Scribd Logo
Upload

Welcome to Scribd!

  • Scea Question

    Uploaded by

    getkumarvasu
    200 views182 pages
    scea

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    scea

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    200 views182 pages

    Scea Question

    Uploaded by

    getkumarvasu
    scea

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 182

    1.

    A B C D E F

    Which of the following are true about Active Replication? It is a fault-tolerance mechanism It is achieved by taking cold back ups Each replica attempts to process each request but extra calls may be intercepted via an interceptor State changes are logged and periodically flushed to the replicas State is synchronized only when the primary service fails Each replica is identical to the main service. Choices A, C and F are correct.

    Active Replication is a fault tolerance mechanism where each replica is identical to the main service and attempts to service each request. An interceptor is used to block extra responses. Active replication is similar in concept to Hot Backups. Hence choices A, C and F are correct. Active Replication is not achieved through cold backups. In cold backups, the replicas are not constantly updated. Their state is synchronized with the primary service in regular intervals. In the event that the primary service fails, one of the replicas has to be synchronized (perhaps with data from a storage device) before it can service requests. Hence choice B is incorrect. Choice D refers to the concept of Warm Backus. In warm backups, only the primary service responds to requests. However all activity is constantly logged. Periodically these logs may also get flushed to the replicas. When the primary service fails, a replica takes over after its state is synchronized with the logs. Hence choice D is incorrect. With active replication, as mentioned before, the state of all replicas is constantly synchronized. Hence choice E is incorrect. 2 A B C D E Which of the following are benefits of Server Clustering? Replication High Security Easy Manageability Load Balancing Fault Tolerance

    Choices A, D and E are correct. Through the use of replicas, server clusters increase the reliability and availability of a system. They provide a fault tolerance mechanism with load distribution and load balancing capabilities. Hence choices A, D and E are correct.

    J2EE applications offer security features through Identification, Authentication and Authorization mechanisms. In addition they also provide APIs that allow secure communication,

    encryption of messages and so on. This is not a feature of server clusters though. Hence choice B is incorrect.

    Managing multiple servers is always a harder than managing just one server. Hence easy manageability may not always be true with distributed platforms. With J2EE, due to clear roles and responsibilities of tiers and layers, applications may be relatively easier to manage than other distributed systems. However manageability is not the best asset of distributed systems. Hence choice C is incorrect.

    3 A B C D E F

    Which of the following are true about Passive Replication? Primary Service and all replicas respond to all requests Primary Service randomly delegates requests to one of the secondary replicas Primary service handles all requests State is periodically synchronized between the Primary service and all replicas It is similar to hot backup It is similar to Warm Backup

    Choices C, D and F are correct. In Passive Replication, the primary service handles all requests. The state of the replicas is periodically synchronized. In the event that the primary service fails, one of the replicas takes over after its state is synchronized (with log files, for example.) In concept, passive replication is similar to that of Warm Backups. Hence choices C, D and F are correct. Only in Active Replication, the primary service and all replicas respond to all requests. Hence choice A is incorrect. Choice B seems to indicate that Passive replication uses some kind of load distribution mechanism. Hence choice B is incorrect. Passive replication is similar to warm backups as opposed to active replication, which is similar to hot backups. Hence choice E is incorrect. 4 A B C D E CORBA is a standard for Messaging using virtual channels called Queues Standardized development practices Messaging using virtual channels called topics Accessing distributed object systems in many platforms and languages Accessing Distributed object systems based only on Java Technologies

    Choice D is correct. Common Object Request Broker Architecture (CORBA) is a standard for distributed communication involving applications written using different languages . Hence choice D is accurate. Queues are the mechanism by which two parties communicate in a Point-to-Point asynchronous messaging paradigm. Hence choice A is incorrect. Choice B indicates that CORBA is a methodology, as opposed to a standard and is incorrect. Topics are the mechanism through with Publish Subscribe messaging is accomplished. Choice C is incorrect. Although choice E talks about distributed object systems, it is referring to pure Java objects. CORBA is used object distribution involving different languages. Hence choice E is incorrect. 5 A B C D RMI-IIOP does not provide which of the following capabilities? Remote Method Invocation Stub Downloads Objects pass by value (state only) Distributed Garbage Collection

    Choices B and D are correct. RMI-IIOP does not support Stub downloads and distributed garbage collection. Hence choices B and D are correct. Both Remote Method Invocation and Objects pass by value are supported by RMI-IIOP. Hence choices A and C are incorrect. 6 A B C D Which of the following are not true about Screen Scrapers? Screen scrapers function as Terminal Emulators on one end and as Object Interfaces on the other. Screen Scraping may be a useful tool when used in conjunction with the off-board servers. Changes to legacy UI has little or no impact on the new GUI Screen Scraping is best used when the legacy clients have loose coupling with other tiers.

    Choices C and D are correct. When using screen scrapers, any changes to the legacy user interface will also affect the new GUI. Also screen scraping is the best alternative only if the existing UI is very tightly coupled with the business tier of the legacy application. Hence choices C and D are false and therefore the correct choices. Choices A and B are true about screen scrapers and hence incorrect.

    7 A B C D E

    Which of the following methods may be present in the Home Interface of an Entity Bean? create() findByPrimaryKey() remove() locateByPrimaryKey() retrieveBean()

    Choices A, B and C are correct. The Home Interface provides methods for creation, location and removal of beans. Hence you could find create(), findByPrimaryKey() and remove() methods in the bean's Home Interface. Choices A, B and C are therefore correct. There are no methods like locateByPrimaryKey() and retrieveBean() in the Home Interface. Hence choices D and E are incorrect. 8 A B C D Undefined Primary Keys refers to? Refers to Entity Beans that do not use Primary Keys Primary Keys that are defined during development Primary Keys that remain undefined until the bean is deployed Entity Beans cannot have undefined Primary Keys

    Choice C is correct. One problem with container-managed persistence in EJB 1.0 was that the bean developer had to define the primary key during development. This forced the developer to make assumptions thus limiting the bean's portability across databases. EJB 1.1 allows the primary key to remain undefined until deployment. Hence choice C is correct. Choice A is incorrect because all entity beans must have a serializable primary key that can be used to uniquely identify an entity bean in the database. Undefined Primary Keys are not defined during development. Hence choice B is incorrect. Choice D is incorrect because it indicates that Entity Beans are not allowed to have undefined Primary Keys. This was true in EJB1.0 but not in EJB1.1. 9 A B C D Which of the following are valid life cycle states for a Stateless Session Bean? Does not Exist Pooled State Method Ready Pool Passive

    Choices A and C are correct. The two valid states in a Stateless Session Bean's life cycle are 'Does Not Exist' and 'Method Ready Pool.' When Beans are not instantiated they are said to be in the 'Does Not Exist' state. Beans transition from 'Does Not Exist' to 'Method Ready Pool' when instantiated. The container does this automatically, as needed. Hence choices A and C are correct. Pooled and Passive are not valid states in the lifecycle of a Stateless Session Bean. Hence choices B and D are incorrect. 10 A B Both CMT and BMT may be used with Entity and Session Beans. True or False? ***** True False

    Choice B is correct With EJB1.1 only Session Beans with <transaction-type> equal to 'Bean' can have bean-managed transactions. Entity Beans are not allowed to be BMT beans. Hence choice B is correct. 11 A session bean called SomeBean has a method called someMethod(), which calls someOtherMethod (same bean) followed by someOtherBeanMethod() of SomeOtherBean. SomeOtherBean is an Entity Bean with CMT. Which of the following is true? A B SomeOtherBean has no control on the transaction since it is a CMT bean. SomeOtherBean has full access to the UserTransaction object through which it can control the transaction.

    C SomeOtherBean has access only to the transaction methods in EJBContext, which gives it the power to veto transactions. D SomeOtherBean has access on the transaction only if the method had RequiresNew set as its transaction attribute. Choice C is correct. Only BMT beans have access to the User-Transaction from the EJBContext. The EJBContext provides the methods setRollbackOnly() and getRollbackOnly(), to provide CMT beans access to the transaction. The setRollbackOnly() method gives a bean the power to veto a transaction. Hence choice C is correct. Choice A is incorrect because the entity bean has the capability to veto the transaction. Choice B is incorrect because CMT beans only have the power to veto user transactions. Choice D makes an incorrect argument and is thus wrong.

    12 A B C D

    Which of the following is not a resource management technique? Maintaining a smaller pool of Stateless Beans to serve a large number of clients. Providing Database Connection Pooling Persistence of Entity Beans Passivation of Stateful Beans

    Choice C is correct. Persistence of Entity beans is the ability to save data represented by the bean into a database. It is not a resource management technique. Choice C is false and therefore correct. Maintaining a smaller number of beans to serve a larger number of clients is a very clever resource management technique. It is also an example of the Flyweight Design Pattern. Choice A is thus a resource management technique and therefore incorrect. Database connection pooling, a similar concept as bean pools, is also a good resource management technique. Choice B is therefore incorrect. With Stateful Session Beans, the container uses passivation to manage memory. In passivation the state of the bean is serialized and its memory freed up for reuse by other services. Hence bean passivation is a memory management technique making choice D incorrect. 13 A B C D E F G Which of the following are invalid states in the life of a Stateful Session Bean? Does Not Exist Method Ready Pool Method Ready in Transaction Method Ready Ready Pooled Passive

    Choices B, E and F are correct. The valid life cycle states of a Stateful Session Bean are 'Does Not Exist', 'Method Ready', 'Method Ready in Transaction' and 'Passive'. 'Method Ready Pool' is a life cycle state of Stateless Session Beans. 'Pooled' and 'Ready' are life cycle states of Entity Beans. Hence choices B, E and F are correct.

    14

    What is the sequence of steps in the life cycle of a Stateless Session Bean?

    class.newInstance(), setSessionContext (ctx), ejbCreate()

    B C D

    ejbCreate(), setSessionContext (ctx), class.newInstance() class.newInstance(), ejbCreate(), setSessionContext (ctx) setSessionContext (ctx), ejbCreate(), class.newInstance()

    Choice A is correct. When Stateless Session Beans transition from 'Does Not Exist' to 'Method Ready Pool', the container invokes newInstance(), setSessionContext() and ejbCreate() methods. Hence choice A is correct. Although choices B, C and D have the same methods, the order in which they appear to be called is wrong. Therefore choices B, C and D are incorrect. 15 A B C D HTTPS is defined as HTTP with Security HTTP on secure line HTTP over SSL HTTP with SSL

    Choice C is correct HTTPS stands for HTTP over SSL. With HTTPS, SSL sits above the TCP-IP layer and below the application protocol layer. Hence choice C is correct. 16 A B C D E HTTP is Connection Less Connection Base Stateful Stateless Secure

    Choice B and D are correct. HTTP (HyperText Transfer Protocol) is a transport mechanism for MIME (Multipurpose Internet Mail Extensions) documents. MIME documents often contain HTML (HyperText Markup Language) code for display in browser windows. HTTP consists of a request sent by the client to the server, followed by a response sent from the server back to the client. HTTP uses TCP/IP as the underlying transport and network protocols. The following is taken from: http://www.w3.org/Protocols/Activity.html

    "Whenever a client accesses a document, an image, a sound bite etc. HTTP/1.0 creates a new TCP connection and as soon as it is done, it is immediately dismissed and never reused." "HTTP/1.1 fixes this in two ways. First, it allows the client to reuse the same TCP connection (persistent connections) again and again when talking to the same server. Second, it makes sure that the courier carries as much information as possible (pipelining) so that it doesn't have to run back and forth as much. That is, not only does HTTP/1.1 use less TCP connections, it also makes sure that they are better used. The result is less traffic jam and faster delivery." The following is taken from: http://www.w3.org/Protocols/HTTP/HTTP2.html "HTTP is a protocol with the lightness and speed necessary for a distributed collaborative hypermedia information system. It is a generic stateless object-oriented protocol, which may be used for many similar tasks such as name servers, and distributed object-oriented systems, by extending the commands, or 'methods', used." Hence choices B and D are correct. Since choices A and C are the opposite, they are incorrect. HTTP can be made secure by using 'HTTP over SSL' or HTTPS. But by itself, HTTP is not secure. Hence choice E is incorrect. 17 A B C D Asynchronous communication is achieved by using: Remote Procedure Calls RMI/IIOP Message Oriented Middleware CORBA

    Choice C is correct. Message Oriented Middleware or MOM is used for asynchronous messaging between applications. Most popular implementations support Point to Point (one to one) and Publish Subscribe (one to many) messaging. Hence choice C is correct. Remote Procedure Calls are used for synchronous communication between applications . CORBA and RMI/IIOP are two protocols that support RPC based communication . Hence choices A, B and D are incorrect. 18 A B C D Which of the following is not part of the Messaging architecture: Decentralized messaging using IP Multicasting Decentralized messaging using Secure Sockets Layer (SSL) Use of virtual channels called Queues Use of virtual channels called Topics

    Choice B is correct.

    Only choice B is not a standard paradigm in messaging architecture. Hence choice B is correct. IP Multicasting can be used as a technique for decentralized messaging. Queues and Topics are used with Point to Point and Publish Subscribe messaging. Hence choices A, C and D are incorrect. 19 A B C D In P2P, clients send messages to: A designated queue Multiple Queues A specific node for redistribution to subscribers CORBA compliant ORB

    Choice A is correct. P2P or Point to Point messaging is used for one to one communication between two components or applications. In the P2P model, message producers send messages to a designated queue. Hence choice A is correct. Although it is possible to mimic Publish Subscribe architecture by sending P2P messages to multiple queues, it is not a standard practice. Hence choice B is incorrect. In Publish Subscribe architecture, messages are sent to a specific node for redistribution to subscribers. Hence choice C is incorrect. CORBA is an RPC protocol and is not used for asynchronous messaging. Hence choice D is incorrect. 20 Happy Joe Banking Corporation is building a Banking application to provide online access to their account holders. They have chosen 2 SUN 450s for their web server cluster and 1 SUN E10000 for their application server. The business requirements indicate that to become a customer, a person must have at least a primary checking account with the bank. Further since the customer will be using the Internet to view confidential information, security is considered paramount. What do you understand about the requirements of the system? A The need for Security is a classic example of a functional service level requirement and the checking account rule, an example of non-functional QoS requirement. B The discussion about Security and the mandatory checking account both illustrate functional service level requirements. C Neither Security nor the mandatory Checking Account is an example of any kind of requirements, theoretically speaking. D {Security is an Architectural non-functional requirement and the Mandatory Checking Account a functional design requirement. E They are both examples of Business Use Cases.

    Choice D is correct.

    Successful software architecture deals with addressing the non-functional service level requirements of a system. The Design process takes all the functional business requirements into account. Security is considered a non-functional requirement and specific business rules, such as the one described with the checking account are considered functional requirements. D is the only choice that accurately describes this. A is incorrect because the functional and non-functional requirements are flipped over. B is incorrect because only one of them is a functional requirement. C is incorrect because as described above, one of them is a functional requirement and the other, a nonfunctional requirement. Finally E is incorrect because business analysis may start with use cases (where the checking account rules may be captured), but this discussion is specifically questioning functional vs. non-functional requirements. 21 In an interview between the senior management of Happy Joe Banking Corporation and the J2EE application architect Scott Khosla, the following points were discussed: I. II. The system needed to respond within 5 seconds The system is needed to have a 99.9% uptime

    III. HJBC was in the process of acquiring another bank which would add two hundred thousand customers to their already existing half million. IV. V. VI. 22 A B C D E Each phase of the SDLC was to have a clear sign off process. The development team was expected to provide a detailed unit test plan and user documentation. In order to ensure privacy, HTTPS was to be used. What non-functional requirements were discussed? Scalability, Availability, Extensibility, Manageability and Security Performance, Reliability, Elaboration, Transition, Documentation and Security Specification, Elaboration, Construction, Transition, Use Cases and Security Performance, Availability, Scalability and Security Reliability, Availability, Scalability, Manageability and Security

    Choice D is correct. The non-functional service level requirements discussed are Performance (system needs to respond within 5 seconds), Availability (system is needed to have a 99.9% uptime), Scalability (additional two hundred thousand subscribers), and Security (HTTPS is to be used.) Hence choice D is correct. There is no mention of extensibility (ability to easily add or extend functionality) and Manageability (ability to monitor the health of the system.) Hence choice A is incorrect. Specification, Elaboration, Construction, Transition, Documentation and use cases are not non-functional service level requirements. Hence choices B and C are incorrect.

    While scalability and reliability may be related (will the system perform as reliably when more users operate on it), there is no mention of reliability in the question. Hence choice E is incorrect. 23 N-tier applications show better performance than 2-tier applications because they are modular in nature, which means that they can be scaled easily, by tuning components and containers individually. True/False ? A B True False

    Choice A is correct. N-Tier applications (especially those based on J2EE) are designed to be very modular in nature. The tiers and layers separate roles and responsibilities of each component and container. Hence components and containers can be individually targeted and scaled as needed. This results in better performance. Hence choice A is correct. 24 Moon Microsystems has a web-based solution that was originally built using Servlets. However, in recent months, the IS manager has asked developers to use JSP technology with Java Scriptlets embedded in HTML code. Scott Khosla, the architect, however is insisting that the code be modularized and that EJBs be used instead of Servlets and JSP for business logic processing. In asking developers to modularize existing code, what software development technique is Scott asking the developers to follow?

    A B C D

    Code Break up Code engineering Code Tiering Code Factoring

    Choice D is correct.

    Software applications have a tendency to grow in complexity over time. When that happens, they become difficult to extend, maintain and modify. They also become hard to understand. Code factoring is a modularization technique that deals with the separation of responsibilities in code. Factored code has loose coupling and minimal dependencies, making components and code more reusable. Hence choice D is correct. There are no concepts like code break up, code engineering or code tiering. Hence choices A, B and C are incorrect.

    29 Fragile Oars, a manufacturer of boating supplies has a mainframe based legacy application for customer and order management. Recently, Fragile Oars embarked on a project to add Internet presence to its products and services and hence created a company website. Since then, its management has realized the importance of having an eFront and wants to start conducting business over the Internet. Fragile Oars wants to use Applets as the front-end. What is the best method to connect to this legacy system? A B C D Using the same applets Using different applets Using Java Server Pages Using Java Servlets

    Choice D is correct. The best approach in this case is to have the applets talk to Servlets that can act as mediators between the applets and the Legacy system. Hence choice D is correct. Applets and JSP are used to construct the view of an MVC application. They should not be used as controllers for dispatching requests. Hence choices B and C are incorrect. 30 Baby Bell is a new local Telephony provider in Chicago, IL. It has a legacy application for the B2B transactions with Verizon, the Incumbent Local Exchange Carrier (ILEC.) Baby Bell frequently purchases blocks of Telephone numbers from the ILEC using a CORBA RPC call. There numbers are then assigned to the customers in sequence. Sometimes customers request vanity numbers, in which case, a custom synchronous query is made on the ILEC's operational support system, to check for number's availability. If Baby Bell were to rewrite its existing legacy code using newer J2EE technology, what technology would you choose so that both the block purchase and the individual query might be accommodated? A Java Applet technology for the CORBA call and custom socket programming for vanity number requests. B C D E F Java Servlet API for the CORBA call and JSP for the custom socket programming Entity EJBs for both Session EJBs for both JNDI for both MQ Series with a JMS based solution for both

    Choice D is correct.

    Session beans can be used for making both the CORBA call for block purchase of telephone numbers and the custom synchronous call to request a special vanity number. Hence choice D is correct. Both operations represent business processes involving partner OSS. integration. Applets are not used for modeling the business workflow of a system. Hence choice A is incorrect.

    JSP represent the view construction process in an MVC application. They should not be used for processing business logic. Hence choice B is incorrect. Entity beans represent the business model of an application and provide a representation of enterprise data. They are not to be used for workflow processing which is better accomplished by using Session Beans. Hence choice C is incorrect. JNDI provides Naming and Directory interfaces not workflow processing. Hence choice E is incorrect. The question specifically says that a synchronous mechanism is to be used for the vanity number request. The CORBA RPC call for TN reservation is also synchronous. MQ Series is a MOM used for messaging. Messaging is an inherently asynchronous communication mechanism. Hence choice F is incorrect. 31 Julia Fractals Inc. is building a J2EE based application for Order Entry and management of their fractal software. Once the order is taken, it is submitted to a relational database. A provisioning system then queries data and makes appropriate calls to various subsystems using JMS on MQ Series. What design pattern is JMS an example of here? A B C D E Observer Mediator Adapter Bridge Visitor

    Choice D is correct. Bridge (GOF 151)"Decouple an abstraction from its implementation so that the two can vary independently." In this case JMS is the abstraction. The implementation could be MQ Series, TIBCO Rendezvous and Vitria Businessware. Hence choice D is correct. Observer (GOF 293)"Define a one-to-many dependency between objects so that when one object changes state, all its dependents are notified and updated automatically." Hence choice A is incorrect. Mediator (GOF 273)"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and lets you vary their interaction independently." Hence choice B is incorrect. Adapter (GOF 139)"Convert the interface of a class into another interface clients expect. Adapter lets classes work together that couldn't otherwise because of incompatible interfaces." Hence choice C is incorrect. Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates." Hence choice E is incorrect. 32 What design pattern best explains the use of the stub and the skeleton in CORBA based RPC applications? A B Factory Method Singleton

    C D E

    Strategy Proxy Decorator

    Choice D is correct. Proxy (GOF 207)"Provide a surrogate or placeholder for another object to control access to it." Hence choice E is incorrect. The applicability section (GOF 208) defines 'remote proxy' as"A remote proxy provides a local representative for an object in a different address space." Using the stub and the skeleton, CORBA based applications provide local representatives for distributed objects. Hence choice D is correct. Factory Method (GOF 107)"Define an interface for creating an object, but let subclasses decide which class to instantiate. Factory method lets a class defer instantiation to subclasses." Hence choice A is incorrect. Singleton (GOF 127)"Ensure a class only has one instance, and provide a global point of access to it." Hence choice B is incorrect. Strategy (GOF 315)"Define a family of algorithms, encapsulate each one and make them interchangeable. Strategy lets the algorithm vary independently from clients that use it." Hence choice C is incorrect. Decorator (GOF 175)"Attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassing for extending functionality." Hence choice E is incorrect. 33 An application has three Stateless Session Beans - SB1, SB2 and SB3. The stubs that implement the respective Home Interfaces are SH1, SH2 and SH3. A client application performs a JNDI lookup to obtain a reference to one of these Home Objects. This is then narrowed and used to create the remote reference to the corresponding remote object. What design pattern best explains the creation of the Remote Object, in this case? A B C D E Prototype Builder Factory Method Business delegate Service Locator

    Choice C is correct. Factory Method (GOF 107)"Define an interface for creating an object, but let subclasses decide which class to instantiate. Factory method lets a class defer instantiation to subclasses." Hence the closest pattern this concept is similar to is the Factory Method pattern. Therefore choice C is correct. Prototype (GOF 117)" Specify the kinds of objects to create using a prototypical instance, and create new objects by copying this prototype." Hence choice A is incorrect.

    Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction process can create different representations." Hence choice B is incorrect. The following is taken from: http://java.sun.com/blueprints/patterns/BusinessDelegate.html "In distributed applications, lookup and exception handling for remote business components can be complex. When applications use business components directly, application code must change to reflect changes in business component APIs. These problems can be solved by introducing an intermediate class called a business delegate, which decouples business components from the code that uses them. The Business Delegate pattern manages the complexity of distributed component lookup and exception handling, and may adapt the business component interface to a simpler interface for use by views." Hence choice D is incorrect. The following is taken from: http://java.sun.com/blueprints/patterns/ServiceLocator.html "Enterprise applications require a way to look up the service objects that provide access to distributed components. Java 2 Platform, Enterprise Edition (J2EE) applications use Java Naming and Directory Interface (JNDI) to look up enterprise bean home interfaces, Java Message Service (JMS) components, data sources, connections, and connection factories. Repetitious lookup code makes code difficult to read and maintain. Furthermore, unnecessary JNDI initial context creation and service object lookups can cause performance problems. The Service Locator pattern centralizes distributed service object lookups, provides a centralized point of control, and may act as a cache that eliminates redundant lookups. It also encapsulates any vendor-specific features of the lookup process." Hence choice E is incorrect. 34 When remote calls are made on the container provided implementations of the EJBHome and EJBObject, various transactional and security checks are applied before the call is actually passed on to the bean instance. The Container provided implementations of EJBHome and EJBObject are performing what Design Pattern's task? A B C D E Command Adapter Bridge Decorator Facade

    Choice D is correct. The intent of the Decorator pattern as described by GOF (175) -"Attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassing for extending functionality." A request intended for a component is routed to the decorator instead. The decorator forwards the request to the component. It may perform pre or post processing tasks before or after forwarding the request. J2EE is filled with examples of the use of design patterns. The container provided implementations of EJBHome and EJBObject decorate bean classes by providing transactional and security functionalities. Choice A is incorrect because Command is used to encapsulate a request as an object (GOF 233.) Choice B is incorrect because Adapter (GOF 139) converts the interface of a class into another interface clients expect. Choice C is incorrect because Bridge (GOF 151) decouples an abstraction from its

    implementation so that the two can vary independently and choice E is incorrect because Faade (GOF 185) provides a unified interface to a set of interfaces in a subsystem. 35 Compact Computers is a small computer assembly company. Their online application allows customers to pick and choose accessories to build their own PCs. The accessories are: i. Processor - 800Mhz, 1Ghz, 1.2Ghz

    ii. HDD - 40 GB, 60 GB, 80 GB iii. Memory - 128 MB, 256 MB, 512 MB If a computer can have exactly 1 processor, 1 HDD and 1 memory stick, what pattern would be best used here? A B C D E Factory Method Builder Prototype Abstract Factory Singleton

    Choice B is correct. Builder (GOF 97) separates the construction of a complex object from its representation so that the same construction process can create different representations. Here the complex object is a computer. A computer is always made up of exactly one processor, one HDD and one Memory stick (problem description.) However there is no predetermined formula for combining the parts. Hence Builder is the best pattern here and B is therefore the right answer. Answer A is incorrect because Factory Method (GOF 107) defines an interface for creating an object but lets subclasses decide which class to instantiate. You may use factories of factories to construct a complex object, but by itself, the Factory method is good for creating one out of many. Example: create one processor out of a set of three processors. Answer C is incorrect because Prototype (GOF 117) specifies the kinds of objects to create using a prototypical instance. Example: Given a processor, if you were asked to create a computer that used multi processors, this would be a good option. Answer D is incorrect because Abstract Factory (GOF 87) provides an interface for creating a family of related or dependent objects. If the question had defined a relation such as 'A computer of 800 MHz processor can only be coupled with a 40 GB HDD and 128 MB RAM stick', this would have been an ideal solution. Answer E is incorrect because Singleton (GOF 127) ensures that a class has only one instance (or a welldefined number of variable instances) and appropriate global pointers are available to the instance(s). 36 Ibid is an e-auction house that auctions refurbished products. Each product has a minimum bid price. Buyers can query the system for a list of products and then select a product to bid on. They can then place a higher bid on the selected product. Transactional Integrity is very important as dirty reads, non-repeatable reads and phantom reads can lead to data inconsistency. What technology combination might be most suitable for addressing Ibid's needs?

    A B

    Applets for presentation and JTA/JTS for transactional integrity HTML and JSP for presentation, and Servlets for data retrieval and transaction management.

    C Servlets and JSP for presentation, a stateful session bean with DAO for list retrieval and a stateless session bean for transaction management. D Servlets and JSP for presentation, a stateless session bean with DAO for list retrieval and CMT Entity bean for Transaction management. E Servlets and JSP for presentation, and a Java class to encapsulate database access and transaction management. Choice D is correct. The Model 2 architecture (based on the Model View Controller pattern) suggests that Servlets and JSP be used in the presentation tier. JSP combine template data with dynamic data to display dynamic content to the user. Servlets act as front controllers, and forward requests to appropriate events in the business logic tier. Unless concurrent use of shared data is involved, it may be an overkill to use Entity beans (as in the example of a simple list retrieval.) The list retrieval is therefore best accomplished by using a session bean with a Data Access Object (DAO.) Since the bidding represents concurrent use of shared data, this is best accomplished by using an Entity bean. Choice A is incorrect because this would not be an ideal application for applets. Choice B is incorrect because it suggests the use of Servlets for all retrieval and updates. Although possible, this is not recommended in the J2EE best practices as an ideal way when dealing with complex applications. Choice C is incorrect because it is suggesting that a stateless session bean be used for managing concurrent access to shared data, something best done by entity beans. Choice E is incorrect because though it may be suited for smaller applications that are not very transactional in nature, the discussion specifically talks about the need for transactional integrity. Therefore this is not the recommended solution. 37 Heartbreak Hospital has two applications - Patient Registration System and Patient Billing System. Patient Billing, an older application has CORBA interfaces for updating Billing Information. The newer Patient Registration system was built as a Java based Application. Heartbreak now wants to automatically update Billing Information from the Patient Registration Application. What Java technology may be most suited for this? A B C D E F RMI-JRMP RMI-JNI RMI-IIOP EJB Java IDL Java-CORBA Bridge

    Choice E is correct.

    The following is taken from: http://java.sun.com/j2se/1.3/docs/guide/idl/ "Java IDL adds CORBA (Common Object Request Broker Architecture) capability to the Java platform, providing standards-based interoperability and connectivity. Java IDL enables distributed Web-enabled Java applications to transparently invoke operations on remote network services using the industry standard IDL (Object Management Group Interface Definition Language) and IIOP (Internet Inter-ORB Protocol) defined by the Object Management Group." Hence choice E is correct. RMI-JRMP is used for distributed processing in a pure Java environment. Hence choice A is incorrect. There is no indication whether the Patient Billing system supports JNI. Hence choice B is incorrect. RMI-IIOP is useful when dealing with EJB applications. Hence choices C and D are incorrect. There is no such thing as a Java-CORBA bridge. The Java IDL API performs that function. Hence choice F is incorrect. 38 In which of the following cases would an application not necessarily benefit from the use of Enterprise Java Beans? A B C D Small Scale deployment Large scale deployment Transactional in nature No Transactional requirements

    Choices A and D are correct. Enterprise Java Beans are best used with large and complex enterprise applications with high deployment and transactional requirements. Hence choices A And D are correct. 39 A B C D The container applies what memory management techniques in the case of Session Beans? Bean Pooling Bean Passivation Bean Persistence Bean Purge

    Choices A and B are correct. While EJBs offer business services, EJB Containers offer many peripheral services such as memory management, persistence, transactions and so on. Bean Pooling (in the case of Stateless Session Beans) and Bean Passivation (in the case of Stateful Session Beans and Entity Beans) are two techniques the container uses for managing memory. Hence choices A and B are correct. Bean persistence refers to persisting the data represented by Entity Beans to physical storages such as Relational, Object or other databases. It has nothing to do with memory management. Therefore choice C is incorrect.

    There is nothing called Bean Purge. Beans are removed when the client calls the remove() method on the Home Interface (Stateful Session Beans) and when the container decides (in the case of Stateless Session Beans and Entity Beans which reside in Bean Pools when not in use.) In the case of Entity Beans, the remove() method also deletes the data the bean instance represents. Hence choice D is incorrect. 40 Outstanding Perf is a perfume manufacturing company. The management is currently in the process of architecting a new J2EE based solution for their online catalog. If performance is paramount and session state needs to be managed as well, it would be preferable to use HTTP and HTTPSession object as opposed to using HTTPS. True/False? A B True False

    Choice A is correct. The question specifies that performance is important. There is no mention of the security requirements. Apart from providing Session State, HTTPS includes additional functionality for allowing secure communication between the client and the server. Because of all the extra processing with encryption and decryption, HTTPS is slower than HTTP. Hence in this case, it may be preferable to use HTTP (which is stateless) with HTTPSession Object (to store state on the server.) Hence choice A is correct. 41 Staledexho, A renowned catering company has just contracted your services to track their orders. An online menu is available, for each country serviced. Customers choose what they want, the quantity and provide relevant billing information. Fed Ex ships the food in a special container. What classes and APIs are you most likely to use to support Internationalization? A B C D E F Locale Collection Interface ListIterator ResourceBundle KeyStore OutputStreamWriter

    Choices A, D and F are correct. The following is taken from: http://developer.java.sun.com/developer/technicalArticles/Intl/IntlIntro/ "Locales are used throughout the Java class libraries to customize how data is presented and formatted. They affect language choice, collation, calendar usage, date and time formats, number and currency formats, and many other culturally sensitive data representations. If you intend to create international Java applications, you'll definitely use the java.util.Locale class. There's no getting around it; you'll use Locales to create well-behaved, internationalized, multilingual Java applications. So, if you haven't had time to explore all the JDK 1.1 international features yet, you'll get a clearer understanding of the core of the internationalization model, the Locale, as you read and understand the descriptions and examples in this article.

    A Locale is a relatively simple object. It identifies a specific language and a geographic region. In fact, the only significant contents of a Locale object are language and country. Although superficially these attributes are not particularly impressive, they represent a very rich and interesting set of information. A Locale object represents the language and cultural preferences of a geographic area. Language is a fairly easy idea to grasp; cultural preferences may not be immediately clear. Dates, time, numbers, and currency are all examples of data that is formatted according to cultural expectations. Cultural preferences are tightly coupled to a geographic area; that's why country is an important element of locale. Together these two elements (language and country) provide a precise context in which information can be presented. Using Locale, you can present information in the language and form that is best understood and appreciated by the user. Resource Bundles - This internationalization feature of the JDK provides a mechanism for separating user interface (UI) elements and other locale-sensitive data from the application logic in a program. Separating locale-sensitive elements from other code allows easy translation. It allows you to create a single code base for an application even though you may provide 30 different language versions. Although you might be predisposed to think of text only, remember that any localizable element is a resource, including buttons, icons, and menus. The JDK uses resource bundles to isolate localizable elements from the rest of the application. The resource bundle contains either the resource itself or a reference to it. With all resources separated into a bundle, the Java application simply loads the appropriate bundle for the active locale. If the user switches locales, the application just loads a different bundle. Resource bundle names have two parts: a base name and a locale suffix. For example, suppose you create a resource bundle named MyBundle. Imagine that you have translated MyBundle for two different locales, ja_JP and fr_FR. The original MyBundle will be your default bundle; the one used when others cannot be found, or when no other locale-specific bundles exist. However, in addition to the default bundle, you'll create two more bundles. In the example these bundles would be named MyBundle_ja_JP and MyBundle_fr_FR. The ResourceBundle.getBundle method relies on this naming convention to search for the bundle used for the active locale. The java.util.ResourceBundle class is abstract, which means you must use a subclass of ResourceBundle. The JDK provides two subclasses: PropertyResourceBundle and ListResourceBundle. If these don't meet your needs, you can create your own subclass of ResourceBundle." The following is taken from: http://java.sun.com/docs/books/tutorial/i18n/text/stream.html "The java.io package provides classes that allow you to convert between Unicode character streams and byte streams of non-Unicode text. With the InputStreamReader class, you can convert byte streams to character streams. You use the OutputStreamWriterclass to translate character streams into byte streams." Thus we can see that Locale, ResourceBundle and OutputStreamWriter play a vital role in Java Internationalization. Hence choices A, D and F are correct. The Collection interface, ListIterator and KeyStore are not relevant to I18N. Hence choices B, C and E are incorrect. 42 A B C The conversion between 16-bit Unicode and 8-bit local encoding formats is done by: MessageFormat and NumberFormat Locale and ResourceBundle Properties files

    InputStreamReader and OutputStreamWriter

    Choice D is correct. The following is taken from: http://java.sun.com/docs/books/tutorial/i18n/text/stream.html "The java.io package provides classes that allow you to convert between Unicode character streams and byte streams of non-Unicode text. With the InputStreamReader class, you can convert byte streams to character streams. You use the OutputStreamWriterclass to translate character streams into byte streams." Hence choice D is correct. MessageFormat, NumberFormat, Locale, ResourceBundle and properties files are all used in I18N. These are not however used for conversion between Unicode character format and local 8-bit byte streams. Hence choices A, B and C are incorrect. 43 Fire Hall, manufacturers of fire extinguishers, is building a corporate Intranet and wants its employees to access payroll information via the Internet. They are planning to use Applets, because of its richer GUI capabilities. The View401K applet requires a Java 1.4 plug in on the host where it is being executed. This applet will read data cached on a temporary directory in the host to calculate 401K distributions. What are your observations on the use of Applets for this purpose? A The Applet technology is not a viable solution for this application because applets are subjected to the sandbox model, which prevents them from reading from or writing to the host where they are being executed. B The Applet technology is a viable solution for this application because the Security policy of the Java 2 Platform is totally flexible. Choice B is correct. The following is taken from: http://java.sun.com/docs/books/tutorial/security1.2/overview/index.html "JDK 1.1 introduced the concept of a "signed applet," as illustrated in the next figure. A digitally signed applet is treated like local code, with full access to resources, if the public key used to verify the signature is trusted. Unsigned applets are still run in the sandbox. Signed applets are delivered, with their respective signatures, in signed JAR (Java Archive) files. JDK 1.2 introduces a number of improvements over JDK 1.1. First, all code, regardless of whether it is local or remote, can now be subject to a security policy. The security policy defines the set of permissions available for code from various signers or locations and can be configured by a user or a system administrator. Each permission specifies a permitted access to a particular resource, such as read and write access to a specified file or directory or connect access to a given host and port. The runtime system organizes code into individual domains, each of which encloses a set of classes whose instances are granted the same set of permissions. A domain can be configured to be equivalent to the sandbox, so applets can still be run in a restricted environment if the user or the administrator so chooses. Applications run unrestricted, as before, by default but can optionally be subject to a security policy." As we can see, the Java 2 Security model is totally flexible. Hence choice B is correct.

    44 A B C D

    Which of the following statements is true about SSL? SSL runs above high-level application protocols such as HTTP and LDAP SSL runs below TCP-IP SSL runs above TCP-IP and below application protocols SSL does not have anything to do with either the application or the network layer in the OSI model

    Choice C is correct. The following is taken from: http://developer.netscape.com/docs/manuals/security/sslin/contents.htm "The Transmission Control Protocol/Internet Protocol (TCP/IP) governs the transport and routing of data over the Internet. Other protocols, such as the HyperText Transport Protocol (HTTP), Lightweight Directory Access Protocol (LDAP), or Internet Messaging Access Protocol (IMAP), run "on top of" TCP/IP in the sense that they all use TCP/IP to support typical application tasks such as displaying web pages or running email servers. The SSL protocol runs above TCP/IP and below higher-level protocols such as HTTP or IMAP . It uses TCP/IP on behalf of the higher-level protocols, and in the process allows an SSL-enabled server to authenticate itself to an SSL-enabled client, allows the client to authenticate itself to the server, and allows both machines to establish an encrypted connection." Therefore choice C is correct. Choice A is incorrect because it suggests that SSL runs above application protocols. Choice B is incorrect because it suggests that SSL runs below TCP/IP. SSL runs between TCP/IP and HTTP. Hence choice D is incorrect. 45 A B C D E What happens when the remove() method is called on the Home Interface of an Entity Bean? The remote reference is invalidated The bean instance is destroyed The bean instance is Passivated The data represented by the bean instance is deleted from the database The Bean Instance moves from pooled state to ready state

    Choices A and D are correct. The remove() method, in the case of Entity Beans, invalidates the client stub, and deletes the data represented by the bean, from the database. Hence choices A and D are correct. The bean instance is returned to the pool. It is not destroyed when the remove() method is called on an Entity Bean. Therefore choice B is incorrect.

    The container passivates the bean instance whenever required (for memory management.) It is not a consequence of the remove() method though. Hence choice C is incorrect. The Bean instance moves from the Ready State to the Pooled State upon removal, not the other way round as the point suggests. Hence choice E is incorrect. 46 A B C D What types of transactions are supported by Enterprise Java Beans? Implicit Declarative Transactions Explicit JTA based transactions Either A or B (based on vendor implementation) Both A and B

    Choice D is correct Enterprise Java Beans specification supports both Implicit Declarative transactions and explicit Java Transaction API (JTA) based transactions. Hence choice D is correct. 47 With Entity Beans, the container automatically generates implementations of all find methods at deployment time.True/False? A B True False

    The above statement is False. The container only generates implementations of the find methods at deployment time, in the case of Container Managed Persistence. 48 A B C D What does the ejbCreate() method return in the case of Entity Beans in EJB 1.1? A remote reference to the EJBObject for both BMP and CMP beans The Bean's Primary Key for both BMP and CMP beans A reference to itself in BMP and NULL in CMP NULL value of type BeanPK in CMP and Primary Key in BMP

    Choice D is correct. In EJB1.0, the ejbCreate() method returned void. In EJB1.1, a null value of the bean's primary key type is returned by the ejbCreate() method (in CMP.) In BMP, the ejbCreate() method returns the primary key of the newly created entity. Hence choice D is correct. The Container intercepts the return value from the Bean and returns a remote reference to the remote object, to the calling client. Hence choice A is incorrect. Choice B suggests that the Primary Key of the newly created instance is returned in both CMP and BMP. Hence it is incorrect. The Bean instance never returns a reference to itself upon creation. Hence choice C is incorrect.

    49 You have just started a new job working for a top finance company and you have been asked to provide a user-friendly interface to an existing mainframe application. You don't have any access to the mainframes source code. What is the best technique for this? A B It can't be done. Use a screen scraper.

    C Re-write the main frame using Java and high-end Unix servers. Although it may take some time to do this in the long run this will benefit the company. D E F F Write a Java front end then use CORBA to communicate with the mainframe. Use the Java Native Interface (JNI) to communicate with the mainframe. Use object Mapping Use JMS

    B is correct choice. The key to this question is that you don't have access to the mainframes source code. A screen scraper emulates a mainframe terminal. Basically the screen scraper logs on to the mainframe like a normal user and sends requests to the mainframe and then reads the response. The problem with a screen scraper is that if you change any of the mainframes code there is always the possibility that the screen scraper will stop working.Choice A is incorrect because it can be done. Choice C would take far too long, would cost too much and is not what the customer wants. Choice D, E and F are not appropriate are would require access to the mainframes source code. Choice G is incorrect because there is no mention that the mainframe supports a messaging system. Some of them do and even provide interfaces for JMS however as it's not stated in the question then this is not the right answer. 50 The company you have been working for has released the next generation of its sales system. You have several very powerful servers and a few basic servers at your disposal. A network expert has suggested that in order to get the best possible performance out of these machine you use reverse proxy load balancing? What is reverse proxy load balancing? A Splitting requests evenly amongst all back end servers

    B The proxy sits behind the backend servers monitoring the performance of each one. When it notices one is being used too much it will automatically forward requests to a different server. C Splitting requests amongst all back end servers depending on the amount of spare CPU time each server has available. D A technique used to target certain requests to certain backend servers, e.g. All Servlet requests from one server. All static HTML from another. E A way of filtering out certain requests. It is used to protect against denial of service attacks

    Choice D is correct. Reverse proxy load balancing is generally used when you have servers with different amounts of CPUs and Memory. You might have some really powerful servers just to be used for SSL sessions and others to handle static html. Using this will maximise the performance of your applicationChoice A is a description of round-robin load distribution. Choice B doesn't describe any particular method of load

    balancing. Choice C is an inaccurate description of reverse-proxy load balancing and you would need access to the mainframes source code to do this. Choice E is a cross between a firewall and a standard proxy server this does not do any load balancing.

    51 You are working for a web design company and one of your clients would like to convert their website that currently uses Perl and CGI scripts over to a language that is easier to maintain and reuse. Their website is a sports betting website where the customer is able to logon and place bets on a variety of different sporting events. What would you replace this with? A B C D JSP/Servlets JSP/Servlets/EJBs JMS ASP

    Choice B is correct. The key to this question is that the site offers the facility to place bets online. Therefore transactions are involved and this means that Enterprise Java Beans need to be used. It is very hard to implement transactions with just Servlets and JSPs. Hence choice B is correct.Choice A is incorrect because transactions are involved. JMS is the messaging package of the J2EE and therefore C is incorrect. And choice D well, enough said! 52 You are in charge on converting an existing web based solution over to the appropriate J2EE technology. What should you use? The website offers the customers price comparisons on a variety of different products. Revenue is generated by click through sales when the customer has found the best price. A B C D JSP, Servlets JSP, Servlets, EJBs Applets, EJBs No need to change it PERL/CGI scripts is the best solution.

    Choice A is correct. The key to this question is that the revenue is generated by click through sales; this implies that there are no transactions involved. If transactions were involved then you would use EJBs as well.Choices B and C are incorrect because there are no transactions involved in this application. PERL/CGI scripts are harder to maintain than Java code so choice D is not the best option. 53 Your 3-tier application has been deployed in a production environment and has been running smoothly for over 3 months. However recently due to a Television campaign you're getting 3 times the normal volume of traffic. To cope with this you decided to introduce Round-Robin load balancing. How is round robin load balancing going to help with the extra traffic? A Splitting requests evenly amongst all back end servers

    B The proxy sits behind the backend servers monitoring the performance of each one. When it notices one is being used too much it will automatically forward requests to a different server.

    C Splitting requests amongst all back end servers depending on the amount of spare CPU time each server has available. D A technique used to target certain requests to certain backend servers, e.g. All Servlet requests from one server. All static HTML from another. Choice A is correct. Round-Robin load balancing is the process of splitting requests evenly irrespective of the request type (i.e. SSL, JSP, HTML). If you have 3 servers as the first request comes in it goes to the first sever, second request to the second server and the third request to the third server. As the fourth request comes in the process starts again and so this request is forwarded to the first server.Choices B and C are not descriptions of any known load-balancing technique. Choice D is a description of reverse proxy load balancing. This is generally used when you have servers with different amounts of CPUs and Memory. You might have some really powerful servers just to be used for SSL sessions and others to handle static html. Using this will maximise the performance of your application. 54 A Fortune 500 company wishes to add new functionality to its existing sales system and has contracted you as the lead architect for the project. The legacy system has been written in C++ and they wish to keep this system running although they may switch over to full Java solution later, depending on the performance of the new extra functionality. How will connect to this legacy system? A Wrap the application using JNI and make it accessible using RMI.

    B Rewrite the C++ code in Java. This shouldn't be too hard because it's converting from one objectorientated language to another. C D Use a screen scraper. Use CORBA to talk to the C program then get the CORBA to talk to the RMI server.

    Choice A is correct. JNI stands for Java Native Interface and is used to allow Java to communicate with programs written in languages like C. In effect you are wrapping the C code to make it available to Java. For example you will wrap a C method called debitAccount(int amount) with a similar Java method, the Java method will just call the C method. This means you can now make the method accessible via RMIChoice B is incorrect because this is not what customer wants, you must stick to the requirements. It would be inappropriate to use a screen scraper here so choice C is incorrect. Although choice D might be possible, to get this to work would take far more work than is actually required. You would need to get the C and CORBA programs working first then try and interface CORBA and RMI, which is not necessary, in this case. 55 The IT company you are working currently doesn't offer the facility for customers to buy PCs bundled with printers. Luckily they have just struck a deal with another printer company. The list of printers they offer is maintained in a database that runs on one of the printer companies servers. You need to connect to this database however you don't have a JDBC driver that you can install on the server. The database server does have an ODBC driver installed on it. How do you connect to the database? A You can't, change the data store.

    B Get the printer company to write a web page that you can pass SQL requests to. (You would simply send SQL queries as POST requests and the output would be the ResultSet) This should be implemented securely using SSL with client and server authentication C Wrap some JNI access code around the OBDC driver then connect using JDBC.

    D E F

    (Don't implement the solution using Java. Send the database requests as JMS method calls Use the JDBC-OBDC bridge driver.

    Choice F is correct. The key to this question is that with the JDBC-ODBC you are not connecting to the database directly you are connecting to the ODBC driver instead. So it doesn't matter what the database is as along as there is an ODBC driver available .Choice A is incorrect because it can be done. Although choice B may work it is not the best solution, the JDBC-ODBC Bridge is the best solution. You don't need to wrap JNI code around the ODBC driver to connect to it. Hence choice C is incorrect. Choice D is incorrect because it is possible to connect to the data source using Java. Choice E is incorrect because there is no mention of any Message server in the question and this is not suitable technology for the job. 56 A work colleague has been describing a mainframe application that your company uses to maintain their sales data. He says that the next application you will need to design will involve screen scraping, as he can't see how else the connection to the mainframe will be possible. What is screen scraping? A A plastic tool to get ice off a car windscreen.

    B A program that interacts with a mainframe passing requests from the users directly to custom written code that you have added in the mainframe. C D E F A program that emulates a mainframe terminal and passes user input to the mainframe. A program that's supplied by the mainframe for Java programs to interact with. Your colleague is wrong. It will be quite easy to connect directly to the mainframe using Java. A program that uses JNI to access the mainframe.

    G A program that use JMS to send messages to the mainframe. Note this only works if the mainframe has a message server built into it. Choice C is correct. A screen scraper emulates a mainframe terminal. Basically the screen scraper logs on to the mainframe like a normal user and sends requests to the mainframe and then reads the response. The problem with a screen scraper is that if you change any of the mainframes code there is always the possibility that the screen scraper will stop working.Choice A maybe true but it's not the right kind of screen scraper! Choices B and F require that you have access to the mainframes source code. Screen scrapers are written as and when they are needed, the mainframe vendor does not supply them so choice D is incorrect. Your colleague is right. Therefore choice E is incorrect. Choice G is incorrect because although you can communicate with mainframes via JMS the process is different from screen scraping. 57 You are working for a company with a worldwide presence; their offices are spread across many countries and over many computer networks. Virtual private networks have been set up to increase security. What are Virtual Private Networks are where are they created? (VPNs) A A network created between two other networks (these are not located in the same place, geographically). Encryption and Authentication are used in the VPN. Normally the VPN is a network on top of an untrusted network (like the Internet).

    B The area between two firewalls. You let traffic from the Internet into this area (through the first firewall) but not through the second firewall (to your secure network). C The secure (inner) network as described in answer B.

    D A network created between two other networks (these are not located in the same place, geographically). Encryption and Authentication are NOT used in the VPN. Normally the VPN is a network on top of a trusted network (like the Internet). Choice A is correct. The answer given in choice A explains what a Virtual Private Network is (VPN). Choice B describes a DMZ; choice C the local area network in the DMZ and choice D is incorrect because encryption and authentication are used in the VPN. 58 A B What is object mapping? The process of converting a class diagram to Java code. A program that emulates a mainframe terminal and passes user input to the mainframe.

    C The process of building object wrappers around Java interfaces. This allows the legacy system to interact with your Java application. D The process of building object wrappers around legacy interfaces. This makes the legacy system available in an OO fashion. Choice D is correct. Object mapping is used when accessing legacy systems. You need access to the legacy system's source code in order to do this.Choice A sounds plausible but is incorrect. Choice B is a description of a screen scraper. There is no need to build object wrappers around Java interfaces. Choice C describes the opposite. Hence choice C is incorrect. 59 You are the lead architect for a project that will require you interfacing with existing CORBA systems. You are planning to use Java IDL to integrate with these other systems. Which of the following statements about Java IDL are true? A B Allows Java to use CORBA Should be used when most of your new Java applications will be entirely Java based.

    C Should be used if you have already been using CORBA for a while and wish to carry on with some CORBA systems D Java IDL has nothing to do with CORBA. To communicate with CORBA you will need to use JNI (Java native interface) and J2C (Java 2 CORBA)t+Same as E expect you won't need to use JNI. E Java IDL should be used when servicing messaging requests from CORBA clients.

    Choices A and C are correct. The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/index.htmlJava IDL adds CORBA (Common Object Request Broker Architecture) capability to the Java platform, providing standards-based interoperability and connectivity. Java IDL enables distributed Web-enabled Java applications to transparently invoke operations on remote network services using the industry standard IDL (Object Management Group Interface Definition Language) and IIOP (Internet Inter-ORB Protocol)

    defined by the Object Management Group. Runtime components include Java ORB for distributed computing using IIOP communication.Choice B is incorrect because you should use RMI-IIOP instead of Java IDL. Choices D and E are not true as Java IDL adds CORBA capability to the Java platform. Choice F is incorrect because Java IDL shouldn't be used when servicing requests from CORBA clients and the reference to messaging is a red herring. 60 You are designing an Enterprise Application to provide a way for customers to buy products from many companies through one standard site. The application servers you have use the EJB specification 1.1. You have a customer bean and are not sure whether to use CMP or BMP. When should you use CMP? A B C D When performance is essential and you are storing standard data types. When performance is not essential and you are storing standard data types. When performance is essential and you are storing complex data types. When performance is not essential and you are storing complex data types.

    Choice B is correct. Please note that this is referencing EJB1.1This is a time dependent question as technologies have changed. When Sun wrote the EJB specification 1.1 Application Servers weren't very efficient at generating SQL used for persistence and it used to be recommended that you use BMP instead. However App Servers have improved and some would argue that CMP is now more efficient than BMP. In the SCEA guidebook by Cade it says BMP will out perform CMP. When the exam is updated to EJB 2.0, the answer to this question would probably change.Choice A is incorrect because BMP can be more efficient than CMP. CMP cannot cope with mapping complex data types to a database very efficiently. Hence choice C is incorrect. Even if performance is not an issue, it is still recommended that you use BMP when storing complex data types. Therefore choice D is incorrect. 61 You've written all the UML diagrams you need for your companies online store. Other developers and architects have approved them. Now you are deciding which Enterprise Beans will use Container Managed Persistence (CMP) and which will use Bean Managed Persistence (BMP). When should you use BMP? A B C D When performance is essential and you are storing standard data types. When performance is not essential and you are storing standard data types. When performance is essential and you are storing complex data types. When performance is not essential and you are storing complex data types.

    Choices A, C and D are correct. Please note that this is referencing EJB1.1This is a time dependent question as technologies have changed. When Sun wrote the EJB specification 1.1 Application Servers weren't very efficient at generating SQL used for persistence and it used to be recommended that you use BMP instead. However App Servers have improved and some would argue that CMP is now more efficient than BMP. In the SCEA guidebook by Cade it says BMP will out perform CMP. When the exam is updated to EJB 2.0, the answer to this question would probably change.Choice C is incorrect because using Container Managed Persistence will increase the portability of the Enterprise Bean and should be used wherever possible. 62 Your company has won a contract with a major supermarket company to allow customers to do their grocery shopping online. As this will involve a huge number of shoppers you have decided to opt

    for a J2EE solution. When creating the Enterprise Beans to be used in this application what components do you need?

    A A Home interface, A Remote Interface and a class that implements either the SessionBean or EntityBean interfaces. B C D A Home interface and a class that implements either the SessionBean or EntityBean interfaces. A Remote interface and a class that implements either the SessionBean or EntityBean interfaces. A Remote interface and a class that implements the EnterpriseBean interface.

    E An EJBObject interface, a Remote interface and a class that implements either the SessionBean or EntityBean interfaces. F An EJBObject interface, a Home interface and a class that implements either the SessionBean or EntityBean interfaces. Choice A is correct. You need a Home interface that has create() and find() methods, a Remote interface to define your business methods, and a class that implements either the SessionBean or EntityBean interfaces.Choice B is incorrect because you also need a Remote interface. Choice C is incorrect because you also need a Home interface. Choice D is incorrect because you need the Home interface and a class that implements either the SessionBean or EntityBean interfaces. Choices E and F are incorrect because you don't need an EJBObject interface. 63 A What is the difference between Stateful session beans and stateless session beans? Stateful session beans are pooled and Stateless session beans aren't.

    B A Stateful session bean can persist its state through a server crash but a Stateless session bean can't. C A Stateful session bean can remember its state with a client, like a conversation but a Stateless session bean can't. D A Stateful session bean uses a Primary Key interface to maintain persistence.

    Choice C is correct. An example use for a stateful session bean would be a shopping basket because it maintains its state. However a stateless session bean can't and instead should be used as a service e.g. credit card validation. A stateful session bean cannot survive a server crash, as none of its data is permanently stored like Entity beans.Choice A is incorrect because Stateless session beans are pooled. Choice B is incorrect because a stateful session bean cannot survive a server crash. Choice D is incorrect because the data in a stateful session bean is not stored on a database and therefore there is no Primary Key interface for stateful session beans. 64 A B What is the difference between stateful Session beans and Entity beans? Stateful session beans can survive a server crash but Entity beans can't. Entity beans can survive a server crash but Stateful session beans can't.

    C D

    Session beans are typically used to make calls on Entity beans. Entity beans are typically used to make calls on Session beans.

    Choices B and C are correct. Entity beans represent data on a database whereas session beans represent workflow. It is very expensive to create Entity beans and the code can become quite complicated. Hence you should use the Session-Faade pattern, where the customer talks to a Session bean which in turn talks to the Entity bean.Choice B is incorrect because session beans cannot survive a server crash and in choice D the description is the other way around. 65 You have an application that will be used for customers to buy service engineers time and extend warranties online. You have several different Enterprise Beans in this application for example, Customer, Warranties, CreditCardValidation etc. It's a long time since you've coded EJBs (normally your time is spent designing applications at a higher level) and you've forgotten which methods should go in which interface. What methods do you put in the Remote interface? A B C D Defines create(), find(), remove(Object) methods. Defines signatures of EJB's business methods. Defines the persistence of the bean, e.g. how to persist etc. Defines all methods that the client can call on the EJB.

    E You don't need a Remote interface for an EJB. An EJB consists of a Home interface and an EJBObject interface. Choices B and D are correct. The Remote interface is used to define all of the methods that can be called by the client on the Enterprise Bean. If you try and call a method that exists in the Enterprise bean class but hasn't been defined here you will get a RemoteException.The methods in choice A are defined the Home interface. Choice C describes information that would be found in the deployment descriptor and application server. Choice E is incorrect because a remote interface (that implements javax.ejb.EJBObject) is required. 66 You are designing an Enterprise Bean to represent a customer in your new application. You have many methods for this EJB for example:createAccount()deductAmount()create()find()Which of these methods needs to go in the Home Interface and what is it used for? A B C D Defines create(), find(), remove (Object) methods. Defines signatures of EJB's business methods. Defines the persistence of the bean, e.g. how to persist etc. Defines all methods that the client can call on the EJB.

    E The createAccount(), deductAmount() methods need to go in the Home interface as it defines the business methods. Choice A is correct. The Home interface defines the create(), find(), and remove() methods.The Remote interface is used to define all of the methods that can be called by the client on the Enterprise Bean. If you try and call a method that exists in the Enterprise bean class but hasn't been defined in the remote interface, you will

    get a RemoteException.Choice B is incorrect because these are methods defined in the Remote interface. Choice C describes information that would be found in the deployment descriptor and the application server. Choices D and E describe the Remote interface. 67 A B C D Select the most appropriate use for an Entity Bean? Store state for a particular client. To store data permanently such as financial data. Store state for any client, not any in particular. Provide a service to the client.

    Choice B is correct. The key to this question is"select the most appropriate" there are a two possible right answers. (B) Is the most correct because it has the word permanently in the answer. Entity beans represent data on a database. It might be possible to argue that (A) is also right because maybe that is a customer Entity Bean storing their address and personal details. But there is no reference to permanent data storage. Hence (B) is the better answer.Choice C would require either a stateless or stateful session bean. The reason it could be either is because it says"not any particular client". Choice D would typically require a stateless session bean. 68 You've managed to work out what the next big online shop will be way ahead of everyone else, and are currently designing it. Although the design is still in a rough stage and you have yet to secure sponsors to take it into production you have already decided on some of the Enterprise Beans that you will need. You know you will need a customer EJB, Shopping basket EJB, another EJB to be used when accessing data on a legacy system. You know you will need many more but what would be an appropriate use for a Stateless Session Bean? A B C D To represent a shopping basket. Provide a service to the client. Store state for a particular client. To access data on a legacy system.

    Choice B is correct. Stateless session beans can't remember which client they were last talking to and any data they might hold is not saved in a database. Stateless session beans are used to provide a service. E.g. credit card validation.Choice A is incorrect because a shopping basket would require state (a Stateful Session Bean). Choice C would require a Stateful Session Bean or Entity Bean depending on whether the data needed to be permanently stored for that client. Although choice D is possible this isn't the most appropriate use for a stateless session bean. 69 In a Catalog Enterprise Bean, (used in an online sports shopping site) you have code that will be executed when ejbPassivate() and ejbActivate() are called. The code is used to perform basic house keeping tasks. You need to know when the code will execute so which of the following statements are true? A B ejbPassivate() is called prior to passivation. ejbPassivate() is called immediately after passivation.

    C D

    ejbActivate() is called prior to activation. ejbActivate() is called immediately after activation.

    Choices A and D are correct. The descriptions in choices B and C are the wrong way round. 70 You have never worked with J2EE application servers before and are about to release your first 3Tier application. Your company already has a strong customer base so you expect a huge volume of traffic over the first few days of the launch. You're not to sure how your application server will cope with all the customers but a colleague reassures you that the Enterprise beans are pooled and the performance of the system will be fine. What are the benefits of bean pooling? A B C Improves response time between client and bean Means you need fewer instances of the beans and therefore increases scalability. Means you need fewer instances of the beans but this does nothing for increasing scalability.

    D Means you keep more instances of the beans in memory but this improves performance of the Application server ten fold. Choice B is correct. Bean pooling is just like database connection pooling. There is no point having a few thousand instances in memory when you could get by with 50. When a bean is in a pooled state it is not associated with any particular client.The following are wrong because:You could argue that by bean pooling it reduces the load on the application server and this indirectly improves the response time. However this choice (A) is not the most appropriate. Choice C is incorrect because bean pooling does increase scalability. Choice D is incorrect because you keep fewer instances of the beans in memory. 71 A B C D Which of the following statements are true with regards to bean pooling? The EJB specifies how many instances to pool at deployment time. Although bean pooling improves performance it doesn't offer any advantages in Scalability terms. If your server has enough memory you should avoid bean pooling. The application server depending on the beans usage decides the number of instances to pool.

    Choice A is correct. You can say how many instances should be pooled at deployment time.Choice B is incorrect because bean pooling does increase scalability. There is no need to avoid bean pooling and if you didn't do it the amount of memory you would need would be far too expensive. Hence choice C is incorrect. The number of beans to pool is set at deployment time. Hence choice D is also incorrect. 72 A B Its not just Stateless Session beans that are pooled, Entity beans are as well. True/False? TRUE FALSE

    The above statement is true.

    Yes they are both pooled to reduce the load on the Application server.

    73 A B C D

    When should RMI over IIOP be used? RMI over IIOP is used all the time with standard RMI. When performance doesn't matter. When you are dealing with a pure Java system, no legacy systems etc. When RMI is used with Enterprise Javabeans.

    Choice D is correct. The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/jidlFAQ.htmlRMI-IIOP - If you are writing most of your new applications using the Java programming language, but need to maintain legacy applications written in other programming languages as well, you will probably want to use Java RMI with its IIOP compiler option.Choice A is incorrect because JRMP is the standard for RMI. Whether you use IIOP or JRMP is irrelevant in terms of performance. Hence choice B is incorrect. You should use standard JRMP in the case choice C describes. 74 As part of your online shopping site you need customers to be able to pay for their goods securely. You have decided that you will use SSL with 128bit encryption to transmit the credit card details. What port number does HTTPS run on and can it be configured to run elsewhere? A B C D E 8443 and yes it can run elsewhere 8443 and no it can not run elsewhere it must run on this port 443 and yes it can run elsewhere 622 and yes it can run elsewhere 443 and no it can not run elsewhere it must run on this port

    Choice C is correct. As a standard HTTPS runs on port 443 but it can be configured to run elsewhere. With web servers such as Tomcat the SSL port is 8443. 75 You are designing an application that will use JRMP over IIOP. The Network engineers at your company would like to know what port you intend to use to access the internet and other networks so that they can make it available on the companies firewall. What port do you ask for? A B C D E 443 535 1099 8443 80

    Choice C is correct.

