SCWCD Questions 201 - 210

QUESTION NO: 201


Which statement is true about web container session management?
A. Access to session-scoped attributes is guaranteed to be thread-safe by the web container.
B. To activate URL rewriting, the developer must use the HttpServletResponse.setURLRewriting
method.
C. If the web application uses HTTPS, then the web container may use the data on the HTTPS
request stream to identify the client.
D. The JSESSIONID cookie is stored permanently on the client so that a user may return to the
web application and the web container will rejoin that session.

Answer: C


QUESTION NO: 202


You are designing an n-tier Java EE application. You have already decided that some of your
JSPs will need to get data from a Customer entity bean. You are trying to decide whether to use a
Customer stub object or a Transfer Object. Which two statements are true? (Choose two.)
A. The stub will increase network traffic.
B. The Transfer Object will decrease data staleness.
C. The stub will increase the logic necessary in the JSPs.
D. In both cases, the JSPs can use EL expressions to get data.
E. Only the Transfer Object will need to use a Business Delegate.
F. Using the stub approach allows you to design the application without using a Service Locator.

Answer: A,D

QUESTION NO: 203


Which two are characteristics of the Intercepting Filter pattern? (Choose two.)
A. It provides centralized request handling for incoming requests.
B. It forces resource authentication to be distributed across web components.
C. It reduces coupling between presentation-tier clients and underlying business services.
D. It can be added and removed unobtrusively, without requiring changes to existing code.
E. It allows preprocessing and postprocessing on the incoming requests and outgoing responses.

Answer: D,E


QUESTION NO: 204


A developer has created a web application that includes a servlet for each use case in the
application. These servlets have become rather difficult to maintain because the request
processing methods have become very large. There is also common processing code in many
servlets because these use cases are very similar. Which two design patterns can be used
together to refactor and simplify this web application? (Choose two.)
A. Proxy
B. View Helper
C. Front Controller
D. Session Facade
E. Business Delegate
F. Model-View-Controller

Answer: C,F


QUESTION NO: 205


A developer is designing a multi-tier web application and discovers a need to hide the details of
establishing and maintaining remote communications from the client. In addition, the application
needs to find, in a transparent manner, the heterogeneous business components used to service
the client's requests. Which design patterns, working together, address these issues?
A. Business Delegate and Transfer Object
B. Business Delegate and Service Locator
C. Front Controller and Business Delegate
D. Intercepting Filter and Transfer Object
E. Model-View-Controller and Intercepting Filter

Answer: B


QUESTION NO: 206


A developer is designing a web application that must support multiple interfaces, including:
an XML web service for B2B
HTML for web-based clients
WML for wireless customers
Which design pattern provides a solution for this problem?
A. Session Facade
B. Business Delegate
C. Data Access Object
D. Model-View-Controller
E. Chain of Responsibility

Answer: D


QUESTION NO: 207


A developer is designing a web application which extensively uses EJBs and JMS. The developer
finds that there is a lot of duplicated code to build the JNDI contexts to access the beans and
queues. Further, because of the complexity, there are numerous errors in the code. Which J2EE
design pattern provides a solution for this problem?
A. Command
B. Transfer Object
C. Service Locator
D. Session Facade
E. Business Delegate
F. Data Access Object

Answer: C

QUESTION NO: 208



A developer is designing a web application that must support multiple interfaces, including:
an XML web service for B2B
HTML for web-based clients
WML for wireless customers
Which design pattern provides a solution for this problem?
A. Session Facade
B. Business Delegate
C. Data Access Object
D. Model-View-Controller
E. Chain of Responsibility

Answer: D


QUESTION NO: 209


Which two are characteristics of the Front Controller pattern? (Choose two.)
A. It simplifies remote interfaces to distributed objects.
B. It promotes cleaner application partitioning and encourages reuse.
C. It provides an initial point of contact for handling all related requests.
D. It reduces maintainability due to the increased complexity of the design.
E. It provides loosely coupled handlers that can be combined in various permutations.

