability with a Three-Tier ar server, application server, and so on. you will decouple the Two-Tier architecture by sep the application server and presentation logic to t you separated the business logic from the presenta thin.

10.Which two statements are true about Vertical Scalability? (Choose two.) A.You can increase the application servers in you middle tier from 3 to 5 server s. B.Vertical Scalability will decrease manageability. C.You will increase the capacity of your quad core server by upgrading memory. D.The system architecture will require little if any changes. E.Vertical Scalability is more complex, difficult, and requires more application

changes Reference CloseThe Java EE 5 Tutorial, Third Edition: For Sun Java System Application Server Platform Edition 9. Options C, D are correct. Option A is incorrect because this is an example of horizontal scalability. Option B is incorrect because vertically scaling should have some minimal impact tom manageability. If anything the health of the system should increase with mo re power or memory. Option E is incorrect because horizontal scaling is more complex with regards to additional web servers, application servers, clustering, and server farms worki ng together as one cohesive unit. 11.Your application is deployed on a single application server with a single dat abase server. For the phase two release you will be deploying into a cluster of application servers and utilize a database server farm. You will also be introdu cing new design patterns, business logic, and rich UI components. Which is positively impacted with the least amount of effort? A.Scalability B.Manageability C.Maintainability D.Security Reference ClosePractical Software Estimation: (M. A. Parthasarathy).

Option A is correct. Option B is incorrect because there is a negative impact with regards to managea bility. To keep the system healthy you will need to manage several new resources and identify potential risks involved. This will require more effort than addre ssing the single application and database server. Option C is incorrect because there is a negative impact with regards to maintai nability. You are introducing new patterns, UI components, and business logic. T his will increase the maintenance required to resolve defects and/or apply fixes , and will also create new defects. Option D is incorrect because there is a negative impact with regards to securit y. The additional resources will introduce vulnerabilities that will have to be managed. You are no longer responsible for securing a single application/databas e server. 12.You originally designed your application to run in a cluster with four nodes. This design is forward thinking because currently your web application handles light loads. You anticipated using multi-cast to communicate session information across the nodes. Unfortunately, the infrastructure is not ready but your appli cation is. You are going to deploy it to a single application server until the i nfrastructure is ready. Which two will be negatively impacted from this decision? (Choose two.) A.Security B.Manageability C.Scalability D.Availability E.Maintainability

Reference

ClosePractical Software Estimation: (M. A. Parthasarathy).

Options C, D are correct. Option A is incorrect because there will be a positive impact with security beca use it will be easier to detect vulnerabilities in a single resource than severa l. When you introduce the cluster and several new resources you will need to wor ry about the additional resources. Option B is incorrect because there is a positive impact with regards to managea bility. It is easier for you to manage the health of the single server than the cluster. Option E is incorrect because it will be easier for you to resolve and maintain defects and deploy to a single machine than it will be to maintain all current c ode for all nodes. You could have code version problems, library issues, etc. 13.Internal users of your new application are complaining that the new web front end does not perform the same as the thick client version they where using befo re. You are going to re-design the application to use readily available JavaScri pt libraries including AJAX to enhance the user experience. This will require la rge library downloads to the client and introduce volumes of JavaScript. What are three drawbacks of this implementation? (Choose three.) A.Portability to all browsers with minimal re-work for cross browser compatibili ty. B.Readily available development tool kits to support automated testing, debuggin g, re-factoring. C.Reduction of page refreshes to enhance user experience. D.Simulating client state on the browser and reducing the number of views. E.Maintainability will be decreased by removing flow from Java source to JavaScr ipt. Reference ClosePractical Software Estimation: (M. A. Parthasarathy).

Options A, B, E are correct. Option C is incorrect because using AJAX and JavaScript libraries will allow you to design a client that can mock state and minimize page refresh to simulate th ick clients. Option D is incorrect because simulating the client state is a way to address th e thick client. 14.Your new application requirements include dynamic front ends, personalized pa ges, personalized colors, and personalized fonts. Users should be able to access any system and bring up their customized experience without having to save thei r preferences locally. This system will be used by all hotels in the chain and t here is no interest to have to support each hotel individually. The front end so lution should be easy to debug. What is the solution for this new architecture? A.A thin user interface that is browser based and utilizes JSP's and CSS with us er preferences saved locally in a cookie. B.A thick client user interface utilizing AWT and user preferences saved locally in a cookie. C.A thick client user interface utilizing Swing and user preferences saved local ly in a cookie. D.A thin browser based client utilizing JSF and CSS with user preferences persis ted to the database.

Reference

ClosePractical Software Estimation: (M. A. Parthasarathy).

Option D is correct. Options A, B, C are incorrect because users want to use any machine and not have to save their preferences locally. Cookies save local information but a user wo uld need to address preferences on a machine that did not have a saved cookie or had a deleted cookie. 15.Which two statements are true about the Java EE Web Services programming mode l? (Choose two.) A.Stateless session beans can be exposed as Web Services in the Java EE model. B.Web Service communication in the Java EE model only supports asynchronous comm unication. C.The Service Endpoint Interface (SEI) can follow either the JAX-RPC or JAX-WS r ules for WSDL mappings. D.EJB's that are exposed as Web Services run in a restricted container outside o f the standard EJB container. E.JAX-WS supports SOAP 1.2 but does NOT support SOAP 1.1. Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition - Third Edition. Options A, C are correct. Option B is incorrect because Web Service communication in the Java EE model sup ports asynchronous and synchronous communication. Option D is incorrect because EJB's exposed as Web Services run in the same cont ainer as all other EJB's. Option E is incorrect because JAX-WS supports both SOAP 1.1 and SOAP 1.2. 16.The new Dispatch API introduced in JAX-WS supports a fully dynamic service in vocation. Which statement defines a requirement for a JAX-WS dynamic service? A.Only an XML Schema document and knowledge of the body of the message is requir ed to build a client. B.Requires only the WSDL document and knowledge of the header of the message is required to build a client. C.No WSDL or XML Schema document or any other knowledge of the message layout is required to build a client. D.JAX-WS support for a fully dynamic service invocation requires knowledge of a WSDL and the XML Schema document Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition - Third Edition. Option C is correct. Options A, B, C are incorrect because you do not need a WSDL or XML schema to bu ild a client. 17.You are building a real-time Java EE purchase order processing system. This s ystem will integrate with an external system as part of the purchase order appro val process. This system will need to validate the account effective date with t he external system before a purchase order can complete. The external system is

not written in Java. What technology should be used to integrate with the external system? A.JMS and message-driven-bean. B.An asynchronous Web Service. C.A synchronous Web Service. D.Servlets and JSP's. Reference CloseJAX-WS specification 2.0.

Option C is correct. Option A is incorrect because this external system is not written in Java. Option B is incorrect because this is a transaction request that must wait for o ne system to respond before the transaction can continue. Option E is incorrect because the system is not written in Java. 18.Your organization has two applications, one for inventory tracking, and one f or accounting. The inventory system is an older CORBA interface that allows for inventory transactions. The accounting application is built with Java EE technol ogy. You will need to enhance your system so that the inventory system can updat e the accounting system. Which Java technology is best suited for this solution? A.JAXB B.JAX-WS C.JAX-RPC D.Java IDL Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition - Third Edition. Option D is correct. Option A is incorrect because JAXB provides a convenient way to process XML cont ent using Java objects by binding its XML schema to Java representation. Option B is incorrect because JAX-WS is a fundamental technology for developing SOAP based and RESTful Java Web Services. Option C is incorrect because JAX-RPC enables Java technology developers to buil d Web applications and Web Services incorporating XML based RPC functionality ac cording to the SOAP (Simple Object Access Protocol) 1.1 specification. 19.Your new Java EE system will be using RPC style SOAP Web Services to integrat e with an external system. You will be receiving SOAP messages in response to cl ient invocations. Which two are required parts of a SOAP message? (Choose two.) A.Envelope element B.Header element C.Body element D.Fault element Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition - Third Edition.

Options A, C are correct. A required Envelope element that identifies the XML do cument as a SOAP message, and a required Body element that contains call and res ponse information. Option B is incorrect because a header element that contains header information is optional. Option D is incorrect because a fault element that provides information about er rors that occurred while processing the message is optional. 20.You need to implement a Java attachments API that will enable developers to p roduce and consume messages conforming to the SOAP 1.1 specification and SOAP wi th attachments. Which is the correct API to implement? A.JAXB B.StAX C.SAAJ D.JAXP Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition - Third Edition. Option C is correct. Option A is incorrect because JAXB provides a convenient way to process XML cont ent using Java objects by binding its XML schema to Java representation. Option B is incorrect because StAX is an event-driven, pull-parsing API for read ing and writing XML documents. Option D is incorrect because JAXP enables applications to parse and transform X ML documents independent of a particular XML processing implementation. 21.You have been told that you will need to integrate with an Enterprise Informa tion System (EIS) for the next phase of the applications release. You need to ac cess the business logic of Enterprise Information Systems (EIS) in a tightly-cou pled way. Which two are benefits of using JCA over a custom solution? (Choose two.) A.System contracts defined between application server and the EIS resource adapt er provides connection pooling. B.The JCA coupling interface is strictly defined through Common Client Interface . C.System contracts and container-component contracts are exposed for the applica tion component. D.An application server can use a transaction manager to manage transactions acr oss a single resource manager. E.With JCA, portability is achieved with any language and interoperability is no t limited to a specific target. Reference CloseJCA specification 1.5.

Options A, B are correct. Option C is incorrect because these contracts are hidden for the application com ponent. Option D is incorrect because with a transaction management contract the transac tion manager can manage transaction across multiple resources managers. Option E is incorrect because JCA is not truly portable. It is a Java solution a nd interoperability is limited to a specific target.

22.Your application sends three messages with no delivery failures to a JMS dest ination, where two consumers consume messages from the destination. How do both consumers ensure they receive all messages? A.Consumers B.Consumers C.Consumers D.Consumers Reference listen to listen to subscribe subscribe a JMS queue without message selectors. a JMS queue with message selectors. to a JMS topic with message selectors. to a JMS topic without message selectors

CloseJMS specification 1.1.

Option C is correct. Options A, B are incorrect because consumers subscribe to a JMS topic. Option D is incorrect because consumers subscribe to a JMS topic with message se lectors. 23.Your organization is interested in building an application that will allow us ers to query and read volumes of statistical data for analysis. They anticipate high volumes of traffic and want the most scalable solution. This application wi ll be distributed in a cluster and deployed as an enterprise archive. Components should be designed so that they can be accessed remotely by other Java applicat ions. What Java EE component type and remote access technology is correct for this arc hitecture? A.Servlet accessed using HTTP. B.Message-driven bean accessed using JMS. C.Stateless session bean accessed using RMI. D.Stored procedures and DAO's. Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition - Third Edition. Option C is correct. Option A is incorrect because this is not the most scalable solution. Option B is incorrect because this not a workflow application and requires remot e accessibility. Option D is incorrect because this is not the most scalable solution. 24.Your organization is building a Java EE service request system that will ire workflow and numerous business rules. This system will need to process e volumes of asynchronous messages and guarantee delivery. The organization lf has gone through several buy-outs and because of this the integration of ications has been implemented in a loosely coupled manner. Which combination of technologies is correct for this architecture? A.MVC framework and Web Services. B.JMS topic and message-driven bean. C.Stored procedures and DAO's. D.Stateless session bean and RMI Reference CloseThe Java EE 5 Tutorial - The Java Series Enterprise Edition requ larg itse appl

- Third Edition. Option B is correct. Options A, C, D are incorrect because JMS will allow for messages to be specifie d as persistent or non-persistent. A persistent message is guaranteed to be deli vered at least once. It is not considered sent until it has been safely written in the file or database. 25.Your organization is building a customer relationship management system. All data is stored in a relational database system and multiple applications access this data using a single persistence layer. The model includes complex relations hips between tables. Design requirements will include supporting complex queries , bulk updates/deletes, and disconnected operations. Which persistence technology best supports these design requirements? A.Java Persistence API B.CMP entity bean C.BMP entity bean D.BMP with JDBC Reference CloseJSR 220 Enterprise 3.0 JavaBeans specification 1.2.

Option A is correct. Option B is incorrect because CMP does not support disconnected operations and b ulk updates/deletes. Option C is incorrect because BMP entity bean contains the calls to access the d atabase. Option D is incorrect because CMP with JDBC does not support disconnected operat ions and bulk updates/deletes. 26.Which statement is true about Container Managed Persistence (CMP) and the int roduction of Java Persistence API? A.It is possible within the same application to combine EJB CMP entity beans wit h new EJB's utilizing Java Persistence API. B.You are unable to combine earlier EJB CMP entity beans with newer EJB componen ts utilizing Java Persistence API. C.EJB CMP entity beans API is simpler but provides less features than the Java P ersistence API. D.You are required to migrate applications using EJB CMP entity beans to the Jav a Persistence API. Reference Option A is Option B is earlier EJB e API. Option C is features. Option D is utilize XMP CloseJSR 220 Enterprise 3.0 JavaBeans specification 1.2. correct. incorrect because with Java Persistence API you are able to combine CMP entity beans with newer EJB components utilizing Java Persistenc incorrect because Java Persistence API is simpler and provides more incorrect because you are not required to migrate applications that entity beans.

27.Which two statements are true about implementing Web Services utilizing the J ava EE programming model? (Choose two.)

A.Supports the processing of XML content, data binding, and the development SOAP based and RESTful Web Services. B.Web Services exposed by JAX-WS can only be of type document/literal. C.Stateless session beans cannot be exposed as Web Services using Java EE techno logy. D.JAX-WS greatly simplifies the Web Service implementation model. Reference CloseJava API for XML-Based Web Services (JAX-WS) 1.3.

Options A, D are correct. Option B is incorrect because a WSDL SOAP binding can be either a remote procedu re call (RPC) style binding or a document style binding. A SOAP binding can also have an encoded use or a literal use. Option C is incorrect because a stateless session bean can be exposed as a Web S ervice. 28.JAX-WS describes the WSDL to Java mappings. How does JAXB correlate XML schemas to Java objects? A.Through annotations. B.Through data binding. C.Using registration and discovery of services. D.Write callback methods

Reference

CloseJava API for XML-Based Web Services (JAX-WS) 1.3.

Option B is correct. Option A is incorrect because you cannot bind XML schema to Java representation using annotations. Option C is incorrect because that is the responsibility of JAXR. Option D is incorrect because JAXB allows Java developers to access and process XML data without having to know XML or XML processing. For example, there is no need to create or use a SAX parser or write callback methods. 29.The new EJB 3.0 architecture has simplified development over the previous gen erations and has provided new functionality. Which two statements are true about the new EJB 3.0 architecture? (Choose two.) A.Simplification of the enterprise bean types. B.An interceptor facility for session beans and message-driven beans. C.Increased requirements for usage of checked exceptions. D.Elimination of the majority of required interfaces for persistent entities. E.Expanding of the requirement for home interfaces for session beans Reference CloseJSR 220 Enterprise 3.0 JavaBeans specification 1.2.

Options A, B are correct. Option C is incorrect because there is a reduction of usage. Option D is incorrect because there is an elimination of all required interfaces . Option E is incorrect because there is a reduction of the requirements for home

interfaces. 30.EJB 2.1 and earlier API's allowed for remote client access of session beans d ifferently than EJB 3.0. EJB 3.0 introduces a new way to access the session bean remotely. Which statement describes the new way a session bean can be accessed remotely us ing EJB 3.0? A.A remote ce. B.A remote terface. C.A remote erface. D.A remote terface Reference client accesses a session bean through the bean's remote home interfa client accesses a session bean through the bean's remote component in client accesses a session bean through the bean's remote business int client accesses a session bean through the bean's remote assembler in CloseJSR 220 Enterprise 3.0 JavaBeans specification 3.2.

Option C is correct option. Option D is incorrect; there is no remote assembler interface. Options B, A are not new but still available under the new EJB 3.0 specification . 31.An online music sales company is creating a new website with dynamic content. The company has several web designers with HTML and some scripting experience, but no real programming experience. You are a consultant architecting the back-e nd solution.What three technologies would you recommend they use for their dynam ic content? (Choose three.) A.JSP B.JCE C.JSF D.Custom JSF Components E.Custom Tag Libraries F.Expression Language Reference CloseJSP 2.0 spec, JSF 1.2 spec.

Options A, C, F are correct. Option B is incorrect because encryption is not indicated by the requirements. Options D, E are incorrect because they require Java knowledge. 32.Your organizations new website will be implemented in JSF. What challenge will the graphic artists designing the site have with a standard HTML editor? A.JSF tags cannot be put into HTML. B.Special JSF Javascript will need to be written. C.Standard HTML editors will not render the JSF accurately. D.JSF does not scale well in HTML editors. E.The AWT component libraries are becoming unpopular Reference CloseJSF 1.2 spec.

Option C is correct. You must deploy the application to accurately see the JSF r endered. Option A is incorrect because it is false. Options B, D are incorrect because they are not accurate statements. Option E is incorrect because it is not relevant. 33.Your organization has developed a new J2EE Invoicing system, and during load testing the system runs slow, but CPU and memory utilization remain low. To save time they embedded all the business logic into the JSPs as scriptlets. What could be a cause of the problem? A.You need to scale your application horizontally. B.You need to scale your application vertically. C.Servlet instances are getting locked for every request. D.You are dropping database connections. E.Your load balancer needs to be re-polarized. Reference CloseServlet 2.4 spec.

Option C is correct because the default behavior for JSPs is for the service met hod to be synchronized in the resulting servlet. Options A, B are incorrect because the load is low. Option D is incorrect because the question does not state that the logs indicate connections are being dropped. Option E is incorrect because it is not a valid answer.

34.Your organization is designing a new application to track the materials used by a construction firm. They have decided to use Servlets in their architecture. What are two appropriate uses for Servlets in a J2EE application? (Choose two.) A.Contains HTML code for view. B.Can obtain session information. C.Sets request information. D.Invokes business services. E.Sets transport guarantee. Reference CloseServlet 2.4 Spec.

Options B, D are correct. Option A is incorrect because HTML code should not be hard-coded in the Servlet. Option C is incorrect because the Servlet receives the request information. Option E is incorrect because the transport guarantee is set in the deployment d escriptor.

35.Your organizations new accounting system uses Java Server Faces for their GUI . You have been hired to develop screens for the system.Which three are the step s of the JSF request lifecycle? (Choose three.) A.Process Validations B.Passivated State

C.Restore view D.Does not exist E.Ready State F.Apply Request Values Reference CloseJSF 1.2 spec.

Options A, C, F are correct. Options B, D, E are incorrect because these are the stages of a stateful session bean.

36.You are developing a new cost estimation tool that will be deployed on your c ompanies Intranet. Your application has been designed using Java Server Faces. What are the three steps of the JSF response lifecycle? (Choose three.) A.Invoke application B.Managed C.Detached D.Update model values E.Render Response F.Removed Reference CloseJSF 1.2 spec. jsf-1_2-fr-spec.pdf, pg. 57. Options A, D, E are correct. Options B, C, F are incorrect because these are stages of the EJB3 entity. 37.You work for create proposed arge amounts of data saved into w. a financial services company that allows investment advisors to portfolios for customers. The system is mostly used to display l existing stock and fund data from a database, but there is some the system for each client. The usage of the system is fairly lo

What two technologies would you choose for the system? (Choose two.) A.UDDI B.Stateful Session Beans C.Pojo's implementing DAO pattern D.JavaServer Pages E.Web Service Broker Reference CloseJSP 2.0 specs. Core J2EE Patterns Second Edition: (Alur, Crupi, Malks). Options C, D are correct. Option A is incorrect because there is no requirement for UDDI. Option B is incorrect because usage is low and there are few transactions, so EJ Bs are not indicated. Option E is incorrect because it is not indicated by requirements. 38.You are architecting a real-time system with high usage and high volumes of t

ransactions. You need an MVC application with quick presentation times resemblin g a thin client and will have several pre-populated views that can carry across several pages. The users must be able to quickly navigate between different sect ions of the system. Which three technologies will you need to implement? (Choose three.) A.MDB B.Swing GUI controls C.JSP D.EJB3 Entities E.Stateless Session Beans F.JCE Reference CloseEJB3 specs. JSP 2.0 specs. Options C, D, E are correct. Option A is incorrect because it is a real-time system, and MDBs are asynchronou s. Option B is incorrect because swing components are notoriously slow. Option F is incorrect because nothing is mentioned about security requirements. 39.You are architecting a new web deployed portfolio management application. In the current system, the Portfolio Managers have a desktop application running o n their local PCs, and you want to implement the new solution with a GUI that is similar to their desktop application. Once the users have set up and approved a portfolio, you must use a Web service to send the trade to a fund trading syste m. What two technologies are required for this new application? (Choose two.) A.JAX-WS B.JMS C.JSSE D.JCE E.JSP F.JSF Reference CloseJSF 1.2 spec.

Options A, F are correct. Options B, C, D are incorrect because they are not indicated by the requirements . Option E is incorrect because it could be used, but only by adding Ajax, which i s not mentioned in the requirements.

40.You are writing a utility that searches for existing web services provided by large companies. Your web site allows the user to input search criteria using e vent-driven, state managed GUI screens, performs the search, and displays them i n a nicely formatted html page. Which two technologies would you use for this application? (Choose two.) A.JAX-WS B.JAX-RPC

C.JAXB D.JAXR E.JSP F.JSF Reference CloseJ2EE Web Services: XML SOAP WSDL UDDI WS-I JAX-RPC JAXR SAA J JAXP (Paperback) by Richard Monson-Haefel. JSF 1.2 specs. Options D, F are correct. Options A, B, C, E are incorrect because they don't address the requirements. 41.You will be replacing an aging IT infrastructure, but they do not have the re sources to replace all their legacy systems at once. They have a variety of main frame applications, client server applications, and standalone programs that nee d to be integrated. Which will provide a unified platform for scalable, secure SOA development? A.JAXB B.JAXR C.Enterprise Service Bus D.Simple Object Access Protocol E.REST Reference ndex.jsp Closehttp://www.sun.com/software/javaenterprisesystem/javacaps/i

Option C is correct. Options A, B, D, E are incorrect because they do not satisfy the requirements.

42.You need to process DOM documents received through Web Service from your supp liers. What will you need to implement to be able to process these DOM documents? A.UDDI B.JAXR C.JAXP D.JSSE E.JCE Reference CloseJ2EE Web Services: XML SOAP WSDL UDDI WS-I JAX-RPC JAXR SAA J JAXP (Paperback)by Richard Monson-Haefel. Option C is correct. Options A, B are incorrect because Web Service registries are not indicated in t he requirements. Option D is incorrect because secure sockets are not indicated. Option E is incorrect because encryption is not directly indicated in the requir ements. 43.You have been hired to re-factor an existing legacy application that is diffi cult to extend. The business group is constantly asking for changes to the GUI f

or different presentations and different customers, but the business logic remai ns the same. You are surprised the engineers have so much difficulty presenting different views of the same logic. What is the most likely cause of the difficulty and the resolution? A.HTML tags are replicated in many pages. Re-factor the code using the View Help er pattern. B.Database connectivity is unreliable. Expand the number of connections in the c onnection pool. C.Business logic is embedded in the JSPs. Re-factor the code to use business obj ect design pattern. D.Network connections are slow. Re-factor the code using the Transfer Object pat tern Reference Option Option Option Option C A B D is is is is CloseCore J2EE Patterns Second Edition: (Alur, Crupi, Malks). correct. incorrect because it does not solve the problem. incorrect because it is unrelated to the extensibility problem. incorrect because it is unrelated to the extensibility problem.

44.You have been asked to look at an application with performance problems. At f irst glance the code looks appropriate and the configuration seems ok, but the C PU and memory on the server are routinely maxing out due to high usage. What relatively quick and cost-effective changes can you recommend to improve th e system performance? A.Switch to High-Availability servers. B.Re-factor to use design patterns. C.Vertical Scaling of the system. D.Horizontal Scaling of the system. Reference Option Option Option Option C A B D is is is is ClosePractical Software Estimation: (M. A. Parthasarathy). correct. incorrect because purchasing new servers is costly. incorrect because the code already looks good. incorrect because purchasing new servers is costly.

45.Version 1.0 of your software had lots of dynamic SQL embedded in the business logic, causing your code to be difficult to maintain. In version 2.0 you want t o encapsulate access to the data source, and provide easy migration to different vendor products. What design pattern should you implement to address these specific concerns when re-factoring your code? A.Business Delegate B.Service to Worker C.Transfer Object D.DAO E.Business Object Reference CloseCore J2EE Patterns Second Edition: (Alur, Crupi, Malks).

Option D is correct. Option A is incorrect Option B is incorrect Option C is incorrect ed by the DAO. Option E is incorrect e db access logic.

because business delegates should not contain SQL. because it does not address the requirements. because TO's should not contain SQL, though they may be us because the Business Object should not directly contain th

46.Your existing application uses multiple JSP pages for display. The visual is defined using static template text, markup tags, EL, JSTL and CSS. You want to a void embedding scriptlet code in your views as much as possible. What pattern is an example of creating custom tags to handle processing in your views? A.Composite Entity B.View Helper C.Dispatcher View D.Service to Worker E.Composite View Reference CloseCore J2EE Patterns Second Edition: (Alur, Crupi, Malks). because because because because that deals with the Model. it does not address the requirements. it does not address the requirements. it does not deal with processing in the views, whi

Option B is correct. Option A is incorrect Option C is incorrect Option D is incorrect Option E is incorrect ch is the question.

47.You are creating a utility billing system that you want to sell to as many di fferent utility companies as possible. You want each company to have their own b illing module, reporting module, and historical reporting module that are specif ic to each utility and each module in the system is related to one another, but you do not want to have lots of conditional statements in your code. Which is the correct design pattern to avoid having lots of conditional statemen ts? A.Builder B.Factory Method C.Singleton D.Abstract Factory E.Prototype F.Facade Reference are. CloseDesign Patterns: Elements of Reusable Object-Oriented Softw

Option D is correct. Option A is incorrect because Builder separates the construction of a complex ob ject from its representation so that the same construction process can create di fferent representations. Option B is a similar pattern, but it is incorrect because we want families of r elated objects that are related to each other. Option C is incorrect because we do not want to control the number of instances. Option E is incorrect because it is used when the inherent cost of creating a ne

w object in the standard way (e.g., using the 'new' keyword) is prohibitively ex pensive for a given application Option F is incorrect because Facade creates a simplified interface of an existi ng interface 48.You are implementing a new custom payroll system, which will contain employee s who may be paid either salaried, part time (with partial benefits) or straight hourly. The management of the company has told you that other types of pay calc ulations may be implemented in version 2.0 of your software. You want for each E mployee object to contain a routine to compute the pay, but this calculation wil l vary from employee to employee, and should be interchangeable. Since other pay calculations are coming, you want to avoid hard coded logic in your main proces sing routines. Other than pay calculations, employees are handled in the same wa y in your system, so you want to avoid different Employee sub-classes. Which design pattern will you need to implement to avoid these different Employe e sub-classes? A.Bridge B.Strategy C.Template D.Visitor E.Abstract Factory F.Factory Method

Reference are.

CloseDesign Patterns: Elements of Reusable Object-Oriented Softw

Option B is correct. Option A is incorrect because Bridge decouples an abstraction from its implement ation so that the two can vary independently. Option C is incorrect because Template describes the program skeleton of a progr am. Option D is incorrect because Visitor is a way to traverse a group of differing objects and execute distinct operations. Option E is incorrect because Abstract Factory creates families of related objec ts. Option F is incorrect because you want to avoid different Employee sub-classes.

49.What are two benefits of the Factory Method pattern? (Choose two.) A.Decouple an abstraction from its implementation. B.Lets subclasses decide which class to instantiate. C.Define an interface for creating families of related objects. D.Provide a unified interface to a set of interfaces. E.Define an interface for creating an object. Reference CloseDesign Patterns: Elements of Reusable Object-Oriented Softw are. Gang of Four - pg 107, 151, 87, 185. Options B, E are correct. Option A is incorrect because decouple an abstraction from its implementation is a Bridge pattern.

Option C is incorrect because define an interface for creating families of relat ed objects is an Abstract Factory pattern. Option D is incorrect because provide a unified interface to a set of interfaces is a Facade pattern. 50.What are two benefits of the Template design pattern? (Choose two.) A.Redefine certain steps of an algorithm without changing its structure. B.Configure a class with one of many behaviors. C.Allow an object to alter its behavior when its internal state changes. D.Define a skeleton of an algorithm. E.Define a one-to-many dependency between objects Reference CloseDesign Patterns: Elements of Reusable Object-Oriented Softw are. Gang of Four - pg 325, 316, 305. Options A, D are correct. Option B is incorrect because configure a class with one of many behaviors is a Strategy pattern. Option C is incorrect because allow an object to alter its behavior when its int ernal state changes is State. Option E is incorrect because define a one-to-many dependency between objects is Observer pattern.

51.What are three benefits of adding the Business Delegate pattern to your archi tecture? (Choose three.) A.Cache results and references to remote business services. B.Server-side abstraction. C.Avoid unnecessary invocation of remote services. D.Handles exceptions from the business services. E.You want to avoid duplicating sub views. Core J2EE Patterns Second Edition: (Alur, Crupi, Malks). Options A, C, D are correct. Option B is incorrect because it is a CLIENT side abstraction. Option E is incorrect because that is Composite View. 52.What are three benefits of using the Service Locator pattern? (Choose three.) A.Centralize and reuse the implementation of lookups. B.You want to implement parent-child relationships efficiently when implementing Business Objects as entity beans. C.You want to reduce remote requests across the network. D.Reestablish connections to previously accessed EJB instances. E.Encapsulate vendor dependencies for registry implementations. F.You want to maintain the search results on the server side Reference CloseCore J2EE Patterns Second Edition: (Alur, Crupi, Malks).

Options A, D, E are correct. Option B is incorrect because that is Composite Entity.