    JRMP runs on port 1099 as standard although it is possible to run it on a different port.Choice A is the standard SSL port number. IIOP uses port 535. Web servers such as Tomcat use the port 8443 for SSL. And choice E is the standard HTTP port. Although you wish to access the internet you are not making http requests.For more information please refer to the following URL:http://www.iana.org/assignments/portnumbers
    76 A B C D You need to replace ASP scripts. What J2EE technology do you use? JMS, JSP and Servlets JSP and Servlets JTA, JSP and Servlets Applets

    Choice B is correct. ASP and JSP have a very similar syntax so it makes sense to replace ASP with JSP. You should also try and extract parts from the ASP script that perform controller operations or other processing and implement them as Servlets.Choice A is incorrect because the Java Message Service and has nothing to do with web pages. There is no mention of transactions in the questions and if there was it would probably be better to use EJBs as well so choice C is incorrect. Although choice D is possible this is not the best answer as there would be too much work involved in creating the Applets. 77 As part of your new application you need to connect to a database. You don't have any access to the database server so you can't change the ODBC driver that's currently installed. How do you connect? A B C D CORBA JMS-JNI JDBC-ODBC bridge JDBC

    Choice D is correct. The key to this question is that you don't need to install a new ODBC driver or anything like that, you can connect to the database directly via JDBC . CORBA is used for distributed systems not database connectivity so choice A is incorrect. Choice B wouldn't work and choice C isn't necessary, as the question doesn't say that you can't use a normal JDBC driver. 78 A B C When would you choose RMI-JRMP over CORBA? When you are designing a pure Java solution. When you are designing a solution that will not be pure Java but will mainly be in Java. When you will interact with applications written in other languages such as C/C++

    When performance is essential.

    Choice A is correct. The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/index.htmlThis is a fundamental question and it's important to understand the distinction between these two ways of integrating the Java programming language with CORBA. Java IDL is for CORBA programmers who want to program in the Java programming language based on interfaces defined in CORBA Interface Definition Language (IDL). This is "business as usual" CORBA programming, supporting Java in exactly the same way as other languages like C++ or COBOL. RMI-IIOP (Remote Method Invocation over Internet InterORB Protocol) is for Java programmers who want to program to the RMI interfaces, but use IIOP as the underlying transport. RMI-IIOP provides interoperability with other CORBA objects implemented in various languages - but only if all the remote interfaces are originally defined as Java RMI interfaces. It is of particular interest to programmers using Enterprise JavaBeans (EJB), since the remote object model for EJBs is RMI-based.You would use RMI-IIOP in choice B. In choice C you would use CORBA. CORBA actually slightly outperforms RMI. Hence choice D is also incorrect. 79 You have a distributed system that is not made up entirely of Java objects (some of them are CORBA) what technology should you use? A B C D RMI-JRMP CORBA Rewrite the objects so the system in entirely Java based RMI-IIOP

    Choice B is correct. The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/jidlFAQ.htmThere are several scenarios that will define how you will want to create distributed CORBA applications. Here are some of them: Java IDL - If you have been developing CORBA applications using IDL for some time, you will probably want to stay in this environment. Create the interfaces using IDL, and define the client and server applications using the Java programming language to take advantage of its "Write Once, Run AnywhereTM" portability, its highly productive implementation environment, and its very robust platform. RMI-JRMP - If all of your applications are written in the Java programming language, you will probably want to use Java RMI to enable communication between Java objects on different virtual machines and different physical machines. Using Java RMI without its IIOP option leverages its strengths of code portability, security, and garbage collection. RMI-IIOP - If you are writing most of your new applications using the Java programming language, but need to maintain legacy applications written in other programming languages as well, you will probably want to use Java RMI with its IIOP compiler option.RMI-JRMP would be used in an all Java solution so choice A is incorrect. There is no need to rewrite the objects so the system in entirely Java based so choice C is incorrect. There already are CORBA objects so although choice D is possible it is not the most appropriate answer. 80 A B C When would you use a JDBC-ODBC Bridge? This is the standard, and is used all the time. When you have to use a database that has an ODBC driver but the JDBC driver doesn't exist. When you are connecting to a database running on a Windows server (NT, 2000 etc).

    When you need faster response times.

    Choice B is correct. You are basically connecting to the ODBC driver as opposed to directly to the database. Choice A is incorrect; normally you would just connect directly via JDBC. Whether you are connecting to a database running on a Windows server (NT, 2000 etc) makes no difference at all. Hence choice C is incorrect. The JDBC-ODBC bridge will not increase performance as described in choice D. 81 You have had enough with all the UML tools on the market as none do exactly what you want them to. So you've decided to design your own. However when designing it you realise that certain parts will be really complicated for example you have a Diagram object that is made up of lots of other objects. This diagram object can be used for a variety of different diagrams including class and sequence diagrams. When you create it you only want to specify its type and content. What pattern should you use? A B C D Abstract Factory Factory Method Builder Decorator

    Choice C is correct. The builder pattern separates the construction and representation of an object. The client is shielded from the objects construction only needing to specify it's content and type.The Abstract Factory pattern is used for creating many objects that are dependent on each other. Hence choice A is incorrect. The Factory Method pattern provides an interface for creating an object that allows either sub classes or helper classes to create that object. Hence choice B is also incorrect. The Decorator pattern isn't used to build objects. It adds extra functionality to existing objects. Hence choice D is incorrect. 82 You need to interface with an existing application. You have full access to the source code and UML diagrams from the existing application. Part of the requirements implies that you will need to connect unrelated objects together. You want to know whether the Bridge pattern or the Adapter pattern will be suitable. Which of the following are true about the Bridge and Adapter patterns? A The Adapter pattern implements an interface known to its clients and provides an instance of a class not known to its clients. B The Bridge pattern implements an interface known to its clients and provides an instance of a class not known to its clients. C The Adapter pattern creates a separation between abstractions and classes that implement those abstractions. D The Bridge pattern creates a separation between abstractions and classes that implement those abstractions. Choices A and D are correct. As the answers state the Adapter pattern implements an interface known to its clients and provides an instance of a class not known to its clients. And the Bridge pattern creates a separation between abstractions and classes that implement those abstractions. Choices B and C are incorrect because the descriptions are the other way around.

    83 As part of your new application you need to create a custom class loader so that you can implement with custom security. So you need to create objects without knowing the class of the objects or how to create them. What pattern should you use for this? A B C D E Abstract factory Factory Method Builder Prototype Singleton

    Choice D is correct. This pattern is used to create new objects by copying its prototype.The Abstract factory pattern is used for creating many objects that are dependent on each other. Therefore choice A is incorrect. The Factory Method pattern provides an interface for creating an object defers creation to either sub classes or helper classes. Hence choice B is incorrect. The Builder pattern separates the construction and representation of an object. The client is shielded from the objects construction only needing to specify it's content and type. Choice C is therefore incorrect. The Singleton pattern creates either one or a variable number of instances of a class making choice E incorrect. 84 You are creating a web application for an online product ordering system. You will be using data from several different databases and to reduce the load on the databases you have decided to use connection pooling. You have a ConnectionPool class and you want one pool for each database however you will have to connect to a variable number of databases. What pattern should you use? A B C D E Abstract factory Factory Method Builder Prototype Singleton

    Choice E is correct. The Singleton doesn't just create a single instance it can also be used to create a variable number of instances of a class.The Abstract factory pattern is used for creating many objects that are dependent on each other so choice A is incorrect. The Factory Method pattern provides an interface for creating an object defers creation to either sub classes or helper classes. Hence choice B is incorrect. The Builder pattern separates the construction and representation of an object. The client is shielded from the objects construction only needing to specify it's content and type. Choice C is hence incorrect. The Prototype pattern is used to create new objects by copying its prototype. Choice D is therefore incorrect. 85 You are interfacing with a server that is running as a JMS server and email server. Basically your company has an online shopping store and when a customer buys something you need to send an email confirmation. Email requests will be sent as JMS messages so as to reduce the load on the email server. Does JMS provide the implementations to allow you to send these messages to the email server? True/False? A TRUE

    FALSE

    The above statement is False. The JMS only defines interfaces there are no implementation classes in the package. So you will need to write all of the implementations yourself. 86 A B Is Point-to-Point (PTP) is based on message queues? TRUE FALSE

    Choice A is correct. Point-to-Point messaging is typically used where a client application sends a message to another application. This is the one-to-one messaging paradigm. In contrast, Publish Subscribe, allows broadcast communication (one-to-many.) 87 Your have decided to let people shopping at your site receive confirmation emails when they buy online. The emails will not contain their credit card numbers but will contain the amount they have been charged. A JMS request to an email server will be used to do this. However you are worried about how secure this will be but a college re-assures you that JMS has security built into it. Is this true? True/False? A B TRUE FALSE

    The above is false. The JMS only defines interfaces so you will need to design your own security around this. 88 You've designed an application that allows customers to buy chapters of e-books. Due to the success of the project this will be launched as a worldwide application. In the process of converting this application to be suitable for worldwide use, which of the following will you use? A Java runs with already as standard 16bit characters as standard so you don't need to use any particular classes to change the text. All primitive objects can be used. B C D E F java.text package java.lang.Integer Class java.lang.Number Class java.international package java.Unicode package

    Choice B is correct. The java.text package contains classes such as MessageFormat and NumberFormat, these classes are used to layout text in the appropriate way.Choice A is incorrect; primitive objects cannot be used. Choices C and D are incorrect because the way numbers are displayed is different in most countries. The packages named in choices E and F don't exist.

    89 A B C D E

    Which of the following are used in Internationalization? java.lang.Long Class java.lang.Float Class java.lang.Number Class java.lang.String class char primitive class

    Choices D and E are correct. The String and char primitive classes are used in the process of Internationalization.Choices A, B and C are all incorrect because its the way numbers are displayed that is different in most countries. 90 A B C D What is the ResourceBundle class used for? To store information about the program, like an external configuration file. To store parts of the program that is Locale sensitive, e.g. the text on a message window. To get access to local system resources such as files etc. To access properties of the users environment, language and a region.

    Choice B is correct. A ResourceBundle is used to store all parts of a program that you will need to change as part of Internationalization. For example you could put the text for dialog messages there and when it came to displaying the dialog, the program will look up and retrieve the appropriate text based on the country of the user.Choice A is incorrect because the ResourceBundle doesn't store any information about the program like an external configuration file. The ResourceBundle doesn't give you any access to local resources. Hence choice C is incorrect. The properties of the user's environment, language and a region are found in the users system properties, not the ResourceBundle. Hence choice D is also incorrect. 95 A B C D When should you use Java IDL and when should you use RMI-IIOP? You should use Java IDL when using Enterprise Javabeans. You should use RMI-IIOP when using Enterprise Javabeans. You HAVE to use RMI-IIOP when using Enterprise Javabeans. Java IDL can be used even if the remote interfaces were originally defined as RMI interfaces.

    E RMI-IIOP can be used with CORBA only if the remote interfaces were originally defined as RMI interfaces. F RMI-IIOP can be used with CORBA even if not all of the remote interfaces were originally defined as RMI interfaces. G It comes down to programmer preference as both can be used in all situations.

    Choices B and E are correct.

    The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/index.html This is a fundamental question and it's important to understand the distinction between these two ways of integrating the Java programming language with CORBA. Java IDL is for CORBA programmers who want to program in the Java programming language based on interfaces defined in CORBA Interface Definition Language (IDL). This is "business as usual" CORBA programming, supporting Java in exactly the same way as other languages like C++ or COBOL. RMI-IIOP (Remote Method Invocation over Internet Inter-ORB Protocol) is for Java programmers who want to program to the RMI interfaces, but use IIOP as the underlying transport.

    RMI-IIOP provides interoperability with other CORBA bjects implemented in various languages - but only if all the remote interfaces are originally defined as Java RMI interfaces . It is of particular interest to programmers using Enterprise JavaBeans (EJB), since the remote object model for EJBs is RMI-based. Choice A is incorrect; Java IDL has nothing to do with Enterprise Javabeans. In choice C you can use JRMP instead of IIOP if you want. So this choice is incorrect. Choice D is incorrect because Java IDL requires CORBA interfaces not RMI interfaces. Choice F is incorrect as all the interfaces must be defined as RMI interfaces. Choice G is incorrect because although sometimes Java-IDL and RMI-IIOP could be used for the same thing, generally a situation will suit one more than the other. 96 You have an online shopping application that has been deployed for some time. Previously all sales had been diverted to another company. Because of the popularity of your site now, you have decided that your application will handle credit card sales, going forward. You will use JMS to send requests to charge credit cards to a separate server. You need an instant response as to whether the credit card transaction was approved. What type of messaging do you use? A B C D E Publish/Subscribe Point-to-Point Topic Messaging Instant Messaging You wouldn't use messaging

    Choice E is correct. If you need an instant response you probably wouldn't use messaging. The idea of messaging is that you can send messages to other applications and let them process the messages in their own time. For this solution it will be better to use an EJB and directly query the credit card validation server.Choice A suggests that messages will be broadcast (one-to-many.) For credit card validations, there is no need to broadcast the request. Besides the question says that an"instant response is required." Messaging is inherently asynchronous. Hence choice A is incorrect.Point-to-Point or P2P is a one-to-one messaging architecture. JMS does provide APIs that allow send-and-forget and send-and-respond messages. Though a synchronous request is mimicked here, messaging architecture, unlike RPC models, is not truly synchronous. Note: In some P2P implementations (where a synchronous response is required using messaging), the sender puts the message in a queue. The receiver polls its queue and reads the message. The receiver then sends a response to another queue, which the sender is polling for responses and so on. So though the credit card validation can be achieved through P2P messaging, if a synchronous RPC call is available,

    that would be the preferred option.Topic Messaging is the same as Publish Subscribe. Hence choice C is incorrect. Instant Messaging refers to a method of chatting on the Internet. Hence choice D is incorrect. 97 You are working for a company that aims to provide its customers with the facility to buy and sell shares online. You have been looking through the requirements document and notice that the process of selling/transferring shares is very complicated due to the constant price change. Hence you are required to control transactions at a very fine level of granularity. Should you use CMT or BMT?CMT = Container Managed TransactionBMT = Bean Managed Transaction A B CMT BMT

    Choice B is correct. BMT gives you the developer much greater control over the transaction. As the developer, you can start the transaction where you want and end it where you want.CMT does however give you the advantage of not having to worry about code related to the transaction you can just focus on the business logic instead.The following is taken from: http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.html In a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions instead. Although beans with container-managed transactions require less coding, they have one limitation: When a method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will make coding your bean difficult, you should consider using bean-managed transactions. 98 You have contracted by a company to assess an application currently deployed in production. The application meets all of the company's original requirements and is coping well with the current number of users. The company is quite happy with it. It has been written using PERL and CGI scripts and there are no transactions in this system. What do you recommend they do? A B C Migrate the solution to ASP based solution. Migrate the solution to JSP and Servlets. In the future this will be more maintainable solution. Keep it the way it is.

    D Migrate to JSP/Servlets and an Application server. In the future this will be more maintainable solution. Choice C is correct. The key to this question is:The application meets all of the company's original requirements and is coping with current number of users. The company is quite happy with it.There is no need to change an application that does everything it is supposed to do. Choice B is technically correct, JSP and Servlets will be more maintainable than PERL/CGI scripts but it is not the most appropriate answer. Choice D isn't correct for the same reasons as choice B, in addition to the fact that there appears to be no clear need for using an Application Server (there are no transactions and there is no mention of persistence requirements.) Choice A is also incorrect for the same reasons as choice B. 99 You have been contracted by a company to examine an existing system. It consists of PL/SQL stored procedures a JSP/Tomcat cluster of web servers and an Oracle database. The owners are saying that maintenance is their biggest problem, every time they try and change code they run into problems. What do you recommend they do? A Move the PL/SQL business logic into Servlets

    B There shouldn't be any problems with maintenance as the business logic has already been separated from the presentation and data store (PL/SQL stored procedures). C Separate the business logic by using an Application Server.

    D Look through the code making sure it is structured well and commented, separating any duplicated code into a common class. Choice C is correct. The key to this question is that the business logic has been implemented as PL/SQL stored procedures. This means there is a tight coupling between the data store and the business logic. This will have a direct affect on the maintenance of the application. To improve this the best thing to do would be move the business logic from the PL/SQL scripts to an Application Server and use Enterprise Beans. Another reason why this is the best choice is because they are already using JSP and Tomcat web servers. So the Application Server will integrate well into this solution. You could move the business logic into Servlets as suggested in choice A but this would create tight coupling between the business logic and presentation code. The application would still be hard to maintain, with problem areas at a different place. Choice B is incorrect as there is tight coupling between the data store and business logic. Even if the code is properly structured and commented there will still be tight coupling between the data stoe and business logic so choice D is incorrect. 100 You have a method that can execute in a transaction as part of that transaction but it doesn't matter if it doesn't. What is the correct attribute in the deployment descriptor? A B C D E Supports Not Supported Mandatory Required Leave is empty as this is the default setting

    Choice A is correct.

    A method must support execution within a transactional scope, if it is to be executed as part of a transaction. The word 'supports' also implies that although it can be part of a transaction, it doesn't have to. 'Not Supported' implies the method cannot be executed as part of a transaction. 'Mandatory' and 'Required' imply that the method must be executed as part of a transaction. Leaving the deployment descriptor empty is not the default setting for 'supports.'
    101 A B What do Isolatable and Durable mean with reference to ACID? Isolatable means only 1 transaction can execute at a time. Isolatable means the transaction is the same as other transactions in structure.

    C Isolatable means a transaction must execute without the interference from other processes or transactions. D E Isolatable means the transaction was started and finished in the same VM. Durable means the transaction is the same as other transactions in structure.

    F G H

    Durable means the integrity of the underlying data source is maintained. Durable means data must be written to the data source before the transaction is complete. Durable means the transaction was started and finished in the same VM.

    Choices C and G are correct.ACID stands for Atomic, Consistent, Isolatable and Durable. All transactions must adhere to this. Isolatable means a transaction must execute without the interference from other processes or transactions. And Durable means data must be written to the data source before the transaction is complete. 102 You are writing an application that will allow people to communicate directly with each other. The application will consist of a frame with two panels, they will type their messages in the top panel and read messages in the bottom panel. What is the best way to implement this application, as an Applet or a standard Java application? A B As an Applet. As a standard Java application.

    Choice B is correct. The reason for choosing the standard Java application over an Applet is all due to security restrictions. In the question is says that the users will need to communicate directly with each other, not back to the server from which the applet was downloaded. This wouldn't be allowed under standard Applet security permissions and although the security settings can be fully customized to allow applets to connect to different machine that is not what applets were designed for. Another key point to the question is that there is no requirement that this communication tool be made available over the web. So creating this as a standard Java application is the most appropriate choice. 103 A B C D What is true about CMT (Container Managed Transactions)? Works for both Entity and Session beans. It is more flexible than BMT. Can handle transactions at a much finer granularities than BMT. It is less flexible than BMT. Cannot handle transactions at a finer granularity than BMT. Does not work for both Entity and Session beans.

    Choices A and C are correct. Entity Beans can only use Container Managed Transactions (CMT) but Session Beans can use either CMT or Bean Managed Transactions (BMT). So choice D is the other way around. CMT is less flexible than BMT and cannot handle transactions at the same level of granularity as BMT, so choice B is incorrect as well.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction3.htmlIn an enterprise bean with container-managed transactions, the EJB container sets the boundaries of the transactions. You can use container-managed transactions with any type of enterprise bean: session, entity, or message-driven. Container-managed transactions simplify development because the enterprise bean code does not explicitly mark the transaction's boundaries. The code does not include statements that begin and end the transaction.http://java.sun.com/j2ee/tutorial/1_3fcs/doc/Transaction4.htmlIn a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions instead. Although beans with containermanaged transactions require less coding, they have one limitation: When a method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will make coding your bean difficult, you should consider using bean-managed transactions.

    104 You are developing an online shopping store for an art gallery. The company aims to bring fine art to the masses and expects a huge volume of traffic through the site. The site allows customers to pay for goods and arrange delivery methods using credit cards. You have read through the requirements and have a rough design in your head. Which of the following is the most appropriate rough design for this site? A Have an Entity Bean to represent the customer. Use a Servlet to manage the users session and use BMT to manage the transactions. B Have an Entity Bean to represent the customer. Use a Stateful Session Bean to manage the users session and use BMT to manage the transactions. C Have an Entity Bean to represent the customer. Use a Servlet to manage the users session and use CMT to manage the transactions. D Have an Entity Bean to represent the customer. Use a Stateful Session Bean to manage the users session and use CMT to manage the transactions. Choice C is correct. The key to this question is the choice of Transactions Bean Managed Transactions or Container Managed Transactions. There is no need to control transactions at a fine level of granularity and Entity Beans cannot take part in BMT. Hence CMT may be a better choice. The Servlet is a more appropriate choice for handling the users session however you would still need another Stateful Session Bean for the business logic of the application.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3fcs/doc/Transaction3.htmlIn an enterprise bean with container-managed transactions, the EJB container sets the boundaries of the transactions. You can use container-managed transactions with any type of enterprise bean: session, entity, or message-driven. Container-managed transactions simplify development because the enterprise bean code does not explicitly mark the transaction's boundaries. The code does not include statements that begin and end the transaction.http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.htmlIn a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions instead. Although beans with container-managed transactions require less coding, they have one limitation: When a method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will make coding your bean difficult, you should consider using bean-managed transactions. 105 When would you use the DAO pattern in regards to a Stateful Session Bean?

    DAO = Date Access Object CMP = Container Managed Persistence BMP = Bean Managed Persistence A B C D E When using CMP to reduce dependence on underlying data store. When using BMP to reduce dependence on underlying data store. When using BMP to increase performance. When using CMP to increase performance. You wouldn't use a DAO with Stateful Session Beans.

    When writing to a temporary store when ejbPassivate() is called

    Choice E is correct.

    You would normally use a DAO with BMP Entity Beans or Stateless Session Beans. Entity Beans permanently persist data and can survive server crashes. Choices C and D are incorrect because you would never use a DAO with CMP irrespective of the type of bean you were dealing with. The Data Access Object does not improve the performance of your application.When you use Bean Managed Persistence you are writing all the SQL needed to persist the bean yourself. This means that you are using database specific SQL and the same SQL might not work with a different database vendor. For simple operations like Catalog Retrieval, a Stateless Session Bean is often employed with DAO as well.The flow for such operations often looks like:JSPController (Request Processor / Request Dispatcher)Service LocatorSession BeanDAODatabaseWith both BMP Entity Beans and Stateless Session Beans, the Data Access Object pattern (DAO) is used to reduce the dependency between Enterprise Beans and the underlying database. This means that the data object manages the connection to the data source and if the data source changes you only need update this one object, the change doesn't affect the rest of your application.With Stateful Session Beans, the data is never permanently stored in a database. Therefore they cannot survive a server crash. Stateful Session Beans, as the name suggests, are used for maintaining conversational state with clients. They are generally more expensive in terms of resources (they are not pooled) and are therefore not normally used for simple database operations such as catalog retrieval. 106 What is the most important item in this list that should be considered when designing an application? A B C D E F G H I J Scalability Maintainability Reliability Meeting the needs of the customer Performance Ensuring the application is produced on time and within budget Secure That the application is technically the best possible solution Availability Extensibility

    Choice D is correct. The most important consideration when designing an application is that it meets the needs of the customer. Ensuring the application is produced on time and within budget is something that should be done but it is not the number one concern. The application does not have to be the best possible solution under the circumstances. As long as it meets the customer''s needs, it is considered adequate. Performance - A measure of the system in terms of response time or number of transactions per unit time. Load Distribution (e.g. DNS Round Robin) and Load Balancing are two techniques that aid in higher performance. Other development and deployment related tasks such as Application Tuning, Server Tuning, and Database Tuning also help the system perform better.Scalability - The ability of a system to

    perform and behave in a satisfactory manner with increases in load.Reliability - The ability of a system to assure the integrity and consistency of the application and all its data as the load increases.Availability - The ability of a system to assure that all services and resources are always accessible. This can be achieved through fault tolerance (the ability to prevent system failures in the event of service(s) / component(s) failures, commonly implemented via redundancy) techniques such as Active and Passive Replication.Extensibility - The ability to easily add new functionality to the existing system. This can be achieved by using best practices and well-defined architecture and design techniques.Maintainability - Ability to easily correct flaws in the existing system.Security - The ability to protect a system and all its components and services against potential attacks. Security attacks generally try to compromise confidentiality and integrity of the system. Sometimes they also take the form of 'Denial of Service' (DoS) attacks that bring down a system by flooding it with messages. Security can be addressed by the use of technologies (firewalls, DMZ, data encryption, Digital Certificates and so on) and methodologies (good security policies and procedures.)Manageability - The ability to monitor and perform preventive maintenance on a system. 107 Which list shows the correct order of Enterprise Beans in terms of resources?Note: Heaviest to lightest. A B C D E F Stateful Session Bean, Stateless Session Bean, Entity Bean Entity Bean, Stateful Session Bean, Stateless Session Bean Stateful Session Bean, Entity Bean, Stateless Session Bean Entity Bean, Stateless Session Bean, Stateful Session Bean Stateless Session Bean, Stateful Session Bean, Entity Bean Stateless Session Bean, Entity Bean, Stateful Session Bean

    Choice B is correct. An Entity Bean is the heaviest bean in terms of resources usage. The state of an Entity Bean is permanently persisted in a database. Making a connection to the database is expensive in terms of CPU time so this bean has to be the most expensive. Stateful Session Beans maintain their state by the Container writing the beans state to a temporary store such as a file. Stateless Session Beans are least expensive because they have no state to persist, even temporarily. 108 You need to maintain a user's session for a web application. Which protocol do you use? Note: There is no secure data in this application. A B C D E IIOP HTTPS SHTTP HTTP JRMP

    Choice D is correct. This is a trick question. At first you would think that the best possible choice would be to use HTTPS. However all the question is actually asking is how to maintain a user's session. This can be done through URL re-writing, cookies or letting the web server handle the session. Most modern web servers can track clients and maintain sessions for them. There is also no need for the security that HTTPS would give you

    and as encrypting each users session would be expensive in terms of CPU time choice B cannot be correct. JRMP and IIOP are Stateful protocols but are not suitable for web applications.

    109 You are designing an application to be used to edit photographs. The aim of the application is to provide effects such as converting a color picture to black and white, enlarging certain areas of the print, creating a watercolor effect etc. At the moment the application is structured so that the photographic image is represented by one object, other objects represent each effect and a control object is used to co-ordinate with these objects. When the user selects the color to black and white effect it changes the state of the Color object to Black and White. This then needs to co-ordinate with the control object and apply the effect. Basically as the state of the effects objects changes it need to co-ordinate with the photographic image object.Which design pattern do you use? A B C D E F Chain of Responsibility. Notifier Observer Mediator Command State

    Choice D is correct. The key to this question is that this application uses a Control object to co-ordinate state changes between objects. The Mediator pattern allows you to co-ordinate state changes between other objects by using one object. There is no design pattern called the Notifier in the Gang of Four book or in the J2EE blueprint patterns catalog. Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction independently."The other patterns were:Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request. Chain the receiving objects and pass the request along the chain until an object handles it."Command - (GOF 233):"Encapsulate a request as an object, thereby letting you parameterize clients with different requests, queue or log requests, and support undoable operations"State - (GOF 305):"Allow an object to alter its behaviour when its internal state changes. The object will appear to change its class."Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them interchangeable. Strategy lets the algorithm vary independently from clients that use it." 110 You are designing an application that will need to use SSL to transmit data securely from one application to another. You know that you can easily get hold of existing implementations of SSL to use in your application but you'd like to learn more about SSL and have decided to implement your own version. You know that as part of the SSL handshake the client and server must agree a method of encryption. The problem is you don't know which method of encryption that will be. Which design pattern will help with this? Note: This is not a web-based application. A B Decorator Interpreter

    C D E

    Strategy Composite Template Method

    Choice C is correct. There are really only two possible answers for this question, the Strategy pattern and the Template Method pattern. The Strategy pattern is the better choice because the algorithms are encapsulated so that they can be used interchangeably. So you can add RSA, DES, etc. and then during the handshake the server can select the appropriate encryption object.Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them interchangeable. Strategy lets the algorithm vary independently from clients that use it."The other patterns were:Interpreter - (GOF 243):"Given a language, define a representation for its grammar along with an interpreter that uses the representation to interpret sentences in the language."Decorator - (GOF 175):"Attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassing for extending functionality."Composite - (GOF 163):"Compose objects into tree structures to represent part-whole hierarchies. Composite lets clients treat individual objects and compositions of objects uniformly."Template Method - (GOF 325):"Define the skeleton of an algorithm in an operation, deferring some steps to subclasses. Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure." 111 You are a Computer Science lecturer at a top University. You are giving a presentation of a new piece of software you have written. Basically you have written the next generation spell checker, the reason yours is so good is that it can learn the common typing mistakes of an individual user. You have already sold licenses to many major software vendors and plan to retire in the Sun. However before you go they all require slight changes in the logic to suit their individual needs. What design pattern will help you slightly change the logic in a class to be used in many applications? A B C D E Strategy Adapter Mediator Interpreter Template Method

    Choice E is correct. Template Method - (GOF 325):"Define the skeleton of an algorithm in an operation, deferring some steps to subclasses. Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure."The other design patterns:Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them interchangeable. Strategy lets the algorithm vary independently from clients that use it."Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction independently."Interpreter - (GOF 243):"Given a language, define a representation for its grammar along with an interpreter that uses the representation to interpret sentences in the language." 112 A B When would you use the Visitor pattern? You need two unconnected objects to be able to send messages to each other. You need two connected objects to be able to send messages to each other.

    C You need to create a new operation on an object and you will change the classes of elements on which it operates. D You need to create a new operation on an object without changing the classes of elements on which it operates. Choice D is correct. To solve the problem described in choice A, you would use the Adapter pattern. There is no problem described in choice B as the objects are already connected and would be able to send messages to each other. In the Visitor pattern you don't change the classes of elements on which it operates.Visitor - (GOF 331):"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates." 113 You have been reading the Gang of Four pattern book again and you suddenly notice a similarity between a design pattern and publish-subscribe messaging. What design pattern is similar to publishsubscribe messaging? A B C D E F G Publisher pattern. Flyweight pattern. Observer pattern. Chain of Responsibility pattern. Subscribe pattern. Visitor pattern. Proxy pattern.

    Choice C is correct. The observer pattern is similar to publish-subscribe messaging. There are no patterns called Publisher or Subscribe in the Gang of Four pattern book.Observer - (GOF 293):"Define a one-to-many dependency between objects so that when one object changes state, all its dependents are notifies and updated automatically."The other patterns were:Visitor - (GOF 331):"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates."Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request. Chain the receiving objects and pass the request along the chain until an object handles it."Flyweight - (GOF 195):"Use sharing to support large numbers of fine-grained objects efficiently."Proxy - (GOF 207): "Provide a surrogate or placeholder for another object to control access to it."Publish Subscribe Messaging: Generally Pub/Sub is used when a one to many broadcast of messages is required. 'Producers' sends messages to many clients via virtual channels called 'Topics.' 'Consumers' receive messages by subscribing to topics. Consumers receive a copy of all messages in the topic they have subscribed to. The Publish Subscribe Architecture is generally a push-based model. Consumers may optionally establish 'durable' subscriptions that allow them to collect messages after periods of inactivity. 114 Which statements describe Publish-Subscribe Messaging and which describe Point To Point Messaging? A B Publish-Subscribe Messaging is a message queue system. Publish-Subscribe Messaging = One sender and one receiver.