Answer: B,C


QUESTION NO: 210


Squeaky Beans Inc. hired an outside consultant to develop their web application. To finish the job
quickly, the consultant created several dozen JSP pages that directly communicate with the
database. The Squeaky business team has since purchased a set of business objects to model
their system, and the Squeaky developer charged with maintaining the web application must now
refactor all the JSPs to work with the new system. Which pattern can the developer use to solve
this problem?
A. Transfer Object
B. Service Locator
C. Intercepting Filter
D. Business Delegate

Answer: D

SCWCD Questions 191 - 200

QUESTION NO: 191


Given:
11. <servlet>
12. <servlet-name>catalog</servlet-name>
13. <jsp-file>/catalogTemplate.jsp</jsp-file>
14. <load-on-startup>10</load-on-startup>
15. </servlet>
Which two are true? (Choose two.)
A. Line 13 is not valid for a servlet declaration.
B. Line 14 is not valid for a servlet declaration.
C. One instance of the servlet will be loaded at startup.
D. Ten instances of the servlet will be loaded at startup.
E. The servlet will be referenced by the name catalog in mappings.

Answer: C,E


QUESTION NO: 192


You have built a web application with tight security. Several directories of your webapp are used
for internal purposes and you have overridden the default servlet to send an HTTP 403 status
code for any request that maps to one of these directories. During testing, the Quality Assurance
director decided that they did NOT like seeing the bare response page generated by Firefox and
Internet Explorer. The director recommended that the webapp should return a more user-friendly
web page that has the same look-and-feel as the webapp plus links to the webapp's search
engine. You have created this JSP page in the /WEB-INF/jsps/error403.jsp file. You do NOT want
to alter the complex logic of the default servlet. How can you declare that the web container must
send this JSP page whenever a 403 status is generated?
A. <error-page>
<error-code>403</error-code>
<url>/WEB-INF/jsps/error403.jsp</url>
</error-page>
B. <error-page>
<status-code>403</status-code>
<url>/WEB-INF/jsps/error403.jsp</url>
</error-page>
C. <error-page>
<error-code>403</error-code>
<location>/WEB-INF/jsps/error403.jsp</location>
</error-page>
D. <error-page>
<status-code>403</status-code>
<location>/WEB-INF/jsps/error403.jsp</location>
</error-page>

Answer: C


QUESTION NO: 193


Given a portion of a valid Java EE web application's directory structure:
MyApp
|
|-- Directory1
| |-- File1.html
|
|-- META-INF
| |-- File2.html
|
|-- WEB-INF
|-- File3.html
You want to know whether File1.html, File2.html, and/or File3.html is protected from direct access
by your web client's browsers.
What statement is true?
A. All three files are directly accessible.
B. Only File1.html is directly accessible.
C. Only File2.html is directly accessible.
D. Only File3.html is directly accessible.
E. Only File1.html and File2.html are directly accessible.
F. Only File1.html and File3.html are directly accessible.
G. Only File2.html and File3.html are directly accessible.

Answer: B


QUESTION NO: 194


A web component accesses a local EJB session bean with a component interface of
com.example.Account with a home interface of com.example.AccountHome and a JNDI reference
of ejb/Account. Which makes the local EJB component accessible to the web components in the
web application deployment descriptor?
A. <env-ref>
<ejb-ref-name>ejb/Account</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<local-home>com.example.AccountHome</local-home>
<local>com.example.Account</local>
</env-ref>
B. <resource-ref>
<ejb-ref-name>ejb/Account</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<local-home>com.example.AccountHome</local-home>
<local>com.example.Account</local>
</resource-ref>
C. <ejb-local-ref>
<ejb-ref-name>ejb/Account</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<local-home>com.example.AccountHome</local-home>
<local>com.example.Account</local>
</ejb-local-ref>
D. <ejb-remote-ref>
<ejb-ref-name>ejb/Account</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<local-home>com.example.AccountHome</local-home>
<local>com.example.Account</local>
</ejb-remote-ref>

Answer: C


QUESTION NO: 195


One of the use cases in your web application uses many session-scoped attributes. At the end of
the use case, you want to clear out this set of attributes from the session object. Assume that this
static variable holds this set of attribute names:
201. private static final Set<String> USE_CASE_ATTRS;
202. static {
203. USE_CASE_ATTRS.add("customerOID");
204. USE_CASE_ATTRS.add("custMgrBean");
205. USE_CASE_ATTRS.add("orderOID");
206. USE_CASE_ATTRS.add("orderMgrBean");
207. }
Which code snippet deletes these attributes from the session object?
A. session.removeAll(USE_CASE_ATTRS);
B. for ( String attr : USE_CASE_ATTRS ) {
session.remove(attr);
}
C. for ( String attr : USE_CASE_ATTRS ) {
session.removeAttribute(attr);
}
D. for ( String attr : USE_CASE_ATTRS ) {
session.deleteAttribute(attr);
}
E. session.deleteAllAttributