Sreejobs Logo
   For Latest Job Updates Online Exams
Home Govt Jobs IT Fresher Jobs IT Exp Jobs IT Walk-Ins MBA Jobs BPO Jobs Register FAQ’s Post Job Contact Us
SreeJob Fees   Feeds
Hot Jobs
Welcome Guest
Login | Register
Total No Of Questions: 100.
1) You are creating a new JSP page and you need to execute some code that acts when the page is first executed, but only once. Which three are possible mechanisms for performing this initialization code?(Choose hree.)


Developer has used this code within a servlet:

62. if(request.isUserInRole("vip")) {

63. // VIP-related logic here

64. }

What else must the developer do to ensure that the intended security goal is achieved?

3) You need to store a Java long primitive attribute, called customerOID, into the session scope. Which two code snippets allow you to insert this value into the session? (Choose two.)


One of the use cases in your web application uses many session-scoped attributes. At the end of the use case, you want to clear out this set of attributes from the session object.

Assume that this static variable holds this set of attribute names:

201. private static final Set<String> USE_CASE_ATTRS;

202. static {

203. USE_CASE_ATTRS.add("customerOID");

204. USE_CASE_ATTRS.add("custMgrBean");

205. USE_CASE_ATTRS.add("orderOID");

206. USE_CASE_ATTRS.add("orderMgrBean");

207. }

Which code snippet deletes these attributes from the session object?


Given a header in an HTTP request: X-Retries: 4

Which two retrieve the value of the header from a given HttpServletRequest request? (Choose two.)

6) If you want to use the Java EE platform's built-in type of authentication that uses a custom HTML page for authentication, which two statements are true? (Choose two.)


A custom tag is defined to take three attributes. Which two correctly invoke the tag within a JSP page? (Choose two.)

8) You have been contracted to create a web site for a free dating service. One feature is the ability for one client to send a message to another client, which is displayed in the latter client's private page. Your contract explicitly states that security is a high priority. Therefore, you need to prevent cross-site hacking in which one user inserts JavaScript code that is then rendered and invoked when another user views that content. Which two JSTL code snippets will prevent cross-site hacking in the scenario above? (Choose two.)

9) Your company has a corporate policy that prohibits storing a customer's credit card number in any corporate database. However, users have complained that they do NOT want to re-enter their credit card number for each transaction. Your management has decided to use client-side cookies to record the user's credit card number for 120 days. Furthermore, they also want to protect this information during transit from the web browser to the web container; so the cookie must only be transmitted over HTTPS. Which code snippet creates the "creditCard" cookie and adds it to the out going response to be stored on the user's web browser?

10) Which two are valid values for the <transport-guarantee> element inside a <security-constraint> element of a web application deployment descriptor? (Choose two.)