    C D E F

    Point To Point Messaging = N senders and one receiver. Publish-Subscribe Messaging = 1 sender and n receivers. Point To Point Messaging is a message queue system. Point To Point Messaging = One sender and one receiver.

    Choices D and F are correct. Publish/Subscribe is like someone publishing one message on a bulletin board and that message being read by/emailed to many subscribers. (One - many). Point to point messaging is a one-to-one relationship e.g. a message from one application to another. (From one point to one other point)For more detailed explanations:Publish Subscribe Messaging: Generally Pub/Sub is used when a one to many broadcast of messages is required. 'Producers' sends messages to many clients via virtual channels called 'Topics.' 'Consumers' receive messages by subscribing to topics. Consumers receive a copy of all messages in the topic they have subscribed to. The Publish Subscribe Architecture is generally a push-based model. Consumers may optionally establish 'durable' subscriptions that allow them to collect messages after periods of inactivity.Point-to-Point Messaging: Point-to-point: The point to point messaging model allows both 'send and receive' and 'send and forget' messages, via virtual channels called 'queues.' The p2p model typically uses a 'pull' or 'polling' model. In this model, clients generally request messages from queues. 115 As part of an application you are developing you need to move the state of an object but not its behavior. What should you use? A B C D E HTTPS CORBA RMI JRMP IIOP

    Choice B is correct. CORBA only moves the state of an object but RMI moves the objects behavior as well. Choice A is not appropriate as it is a stateful protocol and is not a framework for moving objects. Choices D and E are incorrect as they are both names of protocols used by RMI and CORBA respectively. These are both protocols, not frameworks for moving objects. 116 Which of the following is an accurate description of what the java.text package used for with regards to Internationalization? A B C D Contains dictionaries of foreign languages. Contains classes used to read text in foreign languages. Contains classes that support locale-specific manipulation of text. Contains classes used to convert text into languages that use special symbols.

    Choice C is correct.

    The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/text/packagesummary.htmlProvides classes and interfaces for handling text, dates, numbers, and messages in a manner independent of natural languages. This means your main application or applet can be written to be language-independent, and it can rely upon separate, dynamically linked localized resources. This allows the flexibility of adding localizations for new localizations at any time.

    117 A B C D

    Which of the following statements about the Properties class are true?

    Is used to get access to local system resources such as files etc To store information about the program, like an external configuration file. It should only be used to store Strings. It should be used to store all types of objects.

    Choice C is correct. Although choice D is technically correct this kind of use is strongly discouraged (see below for an explanation). The Properties class stores no information about the Program and gives you no access to local system resources so choices A and B are incorrect.The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/util/Properties.htmlThe Properties class represents a persistent set of properties. The Properties can be saved to a stream or loaded from a stream. Each key and its corresponding value in the property list is a string. A property list can contain another property list as its "defaults"; this second property list is searched if the property key is not found in the original property list. Because Properties inherits from Hashtable, the put and putAll methods can be applied to a Properties object. Their use is strongly discouraged as they allow the caller to insert entries whose keys or values are not Strings. The setProperty method should be used instead. If the store or save method is called on a "compromised" Properties object that contains a non-String key or value, the call will fail. 118 You've designed an application that allows customers to buy chapters of e-books. Due to the success of the project this will be launched as a worldwide application. You need to be able to get access to the users environment to tell what language your application should display the text in. What class will help you do this? A B C D E F G Localization class Properties class Locale class National class International class Environment class Runtime class

    Choice C is correct. There are no classes called Localization, National, International and Environment as part of the Java Development Kit. The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/util/Locale.htmlA Locale object represents a specific geographical, political, or cultural region. An operation that requires a Locale to perform its task is called

    locale-sensitive and uses the Locale to tailor information for the user. For example, displaying a number is a locale-sensitive operation--the number should be formatted according to the customs/conventions of the user's native country, region, or culture.The Properties class represents a persistent set of properties. The Properties can be saved to a stream or loaded from a stream. Each key and its corresponding value in the property list is a string.Every Java application has a single instance of class Runtime that allows the application to interface with the environment in which the application is running. The current runtime can be obtained from the getRuntime method. 120 You have been developing a 3-Tier web application to sell imported cars at huge discounts to customers. You have many types of customers, ranging from individuals to corporate customers. You have Entity Beans to represent the Cars and Stateful Session Beans for the business logic involved in pricing and selling a car. In the Session Bean there are methods that apply discounts depending on who the customer is. You only want the client to be able to execute these methods for corporate customers. Is it possible to specify which methods can and can't be executed on a Session Bean or will this kind of security need to be coded by the developer? A B C Yes this is possible. No this will need to be coded by the Developer. It is not possible to do this even by writing you own code.

    Choice A is correct. It is possible to specify who is allowed to access to business methods. Firstly you define security roles e.g. <security-role> <description>A corporate customer</description> <role-name>Corporate</role-name> </security-role> Then you can grant method permissions, e.g. <method-permission> <role-name> Corporate</role-name> <method> <ejb-name>CarSale</ejb-name> <method-name>ApplyDiscount</method-name> </method> </method-permission> 122 You work colleague is always boasting about how fast his PC is. So as a lighthearted joke you decide to write an applet to slow his PC down. Basically you are going to write an applet that tries to work out the square roots of huge numbers. In order to use up his resources, your applet will spawn a new thread every twenty to thirty seconds. Will this work or would the Java security manager stop it.

    It will work.

    B The security manager kill the Applet as soon as it tries to use more resources than are specified in the security.policy file. C The Applet will only use up the memory it's initially allocated and therefore won't use up any more resources than that. Choice A is correct. Although Applets have very tight restrictions and execute within a sandbox they can actually use as many system resources as the operating system allows them. There is no reference to the amount of memory an Applet can use in the security.policy file so choice B is incorrect. Choice C is almost right but not the most appropriate choice. The operating system will allocate memory initially for the JVM to run in but it is possible for this to be extended once the JVM is running but this is entirely dependent on the operating system. 123 You have been given a JAR file that has been signed by a 3rd Party Vendor. A Trusted Certificate Authority (CA) has signed the 3rd Party Vendors certificate. Is it possible to add any more classes to this JAR file?True/False? A B Yes No

    Choice A is correct. When you sign a JAR file you are not signing the JAR file itself but individual files it contains. This means you can use a tool like WinZip to add new files (classes, images etc) to the existing JAR file without necessarily invalidating the signature. Note: The files that have been added won't be signed. 124 You are working on a new application that will help your company co-ordinate sales data across different departments. The aim is that everyone has the same sales data at the same time. This project needs to be finished as soon as possible. You have therefore bought some third party code to speed up the development process. The code has been signed and is packaged in a jar file. To test the signature the vendor of the software has emailed you the public key. What do you know about it? A B C D E F G The code is fully tested and performs the task it was designed for. The jar file contains no malicious code. The code could not have been modified after it was signed. If the public key doesn't validate the signature then you know all the code is malicious. The code could not have been modified after it was signed. If the public key validates the signature then you know all the code is safe. None of the above.

    Choice G is correct. There are two key elements to this question. Firstly this is a question about digital signatures, not digital certificates and secondly you were emailed the public key to validate the signature. You haven't been passed the public key in a secure fashion so how do you know that someone hasn't altered the code signed it and then intercepted the key that you were going to use to validate the signature. Digital

    certificates solve this problem and validate that a public key belongs to its real owner.Just because the code is signed it doesn't mean that it is fully tested and does what it is supposed to do. Choices B, C, D, E and F are incorrect because you don't know if you have the real public key to validate the signature.

    125 You should use EJBs even if there is NO data to persist in your application but there are transactions.True/False? A B TRUE FALSE

    Choice A is correct.

    It is recommended that you use Enterprise Javabeans if Transactions are involved in the application. See below for more details.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3fcs/doc/EJBConcepts2.htmlThe application must be scalable. To accommodate a growing number of users, you may need to distribute an application's components across multiple machines. Not only can the enterprise beans of an application run on different machines, but their location will remain transparent to the clients. Transactions are required to ensure data integrity. Enterprise beans support transactions, the mechanisms that manage the concurrent access of shared objects. The application will have a variety of clients. With just a few lines of code, remote clients can easily locate enterprise beans. These clients can be thin, various, and numerous.
    126 A B C D In EJB 2.0 what is the Component interface? The interface that Message-Driven Beans must implement There is no component interface in EJB 2.0. The new name for the Home interface. The new name for the Remote interface.

    Choice D is correct. Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of the SCEA.Message-Driven beans don't implement any interfaces in EJB 2.0. The Component interface is the new name for the Remote interface as introduced in the EJB 2.0 specification.Remote Interface (Component Interface in EJB 2.0): Defines the Bean's business methods. The Remote Interface extends javax.ejb.EJBObject.Home Interface: Defines the Bean's life cycle methods - creation, location and removal. The Home Interface extends javax.ejb.EJBHome. Note that the create method is optional for Entity Beans. This is useful when you do not want to clients to be able to insert data into the database. 127 You are working on a new application that will help your company co-ordinate sales data across different departments. The aim is to have everyone access the same sales data at all times. This project needs to be finished as soon as possible and you have bought some third party code to speed up the development process. The code has been signed using a digital certificate and packaged in a jar file. What do you know about it? Note: Digital certificates have been provided that have been signed by a trusted Certificate Authority. A The jar file contains no malicious code.

    B C D E

    The jar file was signed by the 3rd party vendor The jar file contents may contain malicious code. Someone impersonating the 3rd party vendor may have signed the jar file. The code is fully tested and performs the task it was designed for.

    Choice C is correct. All you actually know is that the code has been signed using the 3rd party vendors private certificate. You don't know that it was actually signed by the 3rd party vendor. For example if the certificate was copied or stolen then there is no guarantee that the thief hasn't distributed code signed with the stolen certificate. The jar file may contain malicious code or it may not, that is all you can guarantee. Just because code is signed doesn't mean it is fully tested and does what it was supposed to do. Choice E is therefore incorrect. 128 You have been contracted by a movie memorabilia company to set up an online shop. The company buys bulk goods from movie sets (stage props, costumes, gadgets etc), splits them into single items and then auctions them. The company used to hire sports halls or community centers to auction items in a traditional manner. They predict that by moving to an online solution they will reach a wider audience and make a greater profit despite the initial investment that the new system will involve. What is the most suitable initial design in the list below?

    A B C D E

    The business logic will be handled in a Servlet The business logic will be handled in a Stateful Session Bean Use Container Managed Transactions Use Bean Managed Transactions The customer will be represented wth an Entity Bean

    F There is no need for a customer bean as a customers interaction with the site is just business logic and will be handled in the Servlet/Stateful Session Bean G H I J Use Container Managed Persistence Use Bean Managed Persistence The sale items will be represented with an Entity Bean The sale items will be stored directly on a database

    Choices B, D, E, G and I are correct.

    This is question is really 5 mini questions. If the business logic is put into the Servlet you are creating Fat clients with presentation and business logic tightly coupled. Therefore it is more appropriate to use a Stateful Session Bean especially since the Bean can be used in the Session Faade pattern (See below). The site is an online auction site with bids being placed at different times. This implies that transactions will need to be handled at a very fine level of granularity therefore Bean Managed Transactions is the most appropriate choice.

    The customer and sales items both need to be persisted so they should be implemented as Entity Beans. The Entity Beans (customer and sales items) would not be complicated objects so Container Managed Persistence would be the better choice.Session Faade:A client should never"talk" directly to an Entity EJB. Instead a Session to Entity pattern called a Session-Faade should be used. As the name suggests, this pattern is based on the GoF Faade pattern. The Session Facade provides a simple interface to a complex subsystem. The simple interface is the Session Bean and the Complex subsystem is the Entity Bean. The client talks to the Session Bean, which in turn communicates with the Entity Bean.

    129 You have an application that is running in a DMZ that your company has set up. There are two firewalls, the first filters out packets based on destination ports other than port 80 (allows standard HTTP requests). The second filters out packets based on the origin IP address (only allows company IP addresses through). Can you connect to the application running in the DMZ from your Home computer? Note: The application running in the DMZ is on port 80. True/False?

    A B

    True False

    The above statement is True.

    DMZ stands for Demilitarized zone. To set up a DMZ you need two firewalls and you create 3 separate regions. The different regions are the internet, DMZ (in the middle) and the third is your network. You would have a server in the DMZ that is accessible to both the public and your network. The internet may not access your network but they can access the server in the DMZ. Your network must access the internet through the server in the DMZ.The key to this question is that you are not trying to connect to an application within the second firewall that filters out requests based on IP address. So you could definitely connect to the application from home.A Useful link:http://www.saintrochtree.com/networkadvices/000004.htm

    130 The Enterprise JavaBean 2.0 specification has introduced the notion of local Clients. What are Local Clients and why were they introduced?

    A Local Clients should be used when the web server is running on the same machine as the application server. B Local Clients should be used when Session Beans need to communicate with Entity Beans.t;Beans in the same Virtual Machine should use local Clients. C D E Local Clients have been introduced to make testing code easier. Local Clients have been introduced to improve maintainability. Local Clients have been introduced to improve performance.

    F Local Clients should be used when the database is running on the same machine as the application server.

    Choices C and F are correct.

    Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of the SCEA.Prior to the Enterprise JavaBean 2.0 specification all Bean clients were seen as remote clients. This meant that if a Session Bean needed to talk to an Entity Bean inside the same Virtual Machine it would still need to make a remote call. This obviously had a direct impact on performance. In EJB 2.0 Enterprise Beans can now treat other beans in the same VM as local clients. Local Clients can access the beans through its local and local home interfaces.Remote clients use passby-value but Local clients use pass-by-reference.For more information please see:http://java.sun.com/products/ejb/2.0.html

    131

    Which of the following offers an accurate description of Message-Driven Enterprise Beans?

    A Message-Driven beans are just a new way of describing a JMS message. This has been formalized with the EJB 2.0 specification. B A Message-Driven bean is an enterprise bean that allows J2EE applications to process messages asynchronously. C A Message-Driven bean is an enterprise bean that allows J2EE applications to process messages synchronously. D A Message-Driven bean is used when you need to interact with messaging systems other than JMS.

    E A Message-Driven bean is like a Session Bean except that if the server is busy it will put the Message-Driven beans' method requests in a queue and execute them one at a time to reduce the load on the Application Server.

    Choice B is correct.

    Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of the SCEA.As stated in choice B a Message-Driven bean is an enterprise bean that allows J2EE applications to process messages asynchronously. Choice C is incorrect because messages are sent asynchronously. Choices A, D and E are all factually incorrect. For more information about MessageDriven beans see below.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3fcs/doc/EJBConcepts5.htmlA message-driven bean is an enterprise bean that allows J2EE applications to process messages asynchronously. It acts as a JMS message listener, which is similar to an event listener except that it receives messages instead of events. The messages may be sent by any J2EE component--an application client, another enterprise bean, or a Web component--or by a JMS application or system that does not use J2EE technology. Message-driven beans currently process only JMS messages, but in the future they may be used to process other kinds of messages.

    132

    What's the biggest difference between Message-Driven Beans and Entity and Session Beans?

    A There is no difference in structure between Message-Driven Beans and Entity and Session Beans. They all have Home, Remote interfaces and a bean class. B C D Message-Driven beans don't have a Home interface. A Message-Driven bean is different from Session Beans because its state is persisted. Clients don't access Message-Driven beans through interfaces.

    Choices B and D are correct.

    Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of the SCEA.Choice A is incorrect, Message-Driven beans don't have Home or Remote interfaces, they just have a bean class. The state of Message-Driven beans is not persisted like Entity beans. So choice C is incorrect.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3fcs/doc/EJBConcepts5.htmlThe most visible difference between message-driven beans and session and entity beans is that clients do not access message-driven beans through interfaces. Unlike a session or entity bean, a message-driven bean has only a bean class.

    133

    When should you use Message-Driven Beans?

    If you need to send any JMS message.

    B When you need to use an external service such as a credit card validation service and performance is essential. C D When you need to send JMS messages asynchronously. When you need to send JMS messages synchronously.

    Choice C is correct.

    Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of the SCEA.Choice B is incorrect, Message-Driven beans will not increase the performance of a service. Choice D is the other way around and choice A is factually incorrect.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/EJBConcepts5.htmlSession beans and entity beans allow you to send JMS messages and to receive them synchronously, but not asynchronously. To avoid tying up server resources, you may prefer not to use blocking synchronous receives in a server-side component. To receive messages asynchronously, use a message-driven bean.

    134 You are developing an application that will have to support a huge number of users. You are worried about the performance of the application because you need to use many Entity Beans. A work colleague has suggested using the Value Object design pattern. What is the pattern and how will it benefit you?

    A snapshot of the state of an Entity Bean at a particular time.

    B An object that is used instead of an Entity Bean. For example if you were going to use a Customer bean you would create a Customer Value Object and the Application Server would use this instead. A Stateful Session Bean would control it. C An object that is used instead of an Entity Bean. For example if you were going to use a Customer bean you would create a Customer Value Object and the Application Server would use this instead. A Stateless Session Bean would control it. D E There is no such thing as a Value Object design pattern. There is a Value Object design pattern but it would not be appropriate to use it here.

    F A Value Object is the state of an Entity Bean that is kept in memory by the Application Server. (Its state is periodically persisted.) G A Value Object is the state of an Entity Bean that is kept in memory by the Application Server. (Its state is not persisted and the data becomes stale after a while.)

    Choice A is correct.

    Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of the SCEA.Every time you access an Entity Bean there is a significant overhead, as the call must go across the network and through the container to access the bean. One way to reduce the number of calls you need to make to Entity beans is by using the Value Object pattern. A Value Object (VO) is a snapshot of the state of an Entity Bean at a particular time. The idea is that a client will require more than one value from an Entity bean so instead of making several calls to an Entity Bean a Value Object is created containing all of these values. This Value Object is downloaded by the client so they can make the same calls only this time locally and directly on the bean. A Value Object is normally implemented as a JavaBean and is made immutable because there is no data synchronization (the JavaBean only provides getter methods).

    135 Your have been contracted by a company to upgrade their online shopping application. Their site sells health care insurance to customers at huge discounts. The process of buying insurance is complicated. They have however tried to simplify it as much as possible for the customer. When the customer arrives at their site to register, they fill out a 40-question questionnaire covering basic health and lifestyle information. The answers are then used for selecting the most appropriate level of insurance. (Each customer does NOT get a custom health care insurance agreement; they get the most suitable one out of a choice of 30). The customer then has the opportunity to purchase the insurance within seven days before the quote becomes void. Based on the rough description of the system which of the following is the most suitable design?

    Note: This question should be based upon the EJB 2.0 specification.

    A B C D E F G H

    The Customer should be an Entity Bean The business logic should be represented with a Stateful Session Bean. The business logic should be represented with a Servlet. The system should use CMT. Should use BMT. The Health Plan should be an Entity Bean that supports local clients. The Health Plan should be a Stateful Session Bean. The Health Plan should be a Stateful Session Bean that supports local clients.

    I There is no need for Customer Bean as there is no need to store the customers details just the Health Plan they bought. J The Customer should be an Entity Bean that supports local clients.

    Choices B, D, F and J are correct.

    Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of the SCEA.The data that needs to be persisted are the customer data and the Customer's Health Plans data (which one out of the 30 different plans.) Although the process of buying health care insurance sounds complicated (40-question questionnaire) the data that actually needs to be stored is very simple (customer id, health plan id etc). This means that CMT is more appropriate than BMT (choice E is therefore incorrect.) There is no benefit in putting the business logic in a Servlet, there still needs to be a Session Bean to talk to the Customer and Health Plan Entity Beans. It is also possible to use the Entity Beans local client interfaces (introduced in EJB 2.0) which will improve the performance of the application.

    136

    What are the benefits of synchronous messaging?

    A B C D

    Less coupling between the sender and receiver. Network doesn't have to be available. Does not block the sender. Good for transaction processing.

    Choice D is correct.

    Choices A, B and C are all describing asynchronous messaging. Synchronous, tightly coupled communication between distributed components: This is the model of CORBA, RMI, EJB and so on. The programming model is called Remote Procedure Call (RPC).Asynchronous, loosely coupled communication between components: This is the Message Oriented Middleware or MOM model. The programming model is called Messaging.

    137

    Can you use BMT (Bean Managed Transactions) with Entity Beans?True/False?

    Yes

    No

    Choice B is correct.

    Entity Beans can only use Container Managed Transactions (CMT) but Session Beans can use either CMT or Bean Managed Transactions (BMT). CMT is less flexible than BMT and can't handle transactions at the same level of granularity as BMT.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3fcs/doc/Transaction3.htmlIn an enterprise bean with container-managed transactions, the EJB container sets the boundaries of the transactions. You can use container-managed transactions with any type of enterprise bean: session, entity, or message-driven. Container-managed transactions simplify development because the enterprise bean code does not explicitly mark the transaction's boundaries. The code does not include statements that begin and end the transaction.http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.htmlIn a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions instead. Although beans with container-managed transactions require less coding, they have one limitation: When a method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will make coding your bean difficult, you should consider using bean-managed transactions.

    138

    How has Container-Managed Persistence Changed from EJB 1.1 - 2.0?

    A B C D E F G

    There has been no change with CMP but BMP has changed. The performance of CMP has been improved so it no now more efficient than BMP. The Bean class is now an abstract class. You no longer need a deployment descriptor. CMP doesn't exist in EJB 2.0 because BMP out performs CMP. You define the fields to be persisted in the Remote interface. You define the fields to be persisted in the Home interface.

    Choice C is correct.

    Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of the SCEA.The following is taken from:http://developer.java.sun.com/developer/technicalArticles/ebeans/EJB20CMP/Prior to the EJB 2.0 specification, a client stored and accessed persistent data via an entity bean's instance variables. With the introduction of the 2.0 specification, you can designate instance variables to be container-managed persistence fields (cmp fields) or container-managed relationship fields (cmr fields). You define these cmp and cmr fields in the deployment descriptor. You retrieve and set the values of these cmp and cmr fields using public get and set methods defined in an entity bean. Similar to the JavaBeans model, you do not access the instance variables directly, but instead use the entity bean's get and set methods to retrieve and set these instance variables. (An enterprise bean does not declare these instance variables.) Furthermore, you use the deployment descriptor to specify the relationships between entity beans. These relationship specifications serve as the schema definition, so that when the bean is deployed, the bean relationships may be captured in a relational database. For example, a relationship between two beans specified in the deployment descriptor may appear as a foreign key relationship in a relational database. Choice A is incorrect because CMP has been reviewed in EJB 2.0. Choices F, G and D are incorrect as specified in the above paragraphs. The performance of CMP has improved but not to the point where it is more efficient than BMP so choice B and E are incorrect.

    139 What are the benefits of the J2EE Blueprints Fast Lane Reader design pattern and when should it be used?

    A When you the performance of an application is essential and you need to perform lots of read/write actions. B C D E F Should be used when reading large amounts of read only data. Increases maintainability. Should be used when you need to access data that becomes stale very quickly. Can reduce the amount of code needed. Increases the amount of code needed.

    Choices B and E are correct.The following is taken

    from:http://java.sun.com/blueprints/patterns/FastLaneReader.htmlSometimes applications access data in a tabular fashion, such as when browsing a catalog or a list of names or when exporting data in batches for use elsewhere. This kind of data access is usually read-only. In such situations, using entity beans to represent persistent data incurs overhead and provides little benefit. Entity beans are best for coarse-grained access to individual business entities, and are not effective for read-only access to large quantities of tabular data. The Fast Lane Reader design pattern provides a more efficient way to access tabular, read-only data. A fast lane reader component directly accesses persistent data using JDBCTM components, instead of using entity beans. The result is improved performance and less coding, because the component represents data in a form that is closer to how the data are used. Choice F is incorrect because the Fast Lane Reader can reduce the amount of code needed. Choice C is not the most appropriate answer because although there is less coding involved it does not have a direct affect on the maintainability of the application. (It may even reduce maintainability by increasing the coupling between the data store and business logic). Choice A is incorrect because the Fast Lane Reader pattern should only be used with Read Only data. Although choice D is feasible it is not the most appropriate choice.

    140

    In which of the following situations would you use the Observer pattern?

    A When you need to have objects notified of events but you don't know which objects would have such needs, or if you will need to add more objects to receive such notification, at a later date. B You want one object to monitor when the state of another object but you don't want the object being monitored to need to send any messages regarding its state. C When the instances of your class can be use interchangeable and you want to reduce the number of instances created in order to improve performance. D You are building an online auction site to sell rare and collectable toys. You want customers to be notified of bids on items they are bidding for in as close to real time as possible. You would use the Observer pattern to notify the customer objects of changes in the auction object. E When you need to co-ordinate state changes between other objects by using one object.

    Choices A and D are correct.

    The observer pattern is used to notify an objects dependents' when that object changes state. Choice E is a description of the Mediator pattern. Choice C is incorrect because the Observer pattern does not reduce the number of instances you need to create. Choice B is almost correct except that messages are sent when the object being monitored changes state.Observer - (GOF 293): "Define a one-to-many dependency between objects so that when one object changes state, all its dependents are notifies and updated automatically."Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction independently."

    141 You need to access a complex object in a recursive waybuilding the object from other objects. This is an example of which pattern?

    A B C D E

    Abstract Factory Factory Method Builder Composite Recursive Builder

    Choice D is correct.

    This is a bit of a trick question; you would assume that you would need to use a creational pattern such as the Builder or Abstract Factory to do this <Prototype could be applicable as well, if we are not building a family or an aggregate object, but simply prototyping existing objects>. The key is that you need to recursively build a composite object from other objects. This is an example of the Composite pattern. There is no such pattern as the Recursive Builder so choice E is incorrect.Composite - (GOF 163): "Compose objects into tree structures to represent part-whole hierarchies. Composite lets clients treat individual objects and compositions of objects uniformly."The other patterns were:Abstract Factory - (GOF 87): "Provide an interface for creating families of related or dependent objects without specifying their concrete classes."Factory Method - (GOF 107): "Define an interface for creating an object, but let subclasses decide, which class to instantiate. Factory Method lets a class defer instantiation to subclasses."Builder - (GOF 97): "Separate the construction of a complex object from its representation so that the same construction process can create different representations."&&Sanjay"need to build a complex object" almost certainly suggests that we are talking about a creational pattern. I understand the tricky nature of the question, however I was wondering if the question needed to be reworded as"accessing a complex object" or something. Has been updated

    142

    When would you use the Flyweight pattern?

    A When you need classes to be notified of events but you don't know which classes or if you will need to add more at a later date. B When the instances of your class can be used interchangeably and you want to reduce the number of instances created in order to improve performance. C When the instances of your class cannot be used interchangeable and you need to convert them so that they are interchangeable.

    Choice B is correct.

    Choice A is a description of the Observer pattern. Choice C is incorrect because the instances of your class can be used interchangeably in the Flyweight pattern. Flyweight - (GOF 195):"Use sharing to support large numbers of fine-grained objects efficiently."

    143 You are currently designing your own Desktop Publishing application, as you have not found any that do exactly what you want with existing applications. As part of the design you are using a Controller to which you send all GUI requests. Not all objects can process the same commands. For example you can't select the spell check tool when an image has the focus. To stop any possible errors you would like to filter out some of the messages as they are passed from these objects to the Controller object. What pattern could you use?

    A B C D E F

    Firewall Proxy Adapter Observer Chain of Responsibility Filter

    Choice B is correct.

    Firewall and Filter are not design patterns. In this scenario what you are essentially trying to do is filter all packets that don't meet a certain set of requirements. This behavior is just like a Proxy server dropping packets from certain IP address etc.Proxy - (GOF 207): "Provide a surrogate or placeholder for another object to control access to it."The other patterns:Adapter - (GOF 139):"Convert the interface of

    a class into another interface clients expect. Adapter lets classes work together that couldn't otherwise because of incompatible interfaces."Observer - (GOF 293):"Define a one-to-many dependency between objects so that when one object changes state, all its dependents are notifies and updated automatically."Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request. Chain the receiving objects and pass the request along the chain until an object handles it."

    144

    When would you use the Mediator pattern?

    A B

    When you need to co-ordinate state changes between other objects by using one object. When you need to add functionality to a class without changing its interface.

    C When you need create a separation between abstractions and classes that implement those abstractions. D You need a class that will be used in lots of different applications where the logic will only change slightly.

    Choice A is correct.

    The Mediator pattern allows you to co-ordinate state changes between many objects by using one mediator object. Choice B is a description of the Decorator pattern. The Strategy pattern is described in choice D and choice C describes the Bridge pattern.Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction independently."

    145 A prospective employer is describing the existing architecture of a solution that is currently in production. He says that it's a 3-tier system with 3 clustered web servers; a server for the Oracle database with the business logic implemented using PL/SQL scripts. What is true about this system?

    A B

    This solution has fat clients This solution has thin clients

    C D E F

    There is a good separation of business logic The solution has good Scalability There is a poor separation of business logic The solution has poor scalability

    Choices B, E and F are correct.

    The key to this question is the fact that the business logic has been implemented using PL/SQL stored procedures. This means the business logic is on the same server as the database and therefore this is a 2-tier system not a 3-tier system as your prospective employer suggests. There is a very tight coupling between the data store and the business logic this has a direct affect on the potential scalability of this system.When you think of 2-Tier systems you would normally associate them with Fat clients. However as the business logic has been implemented using PL/SQL scripts this system will have thin clients making choice A incorrect. Choice C is incorrect because the business logic and data store are tightly coupled. This tight coupling will have a direct affect on scalability. You may not be able to horizontally scale this system (adding more machines); vertical scaling might be easier (add more memory and CPUs.) But even with vertical scaling you would always run the risk of a network bottleneck making choice D is incorrect as well.

    146 Your have been contracted by a company to help them improve the performance of their sales application. You have suggested that the hardware the application is currently deployed on (2 web servers and a database server) be migrated to 3 web servers, an application server and a database server (all on different machines.) You assure them that all the software re-writes needed will be well worth it in the end. What are the characteristics of your suggested architecture?

    A B C D E F

    Fat Clients Thin Clients Good separation of business logic Good Scalability Poor separation of business logic Poor scalability

    There is no difference in the separation of business logic

    Choices B, C and D are correct.

    The system you have suggested they migrate to is a 3-tier system. The characteristics of a 3-tier system are thin clients, good separation of business logic and good scalability. This is due to the fact that each tier is separate from the other (for example it would be possible to change the data store without affecting the business logic.)Choice A is incorrect; the suggested system has thin clients, the business logic residing on the application server, in the middle tier. Since there is a good separation of business logic, choices E and G are incorrect. Choice F is incorrect the 3-tier nature of the system makes it very scalable.

    147 Your boss is raving about the new 3-Tier architecture that your company's sales application will be deployed on. He says that this architecture will solve all the existing problems. Is he right, or does a 3Tier architecture have the potential to introduce any new problems?

    A B C D E F G

    Fat Clients Thin Clients Poor scalability Poor manageability Reduced performance Reduced separation of business logic Single point of failure

    Choice D is correct.

    The only problem a 3-Tier architecture could have is the potential for poor manageability. The separation of tiers creates thin clients and distributes business logic processing. However because of the distributed nature of the servers, there could be manageability problems. With J2EE solutions however, the potential for such problems is limited because J2EE tiers and layers have very well defined roles and responsibilities. Choice A is incorrect because Fat clients are a characteristic of 2-Tier architecture where the business logic is implemented on the client side. Thin clients are good. Therefore choice B is

    incorrect. A 3-Tier architecture has excellent scalability, including horizontal scalability, making choice C incorrect. It's possible to argue that a 3-Tier architecture may not perform as well as a single machine containing your web server, business logic and database. However as soon as you introduce a significant amount of users a 3-Tier architecture would out perform a single machine. Therefore choice E is correct. Choice F is incorrect because a 3-Tier architecture actually increases the separation of business logic. Choice G is incorrect because a"single Point of failure" is not a problem that a 3-Tier architecture introduces. Although it may have a single point of failure, with careful design you can avoid such pitfalls easily. This is much harder to do with 2-Tier architecture and impossible with 1-Tier architecture.