Option C is incorrect because that is Transfer Object. Option F is incorrect because that is Value List Handler. 53.A company is trying to cause chaos by sending out an unsigned applet that is loaded via the net. What action can the applet take to cause untold destruction? A.Access file directories on the local machine. B.Access load libraries on the local machine. C.Make network connections to another web server. D.Use excessive amounts of CPU time. Reference Closehttp://java.sun.com/sfaq/

Option D is correct. Options A, B, C are incorrect because they are prevented by the sandbox. 54.The application you are using has loaded into your browser Java applets in an un-trusted jar file. What can these un-trusted jar files do? A.Access any system properties. B.Access specific system properties. C.Read arbitrary files on the client. D.Write arbitrary files on the client. Reference Option B Option A e hidden Option C Option D Closehttp://java.sun.com/sfaq/ is correct. is incorrect from applets is incorrect is incorrect because there are only ten system properties that cannot b loaded into a Java-enabled browser, such as Java version. because the sandbox prevents it. because the sandbox prevents it.

55.Your organization is going through an extensive security audit and it has bee n discovered that their Internet-facing web site is vulnerable to Cross Site Scr ipting from authenticated users. What are appropriate places for mitigating these threats? A.Requiring SSL in the deployment descriptor transport guarantee. B.Custom JavaScript in your JSP pages. C.Adding an Intercepting Validation filter to your system. D.In the report used to display the data. E.Use security roles in the deployment descriptor Reference CloseCore Security Patterns: Best Practices and Strategies (Chri stopher Steel; Ramesh Nagappan; Ray Lai): Intercepting Validtor. Option C is correct. Options A, E are incorrect because they are authenticated users. Option B is incorrect because validation should be done on the server, not scrip t in the browser. Option D is incorrect because you would want to filter the characters before dis playing it.

56.You need to control access to sensitive URLs in your web site. What option below allows you to impose security and control access to sensitive URLs? A.Deployment descriptor B.Custom JavaScript in JSP C.EJB Entity D.In stored procedures E.A custom tag library Reference Option A Option B screen. Option C Option D Option E ty. CloseServlet specs 1.4. is correct. is incorrect because you need to authorize access before you reach the is incorrect because the EJB Entity is in the Model (not Controller). is incorrect because the stored proc is in the Model (not Controller). is incorrect because a custom tag library should not be used for securi

57.You are architecting an online music sales application for Flash and Sizzle, Inc. that accepts customer feedback. Users can rank purchases from one to five b y clicking on buttons, as well as input comments about the product into a text b ox. What can filtering special characters such as "; ? -- | " from text boxes on JSP forms prevent? A.Buffer Overflow B.SQL Injection C.Authorization Errors D.Weird output on reports Reference CloseCore Security Patterns: Best Practices and Strategies (Chri stopher Steel; Ramesh Nagappan; Ray Lai). Option B is correct. Options A, C, D are incorrect because they do not address the problem 58.The requirements for this new website states that a new system must use encry ption to prevent data theft. Passwords must be tored using a one-way encryption algorithm so that they can never be accidentally displayed. What encryption method will you implement? A.Passwords can be stored using 3DES. B.Passwords can be stored using SHA. C.Passwords can be stored using Blowfish. D.RSA Reference CloseCore Security Patterns: Best Practices and Strategies (Chri stopher Steel; Ramesh Nagappan; Ray Lai). Option B is correct.

Option A is incorrect because it is a symmetrical encryption algorithm. Option C is incorrect because it is a symmetrical encryption algorithm. Option D is incorrect because it is a asymmetrical encryption algorithm.

59.You are developing a new J2EE application and you want to restrict access to parts of the system for security purposes. Which security constraints can be specified in the web.xml deployment descriptor ? A.Restrictions based on user login. B.Restriction on Struts actions. C.Restrictions on encryption methods. D.Restriction based on Role Name. Reference CloseServlet 2.4 spec.

Option D is correct. Option A is incorrect because this is vendor specific. Option B is incorrect because this is handled in different .xml files. Option C is incorrect because you can only specify a transport guarantee. The br owser and ssl server determine the protocol. Option D is correct. 60.You have decided your company's new Internet application will use Java Authen tication and Authorization Service for security. Which is a security benefit of using Java Authentication and Authorization? A.It B.It C.It D.It provides provides provides provides Pluggable Authentication Modules. JSAPI support. secure internet connections via sockets. a framework for SOA governance

Reference Closehttp://java.sun.com/javase/6/docs/technotes/guides/security /jaas/JAASRefGuide.html Option Option Option Option A B C D is is is is correct. incorrect because JSAPI is the Java Speech API. incorrect because that is Java Secure Socket Extension. incorrect because that is not related to JAAS.

--