    148 You have written an application to allow customers to reserve tables at their favourite restaurants. In return your company receives 10% of whatever the customer spends at the restaurant. At the moment, the application is being run on a single Apache web server using PERL and CGI scripts for presentation and business logic with a separate server for the Sybase database containing the restaurant details. What are the most notable weaknesses of this architecture?

    A B C D E

    Fat Clients Thin Clients Scalability Potential Network bottlenecks Performance

    Choices A,C and D are correct.

    The architecture being described here is a 2-Tier architecture. The key as to whether this system has fat or thin clients is that there is no reference to stored procedures. Generally if the business logic resides on the server it is in the form of stored procedures. We therefore assume that all the business logic is in the PERL and CGI scripts. The reason for poor scalability is due to the tight coupling of business logic and client presentation (fat clients). There is always a potential of a network bottleneck in 2-Tier architectures because all requests have to go to one data store.Choice B in incorrect as there is no mention of stored procedures in the scenario we assume that the business logic has been implemented in PERL and CGI scripts on the client side. Performance is not the best answer here and so choice F is incorrect.

    149 You have just bought a brand new dual processor server with over 3 Gigabytes of memory, the fastest server in its class. This server will host Apache Web server (shipped with the Oracle Database) and an Oracle 8i database. What are the most notable weaknesses of this architecture?

    A B C D

    Scalability Manageability Security Performance

    Choice A is correct.

    You can only vertically scale this system (add memory, CPUs etc). As soon as this system comes under a heavy load you would have to separate the Apache web server from the Oracle database and build up a cluster of web servers. This would be hard to do as the Oracle database and Apache web server are so tightly coupled.Note: A system can still be scalable even if it is only one machine providing it has a good separation of the business logic, data store and client presentation. Choice B is incorrect because this system would be easy to manage as everything is in one place. Choice C is incorrect, you don't need to authenticate yourself to other machines or send traffic across the network to other machines. Choice D is incorrect because although the system would perform really well under light traffic as soon as it had heavy loads of traffic the performance would drop dramatically.

    150

    When should Java IDL be used?

    A B C D E

    When performance is essential (Performance is more important than scalability). When accessing RMI servers. When servicing requests from RMI clients. When accessing existing CORBA servers. When servicing requests from CORBA clients.

    Choice D is correct.

    The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/index.html This is a fundamental question and it's important to understand the distinction between these two ways of integrating the Java programming language with CORBA. Java IDL is for CORBA programmers who want to program in the Java programming language based on interfaces defined in CORBA Interface Definition Language (IDL). This is "business as usual" CORBA programming, supporting Java in exactly the same way as other languages like C++ or COBOL. Although CORBA can slightly out perform RMI that is not a reason to use Java IDL so choice A is incorrect. In choices B and C you would use RMI-JRMP and inc choice E you would use RMI-IIOP.

    151 You have just started a new job working for a top finance company and you have been asked to provide a user-friendly interface to an existing mainframe application. You don't have any access to the mainframes source code. What is the best technique for this?

    A B

    It can't be done. Use a screen scraper.

    C Re-write the main frame using Java and high-end Unix servers. Although it may take some time to do this in the long run this will benefit the company. D E F G Write a Java front end then use CORBA to communicate with the mainframe. Use the Java Native Interface (JNI) to communicate with the mainframe. Use object Mapping Use JMS

    Choice B is correct.

    The key to this question is that you don't have access to the mainframes source code. A screen scraper emulates a mainframe terminal. Basically the screen scraper logs on to the mainframe like a normal user and sends requests to the mainframe and then reads the response. The problem with a screen scraper is that if you change any of the mainframes code there is always the possibility that the screen scraper will stop working.Choice A is incorrect because it is possible to add a GUI to the system. Choice C would take far too long, cost too much and is not what the customer wants. Choices D, E and F would all require access to the mainframes source code. Choice G is incorrect because there is no mention that the mainframe supports a messaging system. Some of them do and even provide interfaces for JMS however as it is not stated in the question it is not the right answer.

    152 You are working for a company that has yet to realise the full potential of Java. You offer to show them some of the great things Java can do by integrating a new application with an existing CORBA system. Your bosses will then assess the performance and reliability of this new system. How will you connect your RMI application to the CORBA system?

    A B C D E

    Use Java-IDL This is a standard feature of RMI. Can't be done. Can only be done by using JNI. Use RMI-IIOP

    Choice A is correct.

    The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/jidlFAQ.htmThere are several scenarios that will define how you will want to create distributed CORBA applications. Here are some of them: Java IDL - If you have been developing CORBA applications using IDL for some time, you will probably want to stay in this environment. Create the interfaces using IDL, and define the client and server applications using the Java programming language to take advantage of its "Write Once, Run Anywhere TM" portability, its highly productive implementation environment, and its very robust platform. RMI-JRMP - If all of your applications are written in the Java programming language, you will probably want to use Java RMI to enable communication between Java objects on different virtual machines and different physical machines. Using Java RMI without its IIOP option leverages its strengths of code portability, security, and garbage collection. RMI-IIOP - If you are writing most of your new applications using the Java programming language, but need to maintain legacy applications written in other programming languages as well, you will probably want to use Java RMI with its IIOP compiler option.Choice B is incorrect because this is not a standard feature of RMI. Choice C is incorrect because it can be done. You don't need to use JNI to do this so choice D is incorrect. At present the existing systems all use CORBA. Therefore it is better to use Java IDL. Hence choice E is also incorrect.

    153 You are working for a car leasing company and you need to integrate with one of their mainframe applications. You should do this using either object mapping or screen scraping. When should you use object mapping?

    A B C D

    You should always use screen scrapers when you have the option. When you have access to the mainframes code. When you don't have access to the mainframes code. When you are short of time and need a quick solution.

    Choice B is correct.

    Object mapping is the process of building object wrappers around legacy interfaces. This makes the legacy system available in an OO fashion. You need access to the legacy systems source code in order to do this.A screen scraper emulates a mainframe terminal. Basically the screen scraper logs on to the mainframe like a normal user and sends requests to the mainframe and then reads the response. The problem with a screen scraper is that if you change any of the mainframes code there is always the possibility that the screen scraper will stop working.Any change to the mainframe might break the screen scraper and screen scrapers are only really used when you don't have access to the mainframes source code so choice A is incorrect. Choice C is incorrect because you would use a screen scraper if you didn't have access to the mainframes source code. In choice D you would probably use a screen scraper.

    154 You have just joined a new company and have spent some time chatting with the network administrator. He has mentioned that one of the servers is an off-board server. What is an off-board server?

    A B C D

    Another way to describe a standard proxy server. Another type of a screen-scraping program, (Like an object mapping one). A server that runs within the DMZ. A proxy for a legacy system.

    Choice D is correct.

    An off-board server is simply a proxy server for a legacy system.

    155 You are designing an online cinema ticket booking application. At the moment you plan to have a controller to maintain user sessions, a customer component to hold personal details, a credit card validation component, a set of GUI screens and a cinema component with details of all movies and seating capacities. What should be used for each component?

    A The controller should be a Stateful Session bean. The customer should be a Stateful Session bean. The cinema component should be a Stateful Session bean. The credit card validation component should be an Entity bean. B The controller should be a Servlet. The customer should be a Stateful Session bean. The cinema component should be a Stateful Session bean. The credit card validation component should be an Entity bean. C The controller should be a Stateful Session bean. The customer should be a Servlet. The cinema component should be a Stateful Session bean. The credit card validation component should be a Stateful Session bean. D The controller should be a Servlet. The customer should be a Servlet. The cinema component should be a Stateful Session bean. The credit card validation component should be a Stateful Session bean. E The controller should be a Stateful Session bean. The customer should be an Entity bean. The cinema component should be an Entity bean. The credit card validation component should be a Stateless Session bean. F The controller should be a Servlet. The cinema component should be a Stateful Session bean. The cinema component should be an Entity bean. The credit card validation component should be a Stateless Session bean. G The controller should be a Stateful Session bean. The customer should be an Entity bean. The cinema component should be an Entity bean. The credit card validation component should be a Stateless Session bean. H The controller should be a Servlet. The customer should be an Entity bean. The cinema component should be an Entity bean. The credit card validation component should be a Stateless Session bean. I J Make the GUI using JSP pages Make the GUI an applet

    Choices H and I are correct.

    The controller could be implemented as either a Servlet or a Stateful Session Bean but it makes more sense from a resources point of view to implement this as a Servlet. The customer and cinema component need data to be stored permanently so these should be Entity beans. The process of

    validating the credit card is a service so this should be a Stateless Session Bean. JSP pages is a better choice than the applet because it means that the system can be used by a greater number of people because there is no dependency on the Java plug in.

    156 You have an Enterprise Bean that represents a customer's account. One of the methods that this bean provides is deductCost(float amount) This method is used when a customer buys something from your company's website. This method must be executed as part of an existing transaction. What is the correct attribute setting in the deployment descriptor?

    A B C D

    REQUIRED REQUIRES NEW SUPPORTS MANDATORY

    Choice D is correct.

    If the calling client does not have a transaction (i.e. the transaction hasn't already started) a javax.transaction.TransactionRequiredException will be thrown.Choice A is incorrect as REQUIRED will create a new Transaction if a transaction does not already exist whereas the question says it must be part of an existing transaction. Choice B is incorrect because REQUIRES NEW will create a new Transaction anyway. SUPPORTS will not force the method to execute in a transaction. Hence choice C is also incorrect.

    157 You have a method that can't be executed in a transaction. What is the correct attribute in the deployment descriptor?

    A B C

    Leave it empty this is the default. NEVER NOT SUPPORTED

    NO_TRANSACTIONS

    Choice B is correct.

    As the name suggests"NEVER" is the right answerChoice A is incorrect because leaving the deployment descriptor empty is not the default for NEVER. NOT SUPPORTED just suspends the transaction making choice C incorrect. NO_TRANSACTIONS is not a valid attribute. Hence choice D is also incorrect.

    158 You have been reading up of the Gang of Four patterns and you notice that the Home interface of an Enterprise Javabean is actually based on one of the patterns. Which pattern is the Home Interface of an Enterprise Javabean based on?

    A B C D

    Singleton Facade Builder Factory Method

    Choice D is correct.

    This Factory Method pattern provides an interface for creating an object that allows either sub classes or helper classes to create that object.The Singleton pattern creates either 1 or a variable number of instances of a class. So choice A is incorrect. The Faade pattern provides a simple interface to a complex subsystem. Thus choice B is incorrect. The Builder pattern separates the construction and representation of an object. The client is shielded from the object's construction and it only needs to specify content and type. Hence choice C is also incorrect.

    159 You've been developing a chat application so that members of your team can keep in touch with each other irrespective of their location. You decided to implement the application as a Java Applet. In order to make sure the user has the latest version, you require the applet to connect back to the server it was downloaded from and check with a file there. Can this be done with JDK 1.3 or 1.4 without modifying the browser's policy files? True/False?

    A B

    True False

    The above statement is True.

    The key to this question is that the applet is only connecting back to the server it was downloaded from, and reading a file. This has always been permitted and is permitted with both JDK 1.3 and 1.4. The applet wouldn't be allowed to read a file on the client's machine or connect to machines other than the one it was downloaded from.Note: You may think that if the applet has been downloaded then it must automatically be the latest one, this isn't true as most browser cache applets.

    160 You are writing an Enterprise Javabean to represent a Flight in a Travel agency application. One of the developers recommended that you use Bean Managed Persistence (BMP) for the EJB. What is true about BMP?

    A B C D

    Improves your ability to move your EJB from one Application server to another. Reduces your ability to move your EJB from one Application server to another. Improves your ability to move your EJB from one data store to another. Reduces your ability to move your EJB from one data store to another.

    Choice C is correct.

    When you use Bean Managed Persistence you are writing all the SQL needed to persist the bean yourself. This means that the SQL would have been tailored to the data store you are using and the same SQL might not work with a different database vendor. You can cancel this out by using a Data Access Object. The Data Access Object pattern (DAO) is used to reduce the dependency between Enterprise Beans and the underlying database. This means that the data object manages the connection to the data source and if the data source changes you only need update this one object, the change doesn't affect the rest of your application.

    161

    What do Atomic and Consistent mean in reference to ACID?

    A B C D E F G

    Atomic means a transaction must execute completely or not at all. Atomic means a transaction must execute completely or log where it was stopped. Consistent means a transaction must execute completely or log where it was stopped. Atomic means the transaction is the same as other transactions in structure. Consistent means the transaction is the same as other transactions in structure. Consistent means the transaction was started and finished within the specified time. Consistent means that the integrity of the underlying data source is always maintained.

    Choices A and G are correct.

    ACID stands for Atomic, Consistent, Isolatable and Durable. All transactions must adhere to this. Atomic means 'a transaction must execute completely or not at all.' Consistent means 'the integrity of the underlying data source is always maintained.'

    162 You are working late at the office one day when the security guard informs that you have to leave as the building is closed for the evening. As you are working on a big project you decide to continue your work at home. However when you try to connect to the application from home you get no response. You are trying to connect to your RMI-JRMP application; the port is available on the firewall, what is the most likely reason why you can't connect?

    A B C

    The port on the firewall isn't really available. The company's proxy servers are filtering out your request based upon your IP address. You have typed the connection address incorrectly.

    D Your application is only listening for internal requests and you will need to change setting in the security.policy file if you wish to connect from home. E Your company knows that most hacking takes place at night and takes all of its systems off-line during the night.

    Choice B is correct.

    The most likely explanation here is that your company's firewall is filtering your requests out based upon your IP address. You would need to get your home IP address added to the list that the firewall trusts (and this won't be easy if you're using DHCP!)Choices A and C are both possible but not the very likely here. Hence these answers are incorrect. Choices D and E are not factually correct.

    163

    How are Entity Beans persisted?

    A B C D E

    Entity beans are stored in memory by the Application server. Entity beans are not persisted They are serialized and stored on a database. They are NOT serialized but rather stored in a persistent storage medium such as a database. It is up to the developer, than can either be serialized or mapped directly.

    Choice D is correct.

    A bean normally represents a row in the database. Each field that is persisted is typically mapped to a database. The bean itself is not stored in the database, as the class is the same for all bean instances of the same typeit's just the values that change. If beans were serialized when they where stored on the database you would have to de-serialize each one when you were doing a find operation (by criteria). When Entity Beans are passivated (the state to the bean is written to file), serialization may be used depending on the Application server, although most servers probably also synchronize the state with the database as well.Storing them in memory is not persistence. If the server crashes, all the data would be lost. Therefore choice A is incorrect. As Entity beans are persisted, choice B is incorrect. Choices C and E are incorrect because Entity Beans are not serialized.

    164 Which of the following statements are true?Note: This question assumes that the no-args constructor and setEntityContext() method have already been called.

    A Entity Beans start in the"ready" state and move into the"pooled" state only after ejbActivate() has been called on them. B Entity Beans start in the"pooled" state and move into the"ready" state only after ejbActivate() has been called on them. C D Entity Beans aren't pooled. Entity Beans are never in either state.

    Choice B is correct.

    Entity Beans start in the pooled state (this is assuming that the no-args constructor and setEntityContext method has been called). Then when ejbActivate() is called, they move into the ready state and return to the pooled state when ejbPassivate() is called.

    165

    How do you find a particular Entity Bean?

    A B

    Call various find methods defined in the Home interface. Call various find methods defined in the Remote interface.

    Choice A is correct.

    The Home interface defines the create(), find(), and remove() methods and the finder methods are used for locating beans.The Remote Interface is used to define all of the methods that can be called by the client on the Enterprise Bean. If you try and call a method that exists in the Enterprise bean class but not in the Remote Interface, you will get a RemoteException.

    166

    Which statements are true?

    A B C D E F

    ejbFind() returns the Primary Key. The find method/s in the Home interface return an EJBObject or an Enumeration. The find method/s in the Home interface return a Primary Key. ejbFind() returns an EJBObject. The find method/s in the Remote interface return an EJBObject. The find method/s in the Remote interface return a Primary Key.

    Choices A and B are correct.

    The Home interface defines the create(), find(), and remove() methods.The Remote Interface is used to define all of the methods that can be called by the client on the Enterprise Bean. If you try and call a method that exists in the Enterprise bean class but not in the Remote Interface, you will get a RemoteException.Choice C is incorrect because the find method in the Home interface returns an EJBObject or an Enumeration. Choice D is incorrect because ejbFind() returns the Primary Key. The find methods are not defined in the Remote interface so choices E and F are incorrect.

    167 You are at home trying to work on an application you're developing for your company. You want to log on to your machine at work and develop code for your application however you are having some trouble connecting directly to the application (running on port 1099). What is the most likely reason that you can't connect?

    A B C

    A typing error in the connection details. Your company is filtering traffic based upon IP address Traffic is being filtered based upon the port number requested.

    D You need to update the security manager that is being used with the application to allow external connections. E There is a bug in your program stopping anyone from connecting whether internal or external.

    Choice C is correct.

    As you are able to connect to your desktop PC you know that your company doesn't filter traffic based upon IP address. Therefore the most likely reason you can't connect is because you are requesting a different port and the firewall is filtering that traffic.Although it's possible that a typing error in the connection details may be stopping you connecting it isn't the most likely reason. So choice A is incorrect. You wouldn't be able to connect to your desktop PC if your company was filtering traffic based upon IP address. So choice B is incorrect. When you connect to your application from within the office you are still connecting via a socket. So you would not be able to connect at work either if there was a problem with the security manager. Hence choice D is incorrect. Although choice E is possible it is not the most likely reason.

    168 You know that Java allows you to run JRMP over HTTP, to tunnel through firewalls but does Java allow you to run CORBA over HTTP?(CORBA uses IIOP). True/False?

    A B

    Yes No

    Choice B is correct.

    The key to the question is what does Java allow you to do. Java has no direct relationship with CORBA so the answer is No. However if the question was rephrased slightly for example using Java is it possible to tunnel IIOP over HTTP then the answer would be yes (most firewalls are configured to only let HTTP / HTTPS requests through).

    169 You are working for an investment bank. You have written an applet to display the current price of the shares that traders have selected for monitoring. For the applet to work, it needs to authenticate who the client is. It does this by reading a file held locally on the client's machine. You know that applets can't read files stored on a local machine by default. So you have placed the applet in a jar file and that is code signed by a trusted certificate authority. Is signing the code enough for the applet to be able to read the local file?Note: This is based on JDK 1.3 and 1.4

    A B C D E

    Yes it would work fine without limitation as the code is signed. No the security manager of the browser would prohibit this. The applet would have been able to read the file already under JDK 1.3 and 1.4. As long as the code is signed is doesn't matter which certificate authority signed it. It may or may not work depending on the browser's security policy.

    Choice E is correct.

    Even if the code is signed, the browser's policy file may refuse it permission to perform certain tasks. The policy file will need to grant necessary permissions such as:grant signedBy"signingKey" { Permission java.io.FilePermission"local_file","read";}to allow the applet to read local files.Choice A is incorrect because it depends on the browsers security policy file. Choice B is incorrect because the security manager might not prohibit this. The applet wouldn't automatically be able to read the file. So choice C is incorrect. It would matter which certificate authority signed it, if you have not chosen to trust a particular certificate authority the code might as well not be signed at all! So choice D is also incorrect.

    170 You are developing an application to be used at a major bank. Security is a crucial element and you have decided to use JAAS. The GUI will be based on the MVC framework and it uses swing. The application will connect people in the same office so that they can all securely review the same financial data. What protocol should you use to do this?

    A B C D

    IIOP JRMP HTTP HTTPS

    Choice B is correct.

    As there is no reference to this being a web based solution and all of the staff are in the same office there is no need to use HTTPS. JRMP is the most appropriate answer. There is no mention of the need for Entity Beans or interfacing with a CORBA system so choice A is incorrect. Choices C and D are incorrect because this is not being used over the web.

    171

    What are the benefits of using the Service Locator pattern?

    A It is used primary by Servlets to locate other services such as JMS. A good example of this pattern would be a web based login facility. If a client enters an incorrect password their need to be redirected to a different but their session needs to be maintained across the application. B It is used to catalog Enterprise Beans so that other beans can find them quickly and efficiently. For example if you need to forward request from a Session Bean to an Entity Bean then the Session Bean requests the location of the Entity Bean from the Service Locator object. The Service Locator looks in a table (like a HashMap) and returns the Entity Beans location. C The Service Locator pattern can improve performance by introducing a caching facility.

    D There is a slight loss of performance when using the Service Locator pattern but this is out weighed by the improved maintainability of the code. E None of the definitions of the Service Locator pattern are accurate.

    F The Service Locator pattern is used to hide the complexities of initial object creation, EJB lookups and object re-creation. G Multiple clients can reuse the same Service Locator pattern.

    Choices C, F and G are correct.

    The following is taken from Core J2EE Patterns: Best Practices and Design Strategies page 369 "Use a Service Locator object to abstract all JNDI usage and to hide the complexities of initial context creation, EJB home object lookup, and EJB object re-creation. Multiple clients can reuse the Service Locator object to reduce code complexity, provide a single point of control, and improve performance by providing a caching facility."Choice A is describing a standard web based login but this has nothing to do with the Service Locator pattern. Choice B sounds plausible but this is not how the Service Locator pattern is used. Choice D is incorrect as there is an increase not a loss of performance when using this pattern. Choice E is incorrect as there are accurate descriptions of the Service Locator pattern amongst the answers.Some useful links: http://developer.java.sun.com/developer/technicalArticles/J2EE/patterns/ http://java.sun.com/blueprints/

    Useful book:

    Core J2EE Patterns: Best Practices and Design Strategies - ISBN: 0130648841A sample chapter is available here: http://www.sun.com/books/catalog/crupi/index_Table+of+Contents.html Note: This type of question will probably feature in the new EJB 2.0 specification version of the SCEA certification.

    172

    When would you use Tunnelling?

    A When you don't have access to any spare ports of the Firewall and need to tunnel your application through an existing port. B To break out of prison.

    C When you do have access to spare ports of the Firewall and are able to use them. So you tunnel your application out of one of these new ports that was created just for your application. D When you are using IIOP with RMI.

    Choice A is correct.

    Tunnelling is used to pass one protocol through a port that it does not, by default run on. For example if the only free port on the firewall was port 80 and you needed to pass JRMP through the firewall you would "tunnel" JRMP through the firewall. (JRMP by standard runs on port 1099). Basically JRMP would run on top of HTTP. However Tunnelling should generally be avoided and should only be used as a last resort. You use tunnelling when you don't have access to a particular port. So choice C is incorrect. RMIIIOP is unrelated to tunnelling. Choice B is incorrect because stealing the key from the guard would be easier!

    173 You are working for a small to medium sized business that has just started to use servers to host J2EE Applications (its own and clients'.) However since its launch into this new area there have been three separate instances of hacks involving access of sensitive sales information. A security consultant has been brought in to assess the situation and he recommends that your company use a DMZ. What is a DMZ?

    The network behind a firewall that's protected from the Internet.

    B The region inside the inner firewall (we are assuming that there are two firewalls). This network is called the DMZ. C The network outside of the outer firewall. This could be the Internet or other client networks. (We are assuming that there are two firewalls). D A region between two firewalls. The Internet would come in through the first firewall but only systems within the first firewall in the DMZ can go through the second firewall.

    Choice D is correct.

    DMZ stands for Demilitarized zone. To set up a DMZ you need two firewalls with which you create 3 separate regions. The different regions are the internet, DMZ (in the middle) and your network. You would have a server in the DMZ that would be accessible to both the public and employees in your local network. The internet connections will not have access your network though they will be able to access the server in the DMZ. Your network will access the internet through the server in the DMZ.Choice A is just describing the process of using a firewall. The region described in choice B is your network the DMZ is the area between the two firewalls. Choice C describes the internet not a DMZ.A Useful link: http://www.saintrochtree.com/network-advices/000004.htm

    174 You are designing a web-based application for an online recipe site. Although this may not seem that popular, the estimated number of unique visitors to the site is 100000 per day. The site is purely informational, you can't buy recipes or upload your own (if you wish to add your own recipes they have to be emailed to the webmaster). Despite that fact that there no transaction and persistence requirement it is still recommended that you use an Application server and Enterprise beans. The main reason for using the Application server and Enterprise Beans is that it allows you to remove some of the processing from the web servers and this increases the performance of the site. True/False?

    A B

    TRUE FALSE

    The above statement is False.

    The key to this question is that there are no transactions and there is no data to persist. All you are sending to the client are HTML web pages; even if you were to use JSPs/Servlets you still wouldn't use an Application server. In a situation like this you have to think of what the Application server should actually do? In this case there is nothing for it to do.

    175 You are an enterprise consultant for one of the Fortune 500 companies. You have been discussing a possible design for a 3-tier application with a prospective client. They know very little about Java and are asking you if Java is always the best solution. Your response is that although normally for each project many factors have to be considered before selecting the programming language and framework, because this is a 3-tier architecture Java is definitely the best solution. Is this true? True/False?

    A B

    TRUE FALSE

    The above statement is False.

    It is impossible to make sweeping statements such as Java is always the best solution for 3-tier architectures. A project needs to be looked at individually and then assessed. You may think that one project naturally suits a full Java implementation only to find out that a company has already heavily invested in a different technology or that you don't have the resources (employees with skills in Java based technologies) to implement a solution

    176 You are designing a 3-tier architecture for a new application your company intends to deploy as part of it's marketing strategy. This application will allow users to book rental cars over the web and is estimated to save the company millions over the next few years. Due to the sheer number of users, you have decided to use the Front Controller pattern. Which of the following statements describe the Front Controller pattern?

    A The Front Controller pattern is primarily used as a cheap alternative to a CISCO router. It is used as a software alternative to a hardware load balancer. B C Provides a central point of entry Provides a central point of entry for load balancing

    D The controller manages client requests, security, delegation of business processing, error handling, view selection and content creation strategies. E The controller manages the client's request including delegating business processing, error handling, view selection and content creation strategies. But is does not have anything to do with security. F The Front Controller is just another way of describing the Controller out of the Model View Controller architecture. G The Front Controller is just using the Controller out of the Model View Controller architecture for load balancing.

    Choices B and D are correct.

    The following is taken from Core J2EE Patterns: Best Practices and Design Strategies page 369"Use a controller as the initial point of contact for handling a request. The controller manages the handling of the request, including invoking security services such as authentication and authorization, delegating business processing, managing the choice of an appropriate view, handling errors, and managing the selection of content creation strategies. The main aim of the Front Controller pattern is to centralize view management. For example if a web page is moved all the links to it would need to be updated by using this pattern you can pass all requests through the Front Controller only needing to make changes in one place. The Front Controller is classified by Sun as a Presentation Tier pattern. Choices A and B are incorrect because the Front Controller has nothing to do with load balancing. Choice E is incorrect as the Front Controller can invoke security services and choices F and G are incorrect because the Front Controller does not represent the Controller out of the MVC architecture.

    Some useful links: http://developer.java.sun.com/developer/technicalArticles/J2EE/patterns/ http://java.sun.com/blueprints/patterns/j2ee_patterns/front_controller/index.html http://java.sun.com/blueprints/

    Useful book: Core J2EE Patterns: Best Practices and Design Strategies - ISBN: 0130648841A sample chapter is available here: http://www.sun.com/books/catalog/crupi/index_Table+of+Contents.html

    Note: This type of question will probably feature in the new EJB 2.0 specification version of the SCEA certification.

    177 You are designing a complex set of classes that provides a secure framework for other programmers to use. The idea behind this framework is that it will allow other programmers to write secure programs without getting bogged down with the complexities of writing secure applications. What sort of design pattern is being used here?

    A B C D

    Composite Faade Decorator Adapter Mediator

    Choice B is correct.

    Facade - (GOF 185): "Provide a unified interface to a set of interfaces in a subsystem. Facade defines a higher-level interface that makes the subsystem easier to use. "The other patterns are described below:

    Adapter - (GOF 139):"Convert the interface of a class into another interface clients expect. Adapter lets classes work together that couldn't otherwise because of incompatible interfaces. "Composite - (GOF 163):"Compose objects into tree structures to represent part-whole hierarchies. Composite lets clients treat individual objects and compositions of objects uniformly. "Decorator - (GOF 175):"Attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to sub classing for extending functionality. "Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction independently."

    178

    What is the difference between the abstract factory pattern and the factory method pattern?

    A The factory method makes objects that should be used together. This is not the case for the abstract factory. B The abstract factory pattern provides an interface for creating a family of objects whereas factory method provides an interface for creating one object C In the abstract factory pattern the objects that the factory makes are to be used together. This is not necessarily true in the factory method pattern. D The factory method pattern is used when the class does not know the class of the object it must create. But in the abstract factory this is known in advance. E The factory method and abstract factory are essentially the same pattern but two different names are used to describe them depending on the circumstances when they are implemented.

    Choice B is correct.

    Both the Abstract Factory and Factory Method are Creational patterns. Abstract Factory - (GOF 87): "Provide an interface for creating families of related or dependent objects without specifying their concrete classes. "Factory Method - (GOF 107): "Define an interface for creating an object, but let subclasses decide, which class to instantiate. Factory Method lets a class defer instantiation to subclasses. "Choice A offers a description of the abstract factory pattern not the factory method. The descriptions in choices C and D are the wrong way round. Choice E is incorrect as the two patterns are different.

    179 You're designing a paint application and as part of the user interface you have a toolbar along the left hand side of the screen. Each of the icons on the toolbar has different actions when you are using different tools. The way you've structured it, the application is required to pass commands from one object to another. When the appropriate object receives the command, it handles the request. This is an example of which pattern?

    A B C D E

    Command Chain of Responsibility Adapter Interpreter Strategy

    Choice B is correct.

    Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request. Chain the receiving objects and pass the request along the chain until an object handles it. "Below are descriptions of the other patterns: Command (GOF 233):"Encapsulate a request as an object, thereby letting you parameterize clients with different requests, queue or log requests, and support undoable operations "Interpreter - (GOF 243):"Given a language, define a representation for its grammar along with an interpreter that uses the representation to interpret sentences in the language. "Adapter - (GOF 139):"Convert the interface of a class into another interface clients expect. Adapter lets classes work together that couldn't otherwise because of incompatible interfaces. "Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them interchangeable. Strategy lets the algorithm vary independently from clients that use it."

    180 You've had enough of you existing IDE (Integrated Development Environment) and have started work on designing your own. At the moment you're working on the undo part of the application, basically you need to be able to roll an object back so its previous state. What pattern would you use to do this?

    A B C D E F

    Memento State Mediator Rollback Transaction ACID

    Choice A is correct.

    Memento - (GOF 283):"Without violating encapsulation, capture and externalise an object's internal state so that the object can be restored to this state later. "Choices D, E and F are not names of patterns. Rollback is something you would do if a transaction were terminated halfway through. Transaction is self-explanatory. ACID stands for Atomic, Consistent, Isolatable and Durable. All transactions must adhere to this. Below are descriptions of the other patterns: State - (GOF 305):"Allow an object to alter its behavior when its internal state changes. The object will appear to change its class. "Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction independently."

    182

    What are the benefits of asynchronous messaging?

    A B C D E F

    Less coupling between the sender and receiver. Provides an instant response. Does not block the sender. Good for transaction processing. "You can't get an instant response. Network doesn't have to be available.

    Choices A, C and F are correct.

    The main difference between asynchronous messaging and synchronous messaging is that synchronous provides an instant response. This means that when using asynchronous messaging, clients do not have not wait for responses; they send messages and then carry on with what they were doing. This reduces the coupling between the sender and receiver and it also means that the network doesn't have to be available. Choices B and D are incorrect because they describe synchronous messaging. Although choice E is correct it is not a benefit of synchronous messaging.

    183 You are designing an online shopping application to make it easier for customers to order products from your company. The aim is that the majority of customers buying over the phone will start using the web instead. When customers purchases goods online they will use credit cards and will require an instant response as to whether the sale has been approved or not. (Note the credit card validation is carried out by another very powerful system.) What type of messaging should be used?

    A B C

    Synchronous messaging Asynchronous messaging You shouldn't be using messaging at all as it's not transactional.

    D You could use messaging because it is transactional however it's not advised, as the system would never perform well enough for an instant response.

    Choice A is correct.

    Synchronous messaging provides an instant response and is therefore the right answer. It is always arguable as to whether messaging should be used if you require an instant response but if you do decide to use messaging then you should always use synchronous messaging when needing an instant response. Choice B is incorrect because asynchronous messaging does not provide an instant response. You can make messaging transactional by creating your own transactions in your code. Hence choice C is incorrect. Choice D is arguable too, but it is not the most appropriate answer because the question suggests that the system the messages will be sent to is very powerful and will be able to cope with the volume of traffic. So choice D would be incorrect as it suggests that the system will not perform well enough for an instant response.

    184

    What should be used if you don't need an instant response from a message?

    A B

    Synchronous messaging Asynchronous messaging

    Choice B is correct.

    Synchronous messaging provides an instant response therefore asynchronous messaging is correct. Synchronous, tightly coupled communication between distributed components: This is the model of CORBA, RMI, EJB and so on. The programming model is called Remote Procedure Call (RPC).Asynchronous, loosely coupled communication between components: This is the Message Oriented Middleware or MOM model. The programming model is called Messaging.

    185 You overheard two colleagues arguing about the difference between Localization and Internationalization. They turn to you to ask you to settle the argument. What is the difference between Localization and Internationalization?

    A Internationalization is the process of preparing a program to be used in a country other than England. B C D Internationalization is the process of preparing a program to be used in any country. Localization is the process of preparing a program to be used in a country other than England. Localization is the process of preparing a program to be used in any country.

    Choice B is correct.

    Internationalization: Adapting a program for use in any country is called Internationalization. Localization: The process of adapting a program for use in a particular country is referred to as Localization. During Localization the language of the text, message icons, colors used, dialogs, number

    formats, time representation and even sorting algorithms are subject to change. Choice A is incorrect because it is the other way around. Choices C and D are not accurate descriptions of Localization.

    186 You have an existing mail order application that runs as an applet on the customer's browser. The applet connects to your server to retrieve product information. (Note all data is sent securely over SSL) What would you expect to change to meet the needs of users in different countries?

    A B C D E F G

    GUI text, e.g. Message box text etc. Security login procedures Dates Numbers, e.g. Currency The way the program writes to binary files. Icons, Images The way the program writes to text files.

    Choices A, C, D, F and G are correct.

    List of items that may be subject to Internationalization: Language for Messages Formats - Numeric, Date and so on Dictionary sort order Currency symbol and position Tax and other legal rules Cultural preferences

    You would not need to change the way you wrote to binary files but you may need to change the way you write to text files because of the Unicode to 8 bit differences.

    187 Your company has a custom operating system that it developed for some robotics hardware to be used in their research departments. One of the researchers has written a cut down Virtual Machine to run on this OS. You have started to develop some software to run on this VM however you need to convert the Unicode to 8 bit characters. In order to do this you will need to use:

    A B C D

    FileWriter OutputStreamWriter BufferedWriter StreamWriter

    Choice B is correct.

    The OutputStreamWriter can be used to convert Unicode into 8 bit characters. Normally this is used in Internationalization to convert Unicode into local character encoding but it would work well in this situation. Choices A, C and D serve different purposes in the java.io package. Java support for Internationalization Properties Locale Resource Bundle Unicode Java.text Package InputStreamReader OutputStreamWriter

    188

    You need to convert 8bit text to Unicode. To do this you use:

    A B C D

    FileReader InputStreamReader BufferedReader StreamReader

    Choice B is correct.

    The InputStreamReader can be used to convert 8 bit characters to Unicode. Choices A, C and D serve different purposes in the java.io package.Java support for Internationalization: Properties Locale Resource Bundle Unicode Java.text Package InputStreamReader OutputStreamWriter

    193

    Which of the following are true about Vertical Scalability?

    A B C D E F G

    (Achieved by adding servers to the system Achieved by adding capacity (memory, CPU and so on) It is generally more expensive than Horizontal scaling Decreases manageability Requires few or no changes to the system architecture Not supported by J2EE Has little or no impact on the reliability and availability of the system

    Choices B, E and G are correct.

    Vertical Scalability, by definition means increasing a system's capacity by adding memory, processors and so on. Of the two types of Scalability (Vertical and Horizontal), Vertical Scalability is the easier to achieve because it involves few changes to the existing system's architecture. Also adding more CPU or memory to an existing system does not have any impact on reliability or availability because if the system or component fails, in the absence of redundant systems, availability and reliability would suffer. Hence choices B, E and G are correct.

    Choice A is incorrect because it actually describes Horizontal Scalability, which is achieved by adding more servers to a system. Horizontal Scalability is tougher to achieve because the architecture should inherently support a multi-server environment. However once implemented, it has a positive impact on the system's reliability and availability because it provides fault tolerance capabilities. Choice C is incorrect because generally it is cheaper to add capacity than to add entire new systems. Choice D is incorrect because adding capacity should have no impact on the manageability of a system. Choice F is incorrect because Vertical Scalability is easy to achieve. Most J2EE vendors also provide support for the more difficult Horizontal Scalability.

    194

    Which of the following are not true about 2-tier architecture models?

    A B C D E F

    Clients may be validation intensive, consequently requiring powerful hardware. Any change to one tier typically affects both tiers. Represents a single point of failure. Each client makes a direct connection with the server They are not very maintainable They are quite manageable

    Choices B, C and F are correct.

    The question asks for points about 2-tier client/server systems that are not true. Choice B is untrue because a change to one tier need not necessarily affect the other tier. For example consider an Order Entry system where the users need to see transaction history for individual customers. A new screen can be developed to take data from the transaction tables and display it on the client. In this example, no changes are required on the server. Consider an alternate example where a stored procedure accessing data spread in multiple tables now queries a materialized view. No changes would be required to clients that call the stored procedure, as long as all input and output remains the same. Although it may be true in many cases, Client/Server architectures do not always represent single points of failure. With single database servers, of course if the server fails, clients may not be able to connect to the database. However in multi-database applications, if parts of the client or server fail, other parts of the system may still be accessible. Hence choice C is a right answer. 2-tier architectures are not very manageable. Although the servers can be managed centrally, client PCs are always distributed at user locations and it is very difficult to troubleshoot them without local staff. Hence choice F is a right answer. Choice A correctly reflects what happens on a client in 2-tier applications. Choice D explains how clients interact with the database and choice E clearly lists that 2-tier architectures are not easily maintainable because of constant software updates required on the clients. Hence they are all incorrect answers.

    197

    Which of the following may be used for synchronously communicating with legacy systems?

    A B C D E F G

    IIOP HTTP SHTML JRMP with JNI SMTP RMI / IIOP MOM

    Choices A, D and F are correct.

    IIOP (Internet Inter Operable Protocol) is the protocol used by CORBA. JRMP (Java Remote Method Protocol) is the protocol used by Java-RMI. RMI / IIOP is EJB1.1's protocol. All three of these methods are examples of RPC (Remote Procedure calls) based communication, which is inherently synchronous in nature. Note that there are exceptions (event handling in CORBA and Message Driven Beans in EJB2.0), but generally speaking RPC is used for synchronous communication. Hence A, D and F are correct. HTTP, SHTML and SMTP are unrelated jargons, used for confusing the reader. Message Oriented Middleware (MOM) is used for asynchronous messaging. Hence choices B, C, E and G are incorrect.

    198

    What is an off-board server used for?

    A B C D

    Providing Single-Sign on to a Java based application Delegating complex processing to a separate server Enable secure remote access to a mainframe by forwarding SSL requests to serial connections As a database for storing the public keys of valid Certification Authorities (CA)

    For performing symmetric key cryptography

    Choice C is correct.

    An off-board server is used enable secure remote access to mainframes. This is done typically done by forwarding SSL requests to the mainframes via serial connections, as indicated by choice C. An off-board server does not provide single sign on capabilities to a J2EE application. It is also not an application server that can take up complex business logic processing. An Off board server does not store public keys of trusted Certification Authorities (CA) or perform symmetric key encryption. Hence choices A, B, D and E are all incorrect.

    199 Company ABC has a predominantly EJB based J2EE application that has be accessed by CORBA clients. Which connectivity option would you recommend?

    A B C D E

    RMI-JRMP RMI with JNI Java IDL RMI-IIOP HTTP tunneling

    Choice D is correct.

    RMI-IIOP stands for Remote Method Invocation (using IIOP as the transport.) This is the protocol supported by EJB1.1 Hence choice D is correct. RMI-JRMP is used only when dealing with native Java clients. The question talks about CORBA clients but does not say anything about pure Java clients. Hence choice A is incorrect. There is also no mention of JNI support. Hence choice B is incorrect. Java IDL is useful when you have a predominantly CORBA based application. Hence choice C is incorrect. HTTP tunneling is a way to allow protocols to masquerading as other protocols and bypass firewall restrictions. Hence choice E is incorrect.

    200

    Which of the Classes and Interfaces need to be created by a bean developer?

    A B C D E

    Home Interface Distributed Interface Remote Interface Bean Class Bean Interface

    Choices A, C and D are correct.

    When developing EJB applications, developers need to create the Home Interface, the Remote Interface and the Bean Class. Hence choices A, C and D are correct. There is no such thing as the Distributed Interface or the Bean Interface. Hence choices B and E are incorrect.

    201

    The Remote Interface of an Enterprise Bean extends from:

    A B C D

    java.ejb.EJBRemote javax.ejb.RemoteInterface javax.ejb.EJBObject javax.rmi.RemoteReference

    Choice C is correct.

    Remote Interfaces of EJBs extend from javax.ejb.EJBObject. Hence choice C is correct.

    Though it sounds likely, A, B and D are incorrect because there is no interface called EJBRemote, RemoteInterface or RemoteReference.

    202

    Which of the following are not applicable to the Primary Key Class?

    A B C D E

    It must implement the java.io.Serializable interface It must provide a default constructor It must override hashCode() and equals() Cannot be undefined if the PK is a Compound Primary Key Primitive wrappers cannot be used when dealing with Single field keys

    Choices D and E are correct.

    The question says 'not applicable' and only choices D and E are not true. Compound Primary Keys can remain undefined until deployment time and primitive wrappers can be used with dingle field keys. Hence choices D and E are correct. Choices A, B and C are true about Primary Keys and therefore incorrect choices.

    203

    Which of the following statements is true about Session Beans?

    All attributes of a Stateless Session bean have to be set to null prior to passivation.

    B All non-transient and non-serializable fields of a Stateful Session Bean have to be set to null in the ejbPassivate() method. C The container uses Passivation on Stateful and Stateless Session Beans to allow pooling and swapping which are good techniques for resource management.

    Passivation only applies to Entity Beans and not to Session Beans.

    Choice B is correct.

    When a bean is about to be passivated, the container calls the ejbPassivate() method. At this time, the bean instance can close all open resources and set all non-transient non-serializable fields to null. Hence choice B is correct. Stateless Session Beans are not passivated. Hence choice A is incorrect. While Stateful Session Beans are pooled and swapped, Stateless Session Beans are not. Hence choice C is incorrect. In addition to Entity Beans, Stateful Session Beans are passivated as well. Hence choice D is incorrect.

    204 When a call is made to a single-entity find method in an entity bean, the ObjectNotFoundException is thrown indicating that the requested entity was not found. What happens to the transaction?

    A B C D E

    It is automatically rolled back since it is an application exception. It is not automatically rolled back since it is a system exception. It is not automatically rolled back since it is an application exception. It is automatically rolled back since it is a system exception. It may or may not automatically rollback based on container specific implementation.

    Choice C is correct.

    The question deals with the ability to differentiate between system exceptions and application exceptions, and their impact on transactions. The container throws the ObjectNotFoundException to indicate that the entity requested by the single entity find method was not found. When this happens, the transaction is not typically rolled back. Hence choice C is correct. Application exceptions are thrown in response to errors encountered in the processing of business logic. Application exceptions do not cause transactions to roll back. Hence choice A is incorrect. The ObjectNotFoundException is not a system exception. Hence choice B is incorrect. Again choice D indicates that the ObjectNotFoundException is a system exception and is therefore incorrect. Choice E indicates that it is up to the container to either roll back the transaction or not, which is incorrect.

    205

    Which of the following services does the EJB Container provide?

    A B C D E

    Object Distribution Life Cycle Management Integrated Web Server and Servlet Engine Just in Time management Java Runtime Engine Transaction Management

    Choices A, B and E are correct.

    The EJB developer is only responsible to developing the core service that the component provides. All other services are decorations provided by the container. For example, the container provides object distribution via the Home Interface and Remote Interface implementations and manages the life cycle of Beans. It also provides transaction management capabilities. Hence choices A, B and E are correct. Many popular EJB vendors provide a web server and a Servlet engine as well. But that is not a responsibility of the EJB Container. Hence choice C is incorrect. Choice D, mentions something about just in time management JRE, irrelevant jargon meant to throw off the reader. Hence choice D is incorrect.

    206

    When a client calls the create() on a Stateless Session Bean's Remote Interface,

    A B

    The newInstance() method is invoked by the container The ejbCreate() method is called by the container

    C D

    Passivated instance is activated and attached to the EJB Object The Container takes an instance from the Method Ready Pool and attaches it to the EJB Object.

    Choice D is correct.

    With Stateless Session Beans, a new instance is not created each time a client request comes in. Instead, the container manages a pool of bean instances, and when a client requests the service (via a create method), an instance from the pool is assigned to service the request. Hence choice D is correct. The newInstance() method and the ejbCreate() method are invoked by the container to set up the instances in the bean pool and are not called with each create() method called by the client. Hence choices A and B are incorrect. Choice C is incorrect because Stateless Session Beans are not passivated or activated.

    207

    The container will synchronize an Entity Bean's state with the database,

    A B

    After every setXxx() method When a client calls the ejbLoad() or ejbStore() method

    C When the container thinks its appropriate based on various factors including the Transactional Context. D When the connection.flush() method is called.

    Choice C is correct.

    In CMP, the container automatically handles synchronization between the bean and the database. With BMP the developer is responsible for providing the logic for database synchronization. In both cases however, the container decides when the synchronization should occur, based on various activities such as transactions, concurrency and resource management. Hence choice C is correct.

    It is not guaranteed that data will be synchronized after each set method. Again this is because the container decides when to synchronize data. Hence choice A is incorrect.

    The methods ejbLoad() and and ejbStore() are considered callback methods - the container uses them to communicate with the entity when it is about to or just has synchronized database state. Hence clients do not make calls to these methods. Choice B is therefore incorrect. There is no method called connectionFlush(). Hence choice D is incorrect.

    208

    The standard ports for HTTPS and HTTP are

    A B C D

    21 / 110 80 / 443 443 / 80 21 / 119

    Choice C is correct.

    Although port numbers are configurable, the default ports for HTTPS and HTTP are 443 and 80. Hence choice C is correct. Port 21 is used with FTP, port 110 is used with POP3 and port 119 is used with NNTP. Hence choices A and D are incorrect. Choice B has the port numbers in the reverse order. Hence choice B is incorrect.

    209 A browser client C1 opens an SSL session with Server S1 on port 443. C1 then opens a new browser window and opens an SSL session with Server S2 (while the SSL session with S1 is active in the other browser window.) At the same time client C2 opens an SSL session with S1 on 443 as well. Which of the following statements are false?

    A B C

    Client C1 cannot be engaged in two SSL connections as the same time. S1 cannot be engaged in two SSL connections on the same port at the same time. C1 can have multiple SSL connections open at the same time.

    S1 can have multiple SSL connections open at the same time.

    Choices A and B are correct.

    Note that the question asks you which choices are false. Since clients can simultaneously engage in multiple SSL connections (through different browser instances) and servers can support multiple concurrent SSL connections, only choices A and B are false and therefore the right answers.

    Choices C and D are true and therefore incorrect.

    210

    Messaging is achieved by:

    A B C D

    Synchronous tightly coupled communication between distributed components Asynchronous loosely coupled communication between components Using Stubs and Skeletons Marshalling and unmarshalling of data

    Choice B is correct.

    Messaging is a middleware architecture that is used for asynchronous communication. This is generally achieved through a store-and-forward mechanism. All message producers and message consumers communicate to each other via a Message Oriented Middleware. Message consumers receive messages via a polling mechanism or a server-push mechanism. Hence choice B is correct. Synchronous tightly coupled communication is a feature of RPC middleware applications. Hence choice A is incorrect. Stubs and Skeletons are used to Marshall and unmarshall data in distributed RPC environments. Hence choices C and D are incorrect.

    211

    Messaging supports which of the following two models:

    A B C D

    Point to Point Envelope/Letter Publish/Subscribe Send to List

    Choices A and C are correct.

    There are two models available in Messaging. Point-to-Point is typically used for a one to one communication and Publish Subscribe is used when messages need to be broadcast to a group of subscribers. Hence choices A and C are correct. The envelope-content is not a messaging paradigm. It is an example used to illustrate how messages are constructed when using Simple Object Access Protocol (SOAP.) Hence choice B is incorrect. There is no paradigm called Send to List. Publish Subscribe is used for one to many communication. Hence choice D is incorrect.

    212

    Which of the following is not true about RPC?

    RPC attempts to mimic the behavior of a system that runs in one process

    B When a remote procedure is invoked, the caller is blocked until the procedure completes and returns control C RPC is asynchronous in nature

    RPC is tightly coupled

    Choice C is correct.

    The question is asking what is false about RPC. Only choice C, which says that RPC is asynchronous in nature, is false. Therefore choice C is correct. Choices A, B and D are true statements about RPC based communication and hence incorrect.

    213

    What is the difference between Maintainability and Manageability in Software Engineering?

    A Manageability is the ability to correct flaws in the system whereas maintainability is the ability to ensure the continued health of the system. B Maintainability is the ability to correct flaws in the system whereas manageability is the ability to ensure the continued health of the system. C Maintainability deals with ensuring that the system is always reliable and accessible whereas manageability deals with the ability to add functionality to the system. D They are both the same.

    Choice B is correct.

    Maintainability (Cade 8),"is the ability to correct flaws in the existing system without impacting other components of the system" and manageability (Cade 9)"is the ability to manage the system to ensure the continued health of a system with respect to scalability, reliability, availability, performance and security." Hence choice B is correct. The definitions in choice A are in the reverse order and incorrect in choice C. Choice D is trying to say that the two non-functional requirements refer to the same thing. Hence they are all incorrect.

    214

    Which of the following are not considered tiers in a J2EE based n-tier model?

    A B C D E F G

    Client Tier Web Tier EJB Integration Tier EIS Tier EIS Integration Tier Legacy Connectivity Tier JCA Tier

    Choices C, F and G are correct.

    The question is asking what choices are not considered as J2EE tiers. There are no tiers called 'EJB Integration Tier', 'Legacy Connectivity Tier' or 'JCA Tier.' Hence choices C, F and G are correct. J2EE applications have the following tiers: Client (Browsers, Applications, Applets, Mobile clients and so on), Web (presentation tier consisting of JSP as view and Servlets as controllers), EJB (Business Tier, consisting of EJB and supporting classes), EIS Integration (Java classes that integrate to the Enterprise Information System tier) and finally the EIS tier (relational databases, XML databases, ERP systems and so on.) Hence choices A, B, D and E are all valid J2EE application tiers and therefore incorrect.

    215

    Which of the following are true about client/server based applications?

    Clients are typically used for data presentation, validation and for processing business logic.

    B Most client/server applications follow the Model2 architecture as opposed to n-tier applications that follow Model3. C In client/server applications, the client normally consists of the view, controller and parts of the model.

    D In typical client/server applications, the presentation tier (windows) generally talks to controller (a data dispatcher), which then talks to objects that represent the enterprise data. E Client/server applications generally have fat clients and sometimes, fat servers as well. Hence both the client and the server could offer portability problems.

    Choices A, C and E are correct.

    In 2-tier applications, clients are typically used for data presentation, validation of user inputs and processing of business logic. Hence choice A is correct. If you compare the functions performed by the client with the MVC pattern, the client performs the duties of the view, the controller and parts of the model. The client interacts with the database and retrieves data. This data is then assembled into the required view. For example, a window that shows all orders taken in 1 day sorted by the customer number. The client thus acts as the view in MVC. When some search criteria is entered and the user presses a button to retrieve necessary data, the client appropriately dispatches the request to the database interaction object that retrieves the necessary data. Here the client acts as the controller. Most database interaction is encapsulated in a set of database access objects. These objects perform business rules processing. Here the client performs the job of the MVC model. Some logic is also encapsulated on the server side via triggers and stored procedures. Hence it is possible that the database also performs some model tasks in 2-tier applications. Hence choice C is correct. Client/server applications frequently suffer from fat clients or fat servers or a combination of both. This is because either all the logic is coded in the client (4GL scripting language) or all the logic is coded on the server (through stored procedures and triggers) or a combination of both. This results in poor portability of such applications. Hence choice E is correct. Choice B indicates that 2-tier applications follow Model2 architecture whereas n-tier applications follow Model3 architecture. This is untrue, because it is n-tier applications that normally follow the Model2 architecture. Hence choice B is incorrect. Although object oriented client/server platforms may offer the tools to decouple windows and database interaction objects that is not a normal feature in 2-tier applications. Hence choice D is incorrect.

    216 In n-tier models, which tier is best suited for implementing the view, and controller components of an MVC application?

    A B

    Client Tier Web Tier

    C D E F

    MVC Tier Business Tier EIS Integration Tier EIS Tier

    Choice B is correct.

    n-tier models typically follow a Model2 architecture where each tier has specific responsibilities. The view and most of the controller components are generally placed in the Web Tier (note: in some Model2 architectures, some controller components are also placed in the business logic tier.) Hence choice B is correct. Choice A is incorrect because the client tier is not responsible for the view and controller objects. Choice C is incorrect because there no such tier as MVC tier. Choices D, E and F are incorrect because none of them hold the view components (although some controller components may be present in the Business logic tier.)

    217

    Which of the following are not service level requirements that affect software architecture?

    A B C D E F G

    Detailed Design Performance Reliability Training Availability Security Design Patterns

    Choices A, D and G are correct.

    Service level requirements (Cade 6) or Quality of Service (QoS) requirements are those that are needed by an application to satisfy the business requirements of a system. Performance, Scalability, Reliability, Availability, Extensibility, Maintainability, Manageability and Security are Non-functional service level requirements. While choices A and D illustrate important aspects of a software project, they are not considered QoS requirements. Although choice D describes a best practice that is frequently used by good designers, it too is not a Service level requirement. Hence choices A, D and G are correct. Performance, Reliability, Availability and Security are service level requirements and therefore choices B, C, E and F are incorrect.

    218

    Which of the following UML diagrams may be best suited for a Business Analyst?

    A B C D E F

    Deployment Class Use Case Activity Collaboration Sequence

    Choice C is correct.

    Use Case diagrams (Cade 43)"show a set of use cases and actors and their relationships. Use Case diagrams show the static view of a system. These diagrams are especially important in organizing and modeling the behaviors of a system." Use case diagrams are frequently used by Business Analysts to capture business requirements of a system. Choice C is therefore correct. Deployment diagrams (Cade 50)"show the configuration of run time processing nodes and the components that live within these nodes. Deployment diagrams address the static view of the architecture." Architects frequently use deployment diagrams. Choice A is therefore incorrect. A class diagram (Cade 44)"shows a set of classes, interfaces and collaborations and their relationships Class diagrams address the static design view of a system." Software designers frequently use class diagrams. Choice B is therefore incorrect. Activity diagrams (Cade 48)"are a special kind of state chart diagram that show the flow from activity to activity within the system. This type of diagram is important in modeling the function of a system and emphasizing the flow of control among objects." Designers and Developers frequently use Activity diagrams. Hence choice D is incorrect.

    A Collaboration diagram (Cade 46)"is an interaction diagram that emphasizes the structural organization of objects that send and receive messages." Designers and developers frequently use Interaction diagrams. Choice E is therefore incorrect. Sequence Diagrams (Cade 46) are"interaction diagrams that emphasize the time ordering of messages." Interaction diagrams address the dynamic view of a system and are frequency used by designers and developers. Hence choice F is incorrect.

    219 Since a dependency exists between two packages if a dependency exists between any two classes in the packages, it can be deduced that all package dependencies are transitive in nature. True/False?

    A B

    True False

    Choice B is correct.

    Package Diagrams (Fowler 108)"show packages of classes and the dependencies among them A dependency exists between two elements if changes to the definition of one element may cause changes to the otherA dependency between two packages exists if any dependency exists between any two classes in the packagesWith packages dependencies are non-transitive." The question makes an argument that all package dependencies are transitive in nature, which is false. Hence choice B is correct.

    220

    Refer to the exhibit for the following question.

    In the diagram, the initialization call 1.1.1 is made by:

    A B C

    The Session Facade Object The Acct Object The AcctWebImpl Object

    Choice C is correct.

    The diagram shows a Collaboration Diagram (Collaboration diagrams are Interaction diagrams and they address the dynamic view of a system. They emphasize on the structural organization of objects. Read the SCEA for J2EE Study Guide for more information.) 1.1.1 Represents an initialization method called by the value object AcctWebImpl on itself upon construction.

    221 Megasoft Corporation has a old application that uses a legacy database. Recently Megasoft made a decision to develop the front-end code for the application using the Java Applet technology. At this time however, Megasoft is not interested migrating its data to a relational database. In the order of importance, which of the following may be the best approach to connect to the legacy database.

    JDBC-Bridge, Database Middleware, JDBC

    B C D

    Database Middleware, JDBC-ODBC bridge, JDBC JDBC, Database Middleware, JDBC-ODBC bridge JDBC, JDBC-ODBC Bridge, Database Middleware

    Choice D is correct.

    Updating the data storage tier (Jaworski 532.) "If the data storage tier of a legacy system utilizes a relational database system, JDBC may be used to provide connectivity to legacy databases. In most cases, legacy databases will not support a pure JDBC driver. If the existing system provides ODBC support, the JDBC-ODBC Bridge can be used. If the database uses custom drivers, it might be possible to find database middleware that supports the custom driver and either an ODBC or JDBC interface." It is therefore preferable to try for pure JDBC driver support, failing which one may opt for a JDBC-ODBC Bridge. If that too is not possible, then a database middleware may be used. Choice D is therefore correct. Although choices A, B and C give the same three alternatives, they are in incorrect orders of preference. Hence choices A, B and C are incorrect.

    222 Michael Fell runs a computer assembly company. He purchases parts from a wholesale parts distributor. Fell has a legacy application to track purchases of parts and sale of computers. Although the current system is very inflexible, the GUI is not very tightly coupled to the business layer. As an architect, what medium to long-term solution would you offer, given that Fell does not want to do away with his entire application yet?

    A B C D E

    Use Screen Scraping and Off-board server to provide information to a Java based application. Refactor the legacy code to make it flexible. Rewrite the inflexible parts of the application alone using Servlets Decouple the existing front-end and replace it with a J2EE based solution Replace the inflexible parts with a flexible ERP solution

    Choice D is correct.

    The key in this question is that the GUI is not very tightly coupled to the business layer. This means that the GUI can be decoupled form the system fairly easily. Further, the question asks for a medium to longterm solution. Thus in this case, using a J2EE based front-end may be preferable. Hence choice D is correct. The use of screen scrapers may have been the best short-term solution. However it is certainly not the best medium to long-term approach. Hence choice A is incorrect. Code re-factoring is not an alternative here. The question does not say anything about what the legacy system is written in and whether is easy to modularize its code. Hence choice B is incorrect. The question only mentions about changing the GUI. They are not looking to rewrite all inflexible parts of the system. Hence choice C is incorrect. Choice E is incorrect because it refers to replacing all inflexible parts of the system. Further there is no indication anywhere in the question that an ERP solution might make it more flexible.

    223

    Which design pattern can be used to create a family of dependent objects?

    A B C D E

    Factory Method Prototype Builder Abstract Factory Singleton

    Choice D is correct.

    Abstract Factory (GOF 87)"Provide an interface for creating families of related or dependent objects without specifying their concrete classes." Hence choice D is correct. Factory Method (GOF 107)" Define an interface for creating an object, but let subclasses decide which class to instantiate. Factory method lets a class defer instantiation to subclasses." Hence choice A is incorrect. Prototype (GOF 117)" Specify the kinds of objects to create using a prototypical instance, and create new objects by copying this prototype." Hence choice B is incorrect. Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction process can create different representations." Hence choice C is incorrect. Singleton (GOF 127)" Ensure a class only has one instance, and provide a global point of access to it." Hence choice E is incorrect.

    224 Pensacola, a Florida based soda company has just started operations in Dallas, TX to counter competition from Dr. Pepper. Pensacola believes that using a J2EE based application will put them ahead of the competition. Their new architect is suggesting that Session Beans be used to provide a unified interface to the Entity Beans in the system. The use of session beans here illustrates the use of what design pattern?

    A B C D E F

    Flyweight Proxy Faade Decorator Adapter Bridge

    Choice C is correct.

    Fa ade (GOF 185)"Provide a unified interface to a set of interfaces in a subsystem." The following is taken from: http://java.sun.com/blueprints/corej2eepatterns/Patterns/SessionFacade.html "Use a session bean as a facade to encapsulate the complexity of interactions between the business objects participating in a workflow. The Session Facade manages the business objects, and provides a uniform coarse-grained service access layer to clients." Hence choice C is correct. Flyweight (GOF 195)"Use sharing to support large numbers of fine-grained object efficiently." Hence choice A is incorrect. Proxy (GOF 207)"Provide a surrogate or placeholder for another object to control access to it." Hence choice B is incorrect. Decorator (GOF 175)"Attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassing for extending functionality." Hence choice D is incorrect. Adapter (GOF 139)"Convert the interface of a class into another interface clients expect. Adapter lets classes work together that couldn't otherwise because of incompatible interfaces." Hence choice E is incorrect.

    Bridge (GOF 151)"Decouple an abstraction from its implementation so that the two can vary independently." Hence choice F is incorrect.

    225 One of the advantages of using Stateless Session Beans is that they are lightweight objects and do not have conversational state overheads. Further, the container swaps these bean instances in and out of the bean pool to appropriately manage resources. This allows the container to use fewer instances of the bean to service a larger number of clients. What design pattern is being illustrated here?

    A B C D E

    Decorator Factory Faade Flyweight Visitor

    Choice D is correct.

    Flyweight (GOF 195)"Use sharing to support large numbers of fine-grained object efficiently." Here the container uses fewer instances of Stateless Session Beans to service a larger number of clients. Hence choice D is correct. Decorator (GOF 175)"Attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassing for extending functionality." Hence choice A is incorrect. Factory Method (GOF 107)" Define an interface for creating an object, but let subclasses decide which class to instantiate. Factory method lets a class defer instantiation to subclasses." Hence choice B is incorrect. Facade (GOF 185)"Provide a unified interface to a set of interfaces in a subsystem." Hence choice C is incorrect. Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates." Hence choice E is incorrect.

    226 You can traverse through the elements of many Java Collection objects because they provide a way to access their elements sequentially. What design pattern is used here?

    A B C D E F

    Visitor Observer Builder Iterator Proxy Decorator

    Choice D is correct.

    Iterator (GOF 257)"Provide a way to access the elements of an aggregate object sequentially without exposing its underlying representation." Hence choice D is correct. Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates." Hence choice A is incorrect. Observer (GOF 293)"Define a one-to-many dependency between objects so that when one object changes state, all its dependents are notified and updated automatically." Hence choice B is incorrect. Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction process can create different representations." Hence choice C is incorrect. Proxy (GOF 207)"Provide a surrogate or placeholder for another object to control access to it." Hence choice E is incorrect. Decorator (GOF 175)"Attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassing for extending functionality." Hence choice F is incorrect.

    227 Compact Computers is a small computer assembly company. Any customer currently has the following choices for a PC:

    (i)

    800 MHz processor, 40 GB HDD, 128 MB RAM

    (ii) 1 GHz processor, 60 GB HDD, 256 MB RAM (iii) 1.2 GHz processor, 80 GB HDD, 512 MB RAM

    The use of what design pattern would ensure that only the legal combinations could be sold?

    A B C D E

    Factory Method Builder Prototype Abstract Factory Singleton

    Choice D is correct.

    This question needs you to apply your knowledge of design patterns. We are dealing with families of related objects. Abstract Factory (GOF 87)"Provide an interface for creating families of related or dependent objects without specifying their concrete classes." The applicability section of Abstract Factory (GOF 88) indicates that this pattern is to be used when: A system should be configured with one of multiple families of products A family of related product objects is to be used together and the constraint needs to be enforced. Hence Abstract Factory is the right pattern for this problem. Choice D is therefore correct. Factory Method (GOF 107)" Define an interface for creating an object, but let subclasses decide which class to instantiate. Factory method lets a class defer instantiation to subclasses." Hence choice A is incorrect. Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction process can create different representations." Hence choice B is incorrect. Prototype (GOF 117)" Specify the kinds of objects to create using a prototypical instance, and create new objects by copying this prototype." Hence choice C is incorrect. Singleton (GOF 127)" Ensure a class only has one instance, and provide a global point of access to it." Hence choice E is incorrect.

    228 Inaccu Weather has a web site where people can check the weather forecast of a city for up to five days in advance. The data comes to Inaccu Weather through a specialized custom feed that directly updates a relational database. If the company can expect between fifty to hundred concurrent hits in to their site, which of the following Java based technologies may be best suited for their needs?

    A B C D E

    Servlets and JSP for presentation and Session Beans with DAO for retrieval. Servlets and JSP for presentation and CMP Beans for retrieval Servlets and JSP for presentation and BMP Beans for retrieval Applets for presentation and either Entity or Session Beans for retrieval Servlets and JSP for presentation with Java classes encapsulating all database access.

    Choice E is correct.

    The key points are: Low traffic that this site will be encountering The fact that the data is not modified through the site. All database access is going to be for simple read-only data. From these points we can summarize that the use of EJBs will be overkill for such a simple application. However you still do not want to embed data access logic directly into Servlets, as that would not be a very modular approach. Hence use Servlets and JSP for presentation and Java classes to encapsulate interactions with the database. Choice E is therefore correct. While choice A is a straightforward Model2 technique for this system, the use of EJB is not required here. Hence choice A is incorrect. Note that if the traffic becomes much higher and they wish to migrate to an EJB solution, choice A would become the best candidate. We have discussed that the use of EJB is not necessary for this application. Further there is no concurrent use of shared data. Hence Entity beans are definitely not the ideal choice. Choice B and C are therefore incorrect. Choice D indicates the use of Applets and EJB. Applets are best used when better GUI capability is required. In this example, JSP is a perfectly good solution. In any case, this choice refers to the use of EJB (already discussed as extra baggage for this problem.) Hence choice D is incorrect.

    229 Toysrfuss, a national toy store is creating a new e-front for Order processing. Customers have to create an account to transact with them, although an account is not required for browsing the catalog. Customers can browse items and add them to a shopping cart. They can then proceed to checkout. At this time, they can update quantities and submit the order. What technologies may be best suited for this application?

    A B C D E F G H

    JSP for presentation and Servlets as controllers. Servlets for presentation and JSP as controller. Stateless Session Bean for Shopping cart Stateless session bean for catalog retrieval. Stateful Session bean for shopping cart. Stateful session bean for Order update. Entity bean for Catalog retrieval Entity bean for Order update.

    Choices A, D, E and H are correct.

    The use of JSP for presentation and Servlets for controllers is consistent with the Model 2 approach. Hence A is a right choice. Choice B is the opposite of choice A and therefore incorrect. Choice C is incorrect because it is suggesting the use of a Stateless Session bean for the management of the shopping cart. Since stateless beans do not maintain any conversational state, they cannot be used for this purpose. The use of a stateless session bean for catalog retrieval is consistent with the Model 2 architecture and a recommended best practice. Choice D is therefore correct. Stateful Session Beans hold conversational state. Hence the management of a shopping cart is a good example of their use. E is therefore correct. Stateful Session beans are not very useful for updating order information. F is therefore incorrect.

    Entity beans for catalog retrieval are overkill because Entity beans are best used when shared data is being concurrently accessed or heavy transactional DML statements are required. G is therefore incorrect. Entity beans represent the enterprise data of a system and perform specialized DML operations like inserts, deletes and updates. They would be perfect for updating order information. H is therefore a correct choice.

    230

    Of the following scenarios, which one may be best suited for the use of Entity Enterprise Beans?

    A B C

    Calculation of tax information, based on data retrieved by two other Entity Beans To maintain shopping cart state for an online application To retrieve product catalogs based on a search criteria

    D To allow concurrent access to shared data, as in the case of on an online auction house's application.

    Choice D is correct.

    While Entity beans model business concepts, usually persisted as records in some kind of database, it is not necessary to use Entity beans every time you interact with the database. In fact from a performance point of view, simple selects and retrieval can be just as easily done using Session Beans with Data Access Objects (DAO.) Entity Beans are best used when you are dealing with concurrent access to shared data, where transactions, concurrency and integrity play a vital role. Hence choice D is correct. Choice A refers to using existing data and performing some calculation on it. This can be best achieved through a Stateless Session Bean. Hence choice A is incorrect. Choice B talks about maintaining conversational state. This is best dome with Stateful Session Beans. Hence choice B is incorrect. Retrieval of product catalogs is a simple query. Again this can be done through Stateless Session Beans and DAO. Hence choice C is incorrect.

    231 Most EJB servers show high degree of availability. Server clusters are an example of how this is functionality is achieved. What key advantages might server clusters offer in an EJB environment?

    A B C D E

    Load distribution Location transparency Caching capability Load balancing capability 2PC (Two phase commit) capability

    Choices A and D are correct.

    Server clusters increase availability and redundancy in a system. They also provide fault tolerance. With clusters, requests can be distributed so that multiple servers share the load. Some servers may also offer the sophistication to determine which servers are under utilized so that load can be balanced. Hence choices A and D are correct. Location Transparency is achieved through Object Distribution. This is a feature of all distributed systems. Hence choice B is incorrect. Various vendors may offer a variety of tools for better resource management. Caching may be one such capability. It has nothing to do with a multi-server environment though. Hence choice C is incorrect. Two phase commit (2PC) may be a feature offered by many J2EE vendors for addressing distributed transactions. Again this is not a feature of server clustering. Hence choice E is incorrect.

    232 Status Quo is an emerging B2C company that has a portal through which customers can purchase clay jewelry. Since the order process involves a shopping cart, session management and secure access are required. How would you manage this?

    A B C D

    Use HTTP since it is a stateful protocol Use HTTPS since it is a stateful protocol Use SOAP for state and security management. Use CGI with cookies for state management.

    Choice B is correct. HTTPS is a secure and stateful protocol.

    Choice A is incorrect because HTTP is inherently stateless. Choice C is incorrect because SOAP is an RPC mechanism, not a state management mechanism. Choice D is incorrect because CGI programs are server side processes (comparable to Java Servlets.) They do not manage session state.

    233 Chocolat, an exotic chocolate maker in France is planning to provide an e-front for chocolate sales. FedEx would ship the packages to various national and international locations. In order to customize the customer's interaction with the system and to make his / her overall shopping experience more pleasant, Chocolat has decided to support Internationalization.

    What are some of the common things they would need to consider?

    A B C D E

    Language for messages. Formats (numeric, date and so on.) DMZ requirements Taxes and legal rules. RSA

    MD5

    Choices A, B and D are correct.

    This question deals with Internationalization. Language for messages, formats (numbers, date and so on), taxes and legal rules are all subject to Internationalization. Hence A, B and D are correct. Choice C refers to a security mechanism where a demilitarized zone is created between two firewalls and is irrelevant to I18N. RSA and MD5 are security terminology used with cryptography. Therefore choices E and F are incorrect.

    234 A sample program ships with 2 properties files - Base.properties, Base_fr.properties. If the current Locale, Locale.ENGLISH has no matching properties file, what will happen when the ResourceBundle.getBundle method is called with 'Base' and Locale. English as parameters?

    Since a matching properties file is not found, an exception is thrown

    B This would not pose a problem because when a matching properties file is not found, the default properties file is used instead.

    Choice B is correct.

    When the getBundle() method is called on ResourceBundle, it checks to see if a class or property file is available for the base parameter's current locale. If neither is available, it uses the default. In this case Base.Properties will be used. Hence choice B is correct.

    235

    What is a Demilitarized Zone (DMZ)?

    A The logical separation of tiers in a J2EE application. Example: the separation between the Web Tier and the EJB Tier

    B The logical separation of layers in a J2EE application. Example: The separation between the Operating System and the EJB Container. C A type of protection offered by proxy firewalls, currently only available to the U.S armed forces under National Security laws. D The region between two firewalls

    Choice D is correct.

    Demilitarized Zone (DMZ) is an area between two firewalls. The outer firewall lets requests to publicly accessible services in. It will reject all other requests. The inner firewall will protect the company's internal network and prevent requests coming into the DMZ from passing through it. Choice D is therefore correct. Choices A, B and C are all incorrect.

    236 ScreamWorks, a cinema multiplex, has a website from which you may download signed applets with the latest trailers, show timings and so on. The Applet works on Java 1.3 or higher. The applet needs to write user preferences to a temp file in the host machine (where it is being executed). Is that possible? Note that the client has defined a usePolicy and the java.policy has granted no persmissions for the applet

    A Applets cannot be used here because even signed applets are untrusted if the necessary permissions are not granted B The sandbox model does not apply to signed applets. Hence this will pose no problem.

    Choice A is correct.

    This question expects you to be familiar with the changes in the Java 2 Security model. In JDK1.2 and higher, all code local and remote can be subjected to a security policy. By default, remote code will be constrained to the old Sandbox model. However if a policy file is created with grant privileges, an applet will be restricted to the grants whether or not it is signed. Hence choice A is correct.

    237

    Which of the following are valid methods in Entity EJBs?

    A B C D E F

    ejbActivate() observe() ejbRetrieve() ejbStore() ejbDestroy() ejbRemove()

    Choices A, D and F are correct. Entity Beans are subject to activation and Passivation. The container informs the bean that the bean is about to be passivated or activated through the two callback methods - ejbPassivate() and ejbActivate(). EjbStore() is a callback method used during database synchronization. EjbRemove() is called when the client wishes to remove the data the bean represents, from the database. Hence choices A, D and F are correct. EjbSave(), ejbRetrieve() and ejbDestroy() are not valid methods for EJBs. Hence choices B, C and E are incorrect.

    238 What does the term Atomicity mean in the context of ACID transactional properties and Enterprise Java Beans?

    A B C

    Integrity of underlying data Non Interference from other processes or systems Complete execution or no execution at all

    Maintenance of all data changes in physical storage

    Choice C is correct.

    Atomicity (Monson-Haefel 2nd edition 275)"To be atomic, a transaction must execute completely or not at all." Hence choice C is correct. Choice A refers to 'Consistency.' Hence it is incorrect. Choice B refers to 'Isolation.' Hence it is incorrect. Choice D refers to 'Durability.' Hence it is incorrect.

    239 Which of the following statements about 'Not Supported' and 'Never' transactional attributes are true?

    A Not Supported' suspends any transaction until the method is completed whereas 'Never' throws a RemoteException when called with a transaction. B Never' suspends any transaction until the method is completed whereas 'Not Supported' throws a RemoteException. C D If the method is called without any transactional scope, both attributes will work identically. If the method is called with a transactional scope, both attributes will work identically.

    Choices A and C are correct.

    Choice A describes how the transactional attributes 'Not Supported' and 'Never' work. A is therefore correct. B is the inverse of A and therefore incorrect. C describes a situation where a method with transactional attribute 'Not Supported' or 'Never' is called without a transactional scope. In this case they both behave identically. Choice C is therefore correct. Choice D indicates that under both circumstances the method will execute identically. This is incorrect because a 'Never' method will throw a 'RemoteException' if called with a transaction. D is therefore incorrect.

    240 EJB1.1 has support for undefined Primary Keys. This means that the Primary Key can be undefined until deployment time. When we use defined Primary Keys, the Bean class and the Interfaces use the BeanPK type to identify the key.

    What do the Bean class and the Interfaces refer to in the case of undefined Primary Keys?

    A Though the Primary Key itself can be undefined, its name must be predetermined. The Bean class and the Interfaces use this name. B C D An instance of java.util.Enumeration An instance of java.lang.Class An instance of java.lang.Object

    Choice D is correct.

    EJB 1.1 has support for undefined Primary Keys, which means that they can be deferred until deployment time. When undefined Primary Keys are used, the Bean class and its interfaces can refer to the undefined key using java.lang.Object. Choice A gives some incorrect information to throw you off. Choices B and C are incorrect because you cannot use java.lang.Enumeration or java.lang.Class for referring to undefined Primary Keys.

    241

    Which of the following statements is true about DNS Round Robin?

    A B

    It considers actual load on machines before routing requests. It uses a random generator to decide which server to route a request to.

    C It routs requests to one server until a configured threshold is reached and then sends subsequent requests to the next server. D Each Request is sent to subsequent server in the list, after the end is reached it starts with the first server again.

    Choice D is correct.

    DNS Round Robin is a method is load distribution by which a set of servers is allowed to process incoming requests in sequence. The first request goes to the first server, the second to the second server and so on. When the end is reached, the next request starts from the first server again. Hence choice D is correct.

    Note that DNS Round Robin is a good load distribution technique, not a load balancing technique. Since requests get processed sequentially in DNS Round Robin, the current load on a server is not taken into account before a new request is delegated to a server. In load balancing techniques however, the load on individual servers is monitored before additional requests are sent to them. Hence choice A is incorrect.

    DNS Round Robin allows servers to process requests sequentially, not in a random fashion. Hence choice B is incorrect.

    With load balancing techniques, a load monitor may check for the current load on a primary server before deciding to delegate subsequent requests to another server. This is not true of DNS Round Robin though. Hence choice C is incorrect.

    242

    Generally speaking what is the relevance between Performance and Security?

    They are not related to each other in any way t4High Security generally results in high performance

    B C D

    High performance is a pre-requisite for secure systems Security and Performance are inversely proportional Low performance systems cannot be secure

    Choice D is correct.

    One of the key aspects of security is encryption and decryption of data. Data encryption ensures that sensitive data will be protected against eavesdropping and tampering. A concept called 'cryptography' is used for accomplishing this. The two popular types of cryptography are 'Public Key Cryptography' or 'Asymmetric Key Cryptography' and 'Symmetric Key Cryptography.' In both forms, a combination of Cryptographic algorithms (ciphers) and hashing algorithms protect the data from intruders. The data is decrypted at the receiver's end and becomes intelligible again. All this work results in extra overheads. Hence generally increased security results in a lower performance. Choice D is therefore correct.

    Higher security results in lower performance. Hence choices A and B are incorrect.

    A high performance is not a technical pre-requisite for secure systems although it may be a good idea to increase performance wherever possible to offset the performance loss due to higher security. Hence choice C is incorrect.

    Many poorly engineered secure systems exhibit poor performance. Hence choice E is incorrect.

    243

    Refer to the following diagram:

    In the above diagram:

    A B C D E F

    A has an association relationship with C C has an association relationship with A A has a composition relationship with C C has a composition relationship with A A has an aggregation relationship with C C has an aggregation relationship with A

    Choice E is correct.

    Aggregate relationship in UML is denoted with an open diamond on one side of an association relationship. In the above diagram, class A has an aggregate relationship with Interface C. Generally this means that at runtime, class A will hold a reference to an object that implements Interface C. Hence choice E is correct.

    The interface C does not have an association, aggregation or composition relationship with class A. Choices B and D and F are therefore incorrect.

    If class A had a solid diamond instead of an open diamond, it would have represented a composition. Hence choice C is incorrect.

    244

    Refer to the following exhibit:

    The above diagram is an example of:

    A B C D E

    Object Interaction Diagram Collaboration Diagram State Diagram Sequence Diagram Activity Diagram

    Choice D is correct.

    The diagram shown above represents a Sequence diagram. A sequence diagram is an interaction diagram that shows the time ordering of events. Choice D is therefore correct.

    245

    CORBA specification does not provide support for which of the following?

    A B C D E F

    Naming Service Container managed Persistence Security Transaction Service Event (Asynchronous Messaging) Concurrency Control

    Choice B is correct.

    CORBA does not provide support for 'Container Managed Persistence.' CMP is a concept only supported by the EJB specification. Hence choice B is correct.

    CORBA has support for Naming, Security, Transactions, Events and Concurrency control. Hence the other choices are incorrect.

    246 Company ABC has a legacy application that can be accessed via CORBA. The company wants to integrate new Java based development with the existing legacy services. At this time no new services are planned. If the legacy application were primarily to be used as a CORBA server, which connectivity option would you recommend?

    A B

    RMI-JRMP RMI with JNI

    C D E

    Java IDL RMI-IIOP HTTP tunneling

    Choice C is correct.

    The key here is that the existing legacy system supports a CORBA interface and no new services are being currently planned. If Java code is primarily going to access CORBA services, the recommended connectivity tool is Java IDL. Java IDL gives Java code CORBA capability. Hence choice C is the correct answer.

    RMI-JRMP should be used when dealing with distributed applications, all written primarily in Java. Hence choice A is incorrect.

    The question does not specify anything about the legacy code's JNI capability. However it specifically mentions about CORBA compatibility. Hence choice B is incorrect.

    RMI-IIOP is the protocol used with EJB. The legacy system is coded with a CORBA interface and the question mentions that no new coding is anticipated. So EJBs are not a good choice for this problem. Hence choice D is incorrect.

    When you wish to communicate with a system whose firewall does not permit requests of a certain protocol, the requests are sometimes masqueraded as HTTP requests. This concept is called HTTP tunneling. Hence choice E is incorrect.

    247 Which of the following defines a standard architecture for connecting the J2EE platform to heterogeneous EIS applications?

    J2SE

    B C D E

    Java Web Start JDBC JMS JCA

    Choice E is correct.

    The following is taken from: http://java.sun.com/j2ee/connector/

    "The J2EE Connector architecture provides a Java solution to the problem of connectivity between the many application servers and EISs already in existence. By using the J2EE Connector architecture, EIS vendors no longer need to customize their product for each application server. Application server vendors who conform to the J2EE Connector architecture do not need to add custom code whenever they want to add connectivity to a new EIS." Hence choice E is correct.

    J2SE is a platform that provides"the compiler, tools, runtimes and APIs for developing, deploying and running applets and applications in the Java programming language." Hence choice A is incorrect.

    The following is taken from: http://java.sun.com/products/javawebstart/

    "Java TM Web Start -- a technology for simplifying deployment of Java applications-- gives you the power to launch full-featured applications with a single click from your Web browser. You can now download and launch applications, such as a complete spreadsheet program or an Internet chat client, without going through complicated installation procedures." Hence choice B is incorrect.

    The following is taken from: http://java.sun.com/products/jdbc/

    "JDBCTM technology is an API that lets you access virtually any tabular data source from the Java TM programming language. It provides cross-DBMS connectivity to a wide range of SQL databases, and now, with the new JDBC API, it also provides access to other tabular data sources, such as spreadsheets or flat files.

    The JDBC API allows developers to take advantage of the Java platform's "Write Once, Run Anywhere TM" capabilities for industrial strength, cross-platform applications that require access to enterprise data. With a JDBC technology-enabled driver, a developer can easily connect all corporate data even in a heterogeneous environment." Hence choice C is incorrect.

    The following is taken from: http://java.sun.com/products/jms/

    "The JMS API improves programmer productivity by defining a common set of messaging concepts and programming strategies that will be supported by all JMS technology-compliant messaging systems." While you may be able to communicate with EIS systems using JMS (if the EIS supports JMS), it is not a standardized architecture for connecting to heterogeneous EIS applications. Hence choice D is incorrect.

    248

    Which of the following methods is optional in the Home Interface of an Entity Bean?

    A B C D

    Create() FindByPrimaryKey() Remove() None of the above

    Choice A is correct.

    Sometimes when you do not want the clients of an EJB application to add data to your system, you may choose not to provide a create method in the Home Interface of the Enterprise bean. The create method is therefore optional. Hence choice A is correct.

    249

    The Bean class provides implementations for which of the following methods?

    A B C D E F G

    Methods in the Bean's Home Interface Methods in the Bean's Remote Interface EJB Callback methods A, B and C A and B A and C B and C

    Choices A, B and C are correct.

    The Bean class has implementations for the methods corresponding to the methods in the Home and Remote Interfaces, and the bean's callback methods. Hence choice D is correct.

    250

    Which of the following statements is true about Stateful Session Beans?

    A B

    They leave Method Ready Pool state to enter Does not Exist State. They leave Method Ready state to enter Stateful State.

    C D

    They leave Method Ready state to enter Passivated or Does not Exist state. They never leave the Method Ready state.

    Choice C is correct.

    The valid lifecycle states of a Stateful Session Bean are Does Not Exist, Method Ready, Method Ready (in TX) and Passive. The Bean instance leaves the Method Ready state to enter the Passive State (through Passivation) or the Does Not Exist State (through removal). Hence choice C is correct.

    Method Ready Pool is not a valid state for Stateful Session Beans because the specifications do not mandate the container to maintain a bean pool for Stateful Session Beans. Note that some containers may internally use some kind of pooling mechanism for achieving higher performance. Hence choice A is incorrect.

    There is no Stateful State in the lifecycle of a Stateful Session Bean. Choice B is therefore incorrect.

    Stateful Beans leave the Method Ready State to enter Does not Exist or Passive State. Hence choice D is incorrect.

    251 A session bean called SomeBean has a method called someMethod(), which calls someOtherMethod (same bean) followed by someOtherBeanMethod() of SomeOtherBean. If SomeMethod() starts a BMT transaction, which of the following are true?

    SomeOtherMethod also has to be use BMT since it's part of the same bean.

    B SomeOtherMethod can use BMT or CMT, because transactions are defined at the method level in the deployment descriptor. C If SomeOtherBean is a Session Bean, it has to necessarily use BMT since the caller is a BMT method. D E F If SomeOtherBean is a Session Bean, it may use either BMT or CMT. If SomeOtherBean is an Entity Bean, it may use either BMT or CMT. If SomeOtherBean is an Entity Bean, it must necessarily use only CMT.

    Choices A, D and F are correct.

    A Bean may be defined as either a BMT bean or a CMT bean. One cannot have some methods of a bean participating in Container Managed Transactions and other methods participating in Bean Managed Transactions. Hence choice A is correct.

    Session Beans may either be defined as CMT beans or BMT beans whereas Entity beans can only be CMT beans. Hence choices D and F are correct.

    The same bean cannot have both BMT and CMT transaction management. Hence choice B is incorrect.

    SomeOtherBean is a different Bean. It may either be defined as a BMT bean or a CMT bean. Just because the calling bean is in a BMT transaction, all the other beans do not have to be BMT beans as well. Hence choice C is incorrect.

    Entity Beans can only be CMT beans. Hence choice E is incorrect.

    252 In EJB 1.1 the EJB timeout property may be added to the Bean's deployment descriptor for easier declarative life cycle management. True/False?

    A B

    True False

    The above statement is False.

    In EJB 1.0, the timeout period was specified in the deployment descriptor and defined as number of seconds. Between two business method invocations, the timer was reset. In EJB 1.1 however, the

    deployer is allowed to set the timeout in a vendor dependent manner. Hence the above statement is false.

    253 A B2C company uses J2EE based technologies for its e-commerce storefront. In order to increase scalability and availability they plan to add capacity to their existing server and also add a new server. Which of the following statements are true?

    A B C D

    Adding capacity will improve scalability, as more memory would allow better bean pooling. Adding a server would be difficult, as EJB servers cannot span multiple physical machines. The proposal not does address horizontal scalability. The proposal addresses both vertical and horizontal scalability.

    E Adding a server to the system would be easy as EJB vendors generally support fault tolerant mechanisms via server clustering.

    Choices A, D and E are correct.

    The proposal to add capacity and an additional server address the issue of scalability. Adding capacity is an example of Vertical Scalability and adding a new server is an example of Horizontal Scalability. Additional servers also improve availability because of redundancy and fault tolerance. Hence choices A, D and E are correct.

    Most J2EE vendors provide multi-server support. Hence choice B is incorrect.

    Adding a new server is an example of Horizontal scalability. Hence choice C is incorrect.

    254 Company ABC Inc. has an existing J2EE application that provides an EJB interface. ABC Inc. is writing a new J2EE based application for enhanced MIS reporting. Which of the technologies listed below would be ideal for this?

    A B C D

    RMI/JRMP with JNI Java IDL RMI / IIOP JMS

    Choice C is correct.

    The key here is that ABC Inc. is using a primarily EJB based application. The protocol used in EJB is RMIIIOP. Hence choice C is correct.

    The question clearly says that the existing application is in EJB. There is no legacy connectivity involved here. Hence choice A is inappropriate and therefore incorrect.

    Java IDL is primarily used when a majority of the code needs a CORBA interface. Since the existing code is already in EJB, there is no need for Java IDL here. Hence choice B is incorrect.

    JMS is useful when you want to send messages to other applications asynchronously via a Message Oriented Middleware. Hence option D is incorrect as well.

    255

    A firewall blocks all requests except those on ports 80 and 443. IIOP requests

    A B C D E

    Can be processed because IIOP always works on port 80 Cannot be processed because port 80 belongs to a different protocol Can be processed by SSL Can be processed via HTTP blocking Can be processed via HTTP tunneling

    Choice E is correct.

    Tunneling is a concept that allows requests of one protocol to masquerade as requests of another protocol, so that they may bypass the firewall. In the case of HTTP tunneling, requests try to pass of as HTTP requests. Hence choice E is correct.

    Port 80 is the standard port for HTTP requests, not CORBA requests. Hence choice A is incorrect.

    Although port 80 may be used for HTTP, that does not mean that CORBA requests cannot be processed. As it happens, HTTP tunneling will allow CORBA requests looking like HTTP requests to pass through port 80. Hence choice B is incorrect.

    SSL stands for Secure Sockets Layer. SSL is a protocol that exists above TCP/IP and below application level protocols. SSL does not process CORBA requests. Hence choice C is incorrect.

    While firewalls may block requests of certain protocols, there is no concept called HTTP blocking. Hence choice D is incorrect.

    256

    Applications exchange messages through:

    A B C D

    Active channels called Networks Active Channels called Message Brokers Virtual Channels called Digests Virtual Channels called Destinations

    Choice D is correct.

    257

    Which of the following are true about Publish/Subscribe?

    A B C D

    Subscribers receive a copy of every message. It is a Pull (Polling) based model. It is a push-based model. It is generally used when one publisher wishes to send a message to one subscriber.

    Choices A and C are correct.

    In the Publish/Subscribe messaging paradigm the publisher broadcasts a message to the Message Oriented Middleware (MOM.) The MOM then typically uses a server-push mechanism to try to push a copy of the message to every subscriber who showed interest in the topic. Optionally a subscriber may also register as a durable subscriber, in which case the message will have guaranteed delivery. Hence choices A and C are correct.

    The Point-to-Point (P2P) model is a queue-based model where the message consumer typically polls the queue for incoming messages. Publish/Subscribe, on the other hand is a push-based model. Hence choice B is incorrect.

    Publish/Subscribe is generally used for a one to many type of communication while P2P is typically used for a one to one communication. Hence choice D is incorrect.

    258

    In the Publish/Subscribe messaging architecture, publishers send messages to:

    A B C

    A specified node, which is then re-distributed to all subscribers. Directly to all subscribers in the Topic subscription list. A designated queue.

    D A component transaction monitor such as an EJB Server for further processing by a message driven bean.

    Choice A is correct.

    The Publish subscribe model of messaging is a one to many messaging paradigm where the publisher typically sends a message to a centralized node. The node then broadcasts the message to all the topic subscribers, who have registered their interest in the topic. This allows the publisher and the subscribers to be decoupled. Further if the subscriber is registered as a durable subscriber, he will receive the message ultimately even if he is currently inactive. The MOM provider can thus guarantee delivery and any Quality of Service requirements pertaining to the message delivery.

    Although possible, choice B is not the ideal implementation method, because it couples publishers and subscribers. Most MOM providers use a server process that communicates with client processes for establishing heartbeats and for communicating messages.

    Choice C is incorrect because it refers to the Point-to-Point messaging model, which is typically a one to one communication between two parties.

    Choice D is incorrect because the Message Driven Bean is a message listener. So the best use of a message driven bean would be as a subscriber.

    259 1-tier applications represent a single point of failure, although typically, changes to one part of the system do not generally affect the whole system. True/False?

    A B

    True

    False

    Choice B is correct.

    1-tier systems represent a single point of failure. Further if any changes are made to one part of the system, typically the whole system may be affected because of a high degree of tight coupling. Hence choice B is correct.

    260

    Which of the following are not true about N-Tier Systems?

    A N-Tier systems are distributed over many systems and hence always present a maintenance problem. B N-Tier systems are generally component based and are therefore quite easy to maintain.

    C Since N-Tier systems do not use database stored procedures or triggers for business logic processing, they are generally very slow. D Since N-Tier systems are container based, many N-Tier systems can be easily scaled (both vertically and horizontally). E N-Tier systems suffer from only one drawback over client/server systems - N-Tier systems do not take advantage of resource sharing techniques such as connection pooling. F N-Tier systems can use various techniques for Identification, Authentication and Authorization and are therefore considered quite secure.

    Choices A, C and E are correct.

    This is a discussion about the benefits vs. drawbacks of N-Tier applications. Note that the question says 'not true.'

    Though N-Tier systems are distributed over many systems, when architected and designed well, they do not present any maintenance problems. This is because they are highly modular (component-container based) and it is relatively easy to correct problems in one tier without impacting other tiers. Therefore A is a correct choice.

    N-Tier systems can also yield high performance. They can be highly optimized at each tier. Server clusters can be used where bottlenecks are encountered, connection pools can be used by applications to acquire and release connections (a process more effective that creation and destruction of connections) and so on. Hence choice C is a correct choice.

    Though not relevant to the discussion it should be noted that putting all business rules in the database tier reduces database portability and also violates tier encapsulation. Hence it is not considered a J2EE best practice to use stored procedures and triggers extensively for business logic processing.

    As opposed to client/server systems, N-Tier systems generally make extensive use of resource sharing capabilities. Bean Pools and Connection pools are good examples. Hence E is a right answer.

    B, D and F are good examples of other capabilities of N-Tier systems.

    261 In general, 1-tier applications are less horizontally scalable than 3-tier applications, although from a scalability point of view, client/server applications are the most scalable. True/False?

    A B

    True

    False

    The above statement is False.

    This is a trick question. It starts out by making a true statement although that is not the main stem of the question. The main stem seems to indicate that Client/Server applications are the most scalable types of applications. That is incorrect because N-Tier applications are modular and therefore individual components can be targeted for scaling.

    262

    Which of the following do not aid a system's extensibility?

    Modularizing Code

    B C D

    Using well defined software design patterns Using Servlets to manage distributed database access Using JSP Scriptlets to locate Enterprise beans

    E Using Data Access Objects when Session Beans or BMP Entity beans have to communicate to the database.

    Choices C and D are correct.

    Extensibility refers to a systems ability to incorporate new functionality with ease. Writing Database access code within Servlets or using JSP for locating Enterprise Java Beans make the code very difficult to maintain. These are poor programming practices and adversely affect the extensibility of a system. Hence choices C and D are correct.

    Modularized code, good design practices using patterns, and encapsulating database access with a DAO all make the code easy to maintain, thus rendering the system easily extensible.

    263

    Refer to the following exhibit

    In the UML diagram,

    A B C D E F G

    A' has an association relationship with 'B' 'B' has an association relationship with 'A' 'A' extends 'B' 'A' has a composition relation with 'B' 'B' has a composition relationship with 'A' 'A' has an aggregation relationship with 'B' 'B' has an aggregation relationship with 'A'

    Choice D is correct.

    The relationship between class A and class B represents the strongest form of association - composition. A solid diamond near the object that will instantiate the other object in the association, denotes a composition relationship.

    Class A does not have an association or aggregation (open diamond near A) relationship with class B. Class A also does not extend B (open triangle near B.) Hence all other choices are incorrect.

    264

    Refer to the following exhibit

    What UML diagram is shown in the exhibit?

    Class

    B Object C D E F G Component Collaboration Sequence Package Node

    Choice F is correct.

    The diagram denotes a package diagram. A package diagram (Fowler 108) shows packages of classes and the dependencies among them. Choice F is correct.

    265

    Which of the following statements about Interaction diagrams are true?

    Interaction diagrams represent the dynamic view of a system. Interaction

    B Interaction diagrams may represent static or dynamic views of the system. C diagrams are polymorphic. D E Interaction diagrams are isomorphic. Interaction diagrams only show time ordering of messages.

    F Interaction diagrams may show the structural organization of the objects that send or receive messages.

    Choices A, D and F are correct.

    Interaction diagrams (Fowler 67) are models that describe how groups of objects collaborate in some behavior. There are two kinds of Interaction diagrams - Sequence diagrams and Collaboration diagrams.

    (Cade 46) Interaction diagrams address the dynamic view of a system. A sequence diagram emphasizes on the time ordering of messages whereas a collaboration diagram emphasizes the structural organization of the objects that send or receive messages. Sequence diagrams and Collaboration diagrams are also isomorphic (you can take one and transform it to the other.) Hence choices A, D and F are correct.

    Interaction diagrams do not describe the static view of a system. Hence choice B is incorrect.

    Interaction diagrams are isomorphic, nor polymorphic. Hence choice C is incorrect.

    Interaction diagrams show either the time ordering of messages (sequence diagrams) or the structural organization of objects (collaboration diagrams.) Hence choice E is incorrect.

    266

    Refer to the following diagram

    From the diagram, it can be inferred that:

    A B C D E

    A can only have 2 or 4 Bs associated with it A can have 2 to 4 (4 not inclusive) Bs associated with it A can have 2 to 4 (2 not inclusive) Bs associated with it A can have either 2 or 4 Bs associated with it but not 3 A can have 3 Bs associated with it

    Choice E is correct.

    The multiplicity shown above translates into (A can have 2 to 4 Bs associated with it.) Choice E says that A can have 3 Bs associated with it and is therefore correct.

    267 Nopester Inc., a CD manufacturer uses Metallic Corporation for making jewel cases. When the inventory of jewel cases falls under the reorder level, Nopester communicates with Metallic via faxes. Nopester now wants to build a solution for its supply chain management. Metallic uses a legacy system that supports CORBA interfaces for other companies to interface to them with. Metallic's servers are protected by firewalls and will only let HTTP or HTTPS requests through.

    What is Nopester's best option here?

    A B C D

    Since Metallic will not let CORBA requests through, Nopester should continue sending faxes. Nopester should take its business away to Metallic's competitors. Nopester should use the popular SOAP protocol since SOAP requests communicate over HTTP. Nopester should use a concept called HTTP tunneling to communicate with Metallic.

    Choice D is correct.

    One of the most common interconnection problems that arise in third party integrations is that of security. Most companies have strict security policies and only allow access to the ports that support HTTP and HTTPS. Therefore CORBA requests generally have to masquerade as HTTP requests to get through the firewall. While this beats the very purpose of the firewall, such implementations are quite common. This concept is called HTTP tunneling. Hence choice D is correct.

    Choice A is incorrect for obvious reasons. What is the point of automation if we still want to use a paper based solution?

    Choice B is incorrect because businesses do not change partners due to minor software issues.

    Choice C is incorrect because there is no mention of whether Metallic supports SOAP in the discussion.

    268 Syracuse Sobers is a National Hockey League team in upstate New York. They currently use a mainframe-based application for talent procurement and management. Their team currently visits various schools and universities across the country. When they find an interesting candidate, they enter his profile details in hand held devices. Later the information is faxed to Syracuse, where another set of users enters the data into the mainframe.

    Given that the Sobers do not want to incur too much capital and operational expense in rewriting the application, what would be the quickest way of giving them an Internet based profile management system?

    A B C D

    Rewrite the system using Applets. Rewrite the system using Model2 Architecture based solution. Use screen scraper for obtaining an object interface and off-board server for forwarding requests. Use RMI with JNI. t+Enable HTTP tunneling and use CORBA calls.

    Choice C is correct.

    The key here is 'less expensive' and 'quickest.' Hence the best method under the given circumstances is the combined use of Screen Scrapers and an off-board server. Choice C is therefore correct.

    Rewriting the system is time consuming and also cost intensive. Hence choices A and B are incorrect.

    There is no mention of the legacy application supporting JNI. The question mentions that it is a mainframe-based application, making screen scrapers the safest bet. Hence choice D is incorrect.

    There is also no mention of CORBA support. Hence choice E is incorrect.

    269 A Philadelphia based cable company is using J2EE for their Customer Management system. The system uses a combination of HTML and JSP for presentation. Java Servlets are used as Controllers. All Servlets have access to a ServletContext object, which functions as a Container to the shared resources of the Servlets. The ServletContext object best exemplifies what design pattern?

    A B C D E

    Iterator Mediator Interpreter State Singleton

    Choice E is correct.

    Singleton (GOF 127)" Ensure a class only has one instance, and provide a global point of access to it." In the example cited above, all Servlets use a common ServletContext object as a container for the shared resources. This is a perfect example of the Singleton Design Pattern. Hence choice E is correct.

    Iterator (GOF 257)"Provide a way to access the elements of an aggregate object sequentially without exposing its underlying representation." Hence choice A is incorrect.

    Mediator (GOF 273)"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and lets you vary their interaction independently." Hence choice B is incorrect.

    Interpreter (GOF 243)"Given a language, define a representation for its grammar along with an interpreter that uses the representation to interpret sentences in the language." Hence choice C is incorrect.

    State (GOF 305)"Allow an object to alter its behavior when its internal state changes. The object will appear to change its class." Hence choice D is incorrect.

    270 Since Stateful Session Beans are not pooled as their Stateless counterparts, the container uses Passivation and activation techniques for better resource management. What design pattern is close to the concept of Passivation, as described here?

    A B C D E F

    Composite Flyweight Template Method Command Memento Chain of Responsibility

    Choice E is correct.

    Memento (GOF 283)"Without violating encapsulation, capture and externalize an object's internal state so that the object can be restored to this state later."

    With Stateful Session Beans the container externalizes the state of the bean via Passivation for better memory management. When required, a bean in the passive state can be brought back to the Method Ready state via activation. Hence choice E is correct.

    Composite (GOF 163)"Compose objects into tree structures to represent part-whole hierarchies. Composite lets clients treat individual objects and composites of objects uniformly." Choice A is irrelevant here and therefore incorrect.

    Flyweight (GOF 195)"Use sharing to support large numbers of fine-grained object efficiently." Hence choice B is therefore incorrect.

    Template Method (GOF 325)"Define a skeleton of an algorithm in an operation, deferring some steps to subclasses. Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure." Choice C is therefore incorrect.

    Command (GOF 233)"Encapsulate a request as an object, thereby letting you parameterize clients with different requests, queue or log requests, and support undoable operations." Choice D is therefore incorrect.

    Chain of Responsibility (GOF 223)" Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request." Chain the receiving objects and pass the request along the chain until an object handles it." Choice F is therefore incorrect.

    271 Heaven's Stairway, an e-auction house allows sellers to put up items for sale. Potential buyers can subscribe an interest in these items. When somebody updates the cost with a higher price, the new price information is sent to a JMS based middleware. The MOM then intimates all subscribers of the event. What design pattern is illustrated in the discussion here?

    A B C D E

    Service to Worker Fast Lane Reader Observer Visitor Publish/Subscribe

    Choice C is correct.

    Observer (GOF 293)"Define a one-to-many dependency between objects so that when one object changes state, all its dependents are notified and updated automatically." In the example above, when someone (message producer) updates the bid price, the MOM has to send a message to all interested subscribers (message consumers.) This is a good example of the Observer Design Pattern. Hence choice C is correct.

    The following is taken from: http://java.sun.com/blueprints/corej2eepatterns/Patterns/ServiceToWorker.html

    Service to Worker:"Combine a controller and dispatcher with views and helpers (see Front Controller and View Helper also) to handle client requests and prepare a dynamic presentation as the response. Controllers delegate content retrieval to helpers, which manage the population of the intermediate model for the view. A dispatcher is responsible for view management and navigation and can be encapsulated either within a controller or a separate component." Examples of Service to Worker pattern can be seen in popular Model2 Frameworks such as Struts and Web Application Framework (WAF.) This pattern is not relevant to this situation and choice A is therefore incorrect.

    The following is taken from:

    "The Fast Lane Reader design pattern provides a more efficient way to access tabular, read-only data. A fast lane reader component directly accesses persistent data using JDBCTM components, instead of using entity beans. The result is improved performance and less coding, because the component represents data in a form that is closer to how the data are used." When EJBs are not required in an application (smaller applications) and JSP pages need to access the database to retrieve information, they may use helper classes, which in turn instantiate DAOs to access data. A JSP page retrieving catalog information through the CatalogHelper class and the CatalogDAO is a good example of the Fast Lane Reader Pattern. Hence choice B is incorrect.

    Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates." Choice D is therefore incorrect.

    Publish/Subscribe is a messaging architecture, not a design pattern. Hence choice E is incorrect.

    272 In JMS based applications components never interact with each other directly. The messages are always sent to the MOM and the MOM stores and forwards them to the recipients. This concept helps avoid explicit references and promotes loose coupling. The MOM is acting as a/an:

    A B C D E

    Interpreter Visitor Mediator Service Locator Service to Worker

    Choice C is correct.

    Mediator (GOF 273)"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other explicitly, and lets you vary their interaction independently."

    In this example, the MOM decouples the message producers and consumers from referring to each other directly, thus acting as a Mediator. Choice C is therefore correct.

    Interpreter (GOF 243)"Given a language, define a representation for its grammar along with an interpreter that uses the representation to interpret sentences in the language." Hence choice A is incorrect.

    Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes of the elements on which it operates." Choice B is therefore incorrect.

    The following is taken from: http://java.sun.com/blueprints/patterns/ServiceLocator.html

    "The Service Locator pattern centralizes distributed service object lookups, provides a centralized point of control, and may act as a cache that eliminates redundant lookups. It also encapsulates any vendorspecific features of the lookup process." In Model2 architectures, Controllers may use Service Locators to delegate business events. Choice D is therefore incorrect.

    The following is taken from: http://java.sun.com/blueprints/corej2eepatterns/Patterns/ServiceToWorker.html

    Service to Worker:"Combine a controller and dispatcher with views and helpers (see Front Controller and View Helper also) to handle client requests and prepare a dynamic presentation as the response. Controllers delegate content retrieval to helpers, which manage the population of the intermediate model for the view. A dispatcher is responsible for view management and navigation and can be encapsulated either within a controller or a separate component." Examples of Service to Worker pattern can be seen in popular Model2 Frameworks such as Struts and Web Application Framework (WAF.) This pattern is not relevant to this situation and choice E is therefore incorrect.

    273 Compact Computers is a small computer assembly company. Its online application allows customers to pick and choose accessories to build their own PCs. The accessories are:

    i.

    Processor - 800Mhz, 1Ghz, 1.2Ghz

    ii. HDD - 40 GB, 60 GB, 80 GB iii. Memory - 128 MB, 256 MB, 512 MB

    Customers choose parts and quantities during the order. For example, a customer could choose a second HDD as a secondary hard drive or purchase additional RAM. What design pattern may be optimal for implementing a suitable design here?

    A B C D E F

    Factory Method Prototype Singleton Template Method Business Delegate Builder

    Choice B is correct.

    Prototype (GOF 117)"Specify the kinds of objects to create using a prototypical instance, and create new objects by copying this prototype." In this example, the key is that using prototypical instances (for Hard Drives and RAM), you can create multiple instances of the required part. Hence choice B is correct.

    Factory Method (GOF 107)" Define an interface for creating an object, but let subclasses decide which class to instantiate. Factory method lets a class defer instantiation to subclasses." Factory Method pattern is used when concrete factory classes are required for creating subclasses. Hence choice A is incorrect.

    Singleton (GOF 127)" Ensure a class only has one instance, and provide a global point of access to it." Hence choice C is incorrect.

    Template Method (GOF 325)"Define a skeleton of an algorithm in an operation, deferring some steps to subclasses. Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure." Choice D is therefore incorrect.

    The following is taken from: http://java.sun.com/blueprints/patterns/BusinessDelegate.html

    "In distributed applications, lookup and exception handling for remote business components can be complex. When applications use business components directly, application code must change to reflect changes in business component APIs.

    These problems can be solved by introducing an intermediate class called a business delegate, which decouples business components from the code that uses them. The Business Delegate pattern manages

    the complexity of distributed component lookup and exception handling, and may adapt the business component interface to a simpler interface for use by views." Hence choice E is incorrect.

    Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction process can create different representations." Builder is used to create a complex object made up of specific types of parts. Here we know the parts but not their quantities. Hence Builder is inappropriate here and therefore choice F is incorrect.

    274 Doomingdale's has an online application where customers may browse the latest season's catalogs. At this time no e-commerce is planned. What J2EE technology is best suited for this application. Note that a study of Internet traffic over the last two years in a similar company indicated that the site can expect up to five hundred thousand hits a day although during Thanksgiving, when sales are at the highest, it could get ten to twenty times higher, perhaps even more.

    A B C D E F

    Java Servlets JSP with Java classes CMP Entity Beans BMP Entity Beans Stateless Session Beans with DAO Stateful Session Beans with DAO

    Choice E is correct.

    The key here is the nature of the application. No e-commerce is planned at this time, so there may not be any order transactions requiring Entity Beans. However the site can expect half a million hits each day, the number increasing exponentially during holiday seasons, indicating that perhaps Session Beans should be considered for the application. Catalog retrieval can be done with simple Session beans and DAO. Hence choice E is correct.

    Choice A and B are not suitable because using just Java Servlets and JSP alone may not be the best solution in a system involving heavy usage.

    As stated earlier, Entity Beans are not necessary here because there is no transactional processing. Choices C and D are therefore incorrect.

    Stateless Session Beans are sufficient for performing simple database retrieval operations. Stateful Session Beans are only required when conversational state needs to be maintained, as in the case of ecommerce applications with shopping carts. Hence choice F is incorrect.

    275 Hiatus Regency is a popular resort hotel. It has four regional headquarters in the U.S. There is also a national headquarters in Gaithersburg, MD. All calls made to the toll-free 800 numbers are routed to the nearest call center. If the requested city falls outside the region, the call gets rerouted from the call center appropriately. Hiatus requires a nightly update of all transactions to the national headquarters for nationwide batch reporting. What J2EE technology may be best suited for this?

    A B C D E F G

    Java-IDL RMI-JRMP EJB JTA/JTS JCA JMS JAF

    Choice F is correct.

    Whenever asynchronous communication is required, messaging is the best option. Most MOM implementations provide guaranteed delivery and high QoS levels. Further, messaging decouples the producer and consumer and can be used when bandwidth availability is limited, since no synchronous

    response is required. The key here is the nightly update clearly indicating the asynchronous nature of the communication. Hence choice F is correct.

    Java-IDL, RMI-JRMP and EJB are used for synchronous communication. Hence choices A, B and C are incorrect.

    JTA/JTS is used to manage user-defined transactions and is irrelevant to this discussion. Hence choice D is incorrect.

    The following is taken from: http://java.sun.com/j2ee/connector/

    "The J2EE Connector architecture provides a Java solution to the problem of connectivity between the many application servers and EISs already in existence. By using the J2EE Connector architecture, EIS vendors no longer need to customize their product for each application server. Application server vendors who conform to the J2EE Connector architecture do not need to add custom code whenever they want to add connectivity to a new EIS." Hence choice E is incorrect.

    The following is taken from: http://java.sun.com/products/javabeans/glasgow/jaf.html "With the JavaBeans TM Activation Framework standard extension, developers who use Java TM technology can take advantage of standard services to determine the type of an arbitrary piece of data, encapsulate access to it, discover the operations available on it, and to instantiate the appropriate bean to perform said operation(s). For example, if a browser obtained a JPEG image, this framework would enable the browser to identify that stream of data as an JPEG image, and from that type, the browser could locate and instantiate an object that could manipulate, or view that image." Hence choice G is incorrect.

    276

    Which of the following situations may be best suited for implementation using Servlets and JSP?

    A B C D E F

    Need large scale deployment Need heavy use of transactions Need to process dynamic requests from HTTP clients Need access to relational databases through a generic set of APIs To function as Intercepting filters, request processors and request dispatcher When static templates are combined with data to form dynamic HTML output

    Choices C, E and F are correct.

    Servlets and JSP are best suited for applications where there is a need for processing dynamic requests from HTTP clients. In Model2 architectures, Servlets are used as Controllers and are responsible for processing incoming requests, and dispatching them to appropriate handlers. JSP are used as views to combine static templates with dynamic data to form HTML or XML output. Hence choices C, E and F are correct.

    When an application involves large-scale deployment and heavy transactional requirements, EJBs are the best technology. Hence choices A and B are incorrect.

    JDBC is used to access relational databases through a generic set of APIs. Hence choice D is incorrect.

    277

    What are the benefits of Bean pooling?

    A Bean instances are created during startup, thus avoiding the expense of creation, each time a client requests it.

    Bean pooling allows load distribution over several machines.

    C Bean pooling is the container's way of balancing load - moving future requests from client to a different machine, if load increases are encountered. D Allows a container to use beans as flyweights.

    Choices A and D are correct.

    One of the advantages of using stateless session beans are that they are light weight objects and can therefore be used in situations that do not require any conversational state management. The container makes use of this capability to create a pool of instances that can be used to service client requests. When a request is serviced, the bean instance is moved back to the pool. Thus the expense of creation is avoided each time a client request comes in. Further the concept of using a smaller number of instances to service a large number of clients is referred to as the Flyweight pattern (GOF 195), the case with bean pooling. Therefore choices A and D are correct.

    Bean pooling is not responsible for load distribution (something accomplished by DNS Round Robin.) Some containers working under a clustered environment achieve load balancing. Again this is not a benefit of bean pooling. Hence choices B and C are incorrect.

    278

    What are the valid life-cycle states an Entity Bean can exist in?

    A B C D

    Does Not Exist, Pooled, Method Ready Does Not Exist Ready, Ready (in TX), Passivated Does Not Exist, Method Ready Pool Does Not Exist, Pooled, Ready

    Choice D is correct.

    The valid lifecycle states for an Entity Bean are Does Not Exist, Pooled and Ready. Hence choice D is correct.

    Entity Beans do not have a Method Ready state. Hence choice A is incorrect.

    When Entity Beans are passivated, they enter the pooled state. Also, there is no Method Ready (in TX) state for Entity Beans. Hence choice B is incorrect.

    The Method Ready Pool state is a lifecycle state for Stateless Session Beans, not Entity Beans. Hence choice C is incorrect.

    279 A company has a third party billing system that provides C++ API access. In the current architecture, a daemon process listens on a specified port on the server for incoming payloads. The incoming payloads are then decoded to the form command <tab> data. Once the command is known, the process calls the appropriate API with the data. The company is trying to move to a Java based solution. However, until the billing system is upgraded, they will still need to use the C++ bases APIs.

    What Protocol may be best suited for achieving this?

    A B C D E F

    RMI-JRMP with JNI wrappers for the API calls RMI-IIOP (Stateless session beans making the API calls) Custom socket programming to replace the C++ daemon process with a Java class HTTP request making a CGI call for the Billing updates JINI based program to interface to the APIs JCA to make the API call

    Choice A is correct.

    The key here is that the billing system supports C++ based APIs. The new code is being written in the Java platform. The best approach here is to write RMI-JRMP code to talk to the billing system and have JNI wrappers there to communicate with the C++ APIs. Hence choice A is correct.

    The question says that the billing system only supports C++ APIs. Hence choice B is incorrect.

    While custom Java socket programming may be used on the server side to replace the C++ process, in order to call the APIs, C++ wrappers will still be required. Hence choice C is incorrect.

    HTTP, JINI and JCA do not satisfy the requirement of the C++ wrapper need. Hence choices D, E and F are also incorrect.

    280

    Which of the following statements are true?

    A B C D

    The java.text package contains classes and interfaces for handling text in a locale-sensitive way. The java.text package contains the Locale class and classes for Date and Time. The java.util package contains classes for importing and exporting non-Unicode character data. The java.util package contains the Locale class and classes for Date and Time

    Choices A and D are correct.

    The java.text and java.util packages are used to support Java Internationalization. The java.text package has classes and interfaces for handling locale specific text and the java.util package containes the Locale class and other classes for Date and Time manipulation. Hence choices A and D are correct.

    The java.util package contains the Locale class and Date and Time classes. Hence choice B is correct.

    The InputStreamReader and OutputStreamWriter classes handle non-Unicode character data conversion. These classes are found in the java.io package. Hence choice C is incorrect.

    281

    The representation of a set of cultural and language preferences is done using which class?

    A B C D

    java.util.LanguagePreference java.text.MessageFormat ResourceBundle Locale

    Choice D is correct.

    The following is taken from: http://java.sun.com/products/jdk/1.1/docs/guide/intl/intl.doc.html#26726

    "A Locale object represents a specific geographical, political, or cultural region. An operation that requires a locale to perform its task is called locale-sensitive and uses the Locale object to tailor information for the user. For example, displaying a number is a locale-sensitive operation- the number should be formatted according to the customs and conventions of the user's native country, region, or culture." Hence choice D is correct.

    There is no LanguagePreference class. Regional preferences are addressed through various I18N features such as ResourceBundle, Locale and so on. Hence choice A is incorrect.

    The following is taken from: http://java.sun.com/products/jdk/1.1/docs/guide/intl/intl.doc.html#24167

    "The class MessageFormat provides a means to produce concatenated messages in language-neutral way. The MessageFormat object takes a set of objects, formats them, and then inserts the formatted strings into the pattern at the appropriate places." Hence choice B is incorrect.

    The following is taken from: http://java.sun.com/products/jdk/1.1/docs/guide/intl/intl.doc.html#23039

    "The class ResourceBundle is an abstract base class representing containers of resources. Programmers create subclasses of ResourceBundle that contain resources for a particular locale. New resources can be added to an instance of ResourceBundle, or new instances of ResourceBundle can be added to a system without affecting the code that uses them. Packaging resources as classes allows developers to take advantage of Java's class loading mechanism to find resources. Resource bundles contain locale-specific objects. When a program needs a locale-specific resource, a String object for example, the program can load it from the resource bundle that is appropriate for the current user's locale. In this way, the programmer can write code that is largely independent of the user's locale isolating most, if not all, of the locale-specific information in resource bundles." Hence choice C is incorrect.

    282 What is the difference in the Java Security model between JDK 1.1 and JDK1.2 with regards to applets?

    A There is no difference between the two JDK versions in question. Applets are always confined to the sandbox. B In JDK 1.1, applets are never trusted and in JDK 1.2 they always are.

    C JDK 1.2 fixed a flaw in the JDK 1.1 security policy. There are no security holes in JDK 1.2 because Applets are never trusted. D In JDK 1.1 only signed applets were trusted whereas in JDK 1.2, any applet with the right security permissions can be trusted.

    Choice D is correct.

    The following is taken from: http://java.sun.com/docs/books/tutorial/security1.2/overview/index.html

    "JDK 1.1 introduced the concept of a "signed applet," as illustrated in the next figure. A digitally signed applet is treated like local code, with full access to resources, if the public key used to verify the signature is trusted. Unsigned applets are still run in the sandbox. Signed applets are delivered, with their respective signatures, in signed JAR (Java Archive) files.

    JDK 1.2 introduces a number of improvements over JDK 1.1. First, all code, regardless of whether it is local or remote, can now be subject to a security policy. The security policy defines the set of permissions available for code from various signers or locations and can be configured by a user or a system administrator. Each permission specifies a permitted access to a particular resource, such as read and write access to a specified file or directory or connect access to a given host and port.

    The runtime system organizes code into individual domains, each of which encloses a set of classes whose instances are granted the same set of permissions. A domain can be configured to be equivalent to the sandbox, so applets can still be run in a restricted environment if the user or the administrator so chooses. Applications run unrestricted, as before, by default but can optionally be subject to a security policy." As we can see, the Java 2 Security model is totally flexible. Hence choice D is correct.

    Choices A, B and C are incorrect because there are differences between the JDK 1.1 and JDK 1.2 security model and signed applets were trusted in JDK 1.1 whereas all applets are subject to a security policy in JDK 1.2.

    283

    Which of the following are mandatory steps in the SSL handshake?

    A B C D

    Validate Client to Server Validate Server to Client Allow client and server to choose cryptographic algorithm Use symmetric key encryption to generate shared secrets

    Choices B and C are correct.

    When a client tries to establish an SSL connection with a server, the server identifies itself to the client. The client may optionally identify itself to the server. The client and the server then choose the best cryptographic algorithm. Public Key Cryptography is used to generate shared secrets and Symmetric Key Cryptography is then used for communication. Hence choices B and C are correct.

    The client's validation to the server is an optional step in the SSL handshake. Hence choice A is incorrect.

    Public Key Cryptography is used to generate shared secrets. Hence choice D is incorrect.

    284 When a Stateful Session Bean is passivated, what activities should the developer perform in the ejbPassivate() method?

    A B C D

    Close all open resources Set transient fields to NULL Set Non-transient fields to NULL Set non-transient non-serializable fields to NULL

    Choices A and D are correct.

    During Passivation, it is the developer's responsibility to ensure that all open resources are closed and all non-transient non-serializable fields are set to NULL. Therefore choices A and D are correct.

    There is no need to set transient fields to NULL. They will not be serialized anyway. Therefore choice B is incorrect.

    If Non-transient fields are set to NULL, there is no point in serializing the bean instance. Hence choice C is incorrect.

    285 Session Bean SB1 calls a method in another Session Bean SB2. If the calling Bean has a transactional scope, with which of the following attributes in SB2, will the transaction not be propagated?

    A B C D

    Supports Required Not Supported Requires New

    E F

    Mandatory Never

    Choices C, D and F are correct.

    The following is taken from: http://java.sun.com/blueprints/guidelines/designing_enterprise_applications_2e/transactions/transactio ns7.html

    "Transaction Attributes: A transaction attribute is a value associated with a method of an enterprise bean that uses container-managed transaction demarcation. A transaction attribute is defined for an enterprise bean method in the bean's deployment descriptor, usually by an application component provider or application assembler. The transaction attribute controls how the EJB container demarcates transactions of enterprise bean methods. In most cases, all methods of an enterprise bean will have the same transaction attribute. For optimization purposes, it is possible to have different attributes for different methods. For example, an enterprise bean may have methods that do not need to be transactional.

    A transaction attribute must be specified for the methods in the component interface of a session bean and for the methods in the component and home interfaces of an entity bean.

    Required - If the transaction attribute is Required, the container ensures that the enterprise bean's method will always be invoked with a JTA transaction. If the calling client is associated with a JTA transaction, the enterprise bean method will be invoked in the same transaction context. However, if a client is not associated with a transaction, the container will automatically begin a new transaction and try to commit the transaction when the method completes.

    RequiresNew - If the transaction attribute is RequiresNew, the container always creates a new transaction before invoking the enterprise bean method and commits the transaction when the method returns. If the calling client is associated with a transaction context, the container suspends the association of the transaction context with the current thread before starting the new transaction. When the method and the transaction complete, the container resumes the suspended transaction.

    NotSupported - If the transaction attribute is NotSupported, the transactional context of the calling client is not propagated to the enterprise bean. If a client calls with a transaction context, the container suspends the client's transaction association before invoking the enterprise bean's method. After the method completes, the container resumes the suspended transaction association.

    Supports - It the transaction attribute is Supports and the client is associated with a transaction context, the context is propagated to the enterprise bean method, similar to the way the container treats the Required case. If the client call is not associated with any transaction context, the container behaves similarly to the NotSupported case. The transaction context is not propagated to the enterprise bean method.

    Mandatory - The transaction attribute Mandatory requires the container to invoke a bean's method in a client's transaction context. If the client is not associated with a transaction context when calling this method, the container throws javax.transaction.TransactionRequiredException if the client is a remote client or javax.ejb.TransactionRequiredLocalException if the client is a local client. If the calling client has a transaction context, the case is treated as Required by the container.

    Never - The transaction attribute Never requires that the enterprise bean method explicitly not be called within a transaction context. If the client calls with a transaction context, the container throws java.rmi.RemoteException if the client is a remote client or javax.ejb.EJBException if the client is a local client. If the client is not associated with any transaction context, the container invokes the method without initiating a transaction."

    With Not Supported, Requires New and Never, the existing transaction's scope will not be propagated. Therefore choices C, D and F are correct and choices A, B and E are incorrect.

    286

    The findByXxx() method in the Home Interface of an entity bean returns

    A B C D

    An Instance of java.lang.Object An instance of the Remote Reference to the bean An instance of java.util.Enumeration An instance of the Bean class.

    Choices B and C are correct.

    The finder methods return either an instance of the Remote Reference to the bean or an instance of java.lang.Enumeration (if multiple rows are found.) Therefore choices B and C are correct.

    The finder methods never return an instance of java.lang.Object. Choice A is therefore incorrect.

    The bean class is never explicitly returned to the client. The client always only works with the remote reference to the bean class. Choice D is therefore incorrect.

    287 With Bean Managed Persistence, what are the developer's responsibilities in terms of data synchronization?

    A The DML statements for inserting, deleting and updating data are coded in appropriate methods and the client program is responsible for synchronizing data by calling the methods appropriately. B The DML statements for inserting, deleting and updating data are coded in appropriate methods but since ejbLoad() and ejbStore() are callback methods, the container makes calls to them, as needed.

    Choice B is correct.

    With BMP, although the code necessary for inserting, deleting and updating data is provided by the developer, the container still decides when to synchronize the Bean's state with the database. The container makes this decision based on various activities including the current transactional context and so on. The client does not call the callback methods explicitly. Hence choice B is correct.

    Choice A is incorrect because it suggests that it is the client's responsibility to invoke the callback methods.

    288

    Under which of the following conditions should you use an Entity Bean?

    i. ii.

    The bean represents a business entity, not a procedure. The bean's state must be persistent. If the bean instance terminates or if the J2EE server is shut down, the bean's state still exists in persistent storage (a database).

    A B C D

    Choice (i) only Choice (ii) only Choice (i) or (ii) depending on whether the Container is EJB 1.0 compliant or EJB 1.1 compliant Both choice (i) and (ii)

    Choice D is correct.

    Entity Beans are best used when the bean represents a business entity and when the bean's state must be persistent. Hence choice D is correct.

    i. The bean represents a business entity, not a procedure. ii. The bean's state must be persistent. If the bean instance terminates or if the J2EE server is shut down, the bean's state still exists in persistent storage (a database).

    You might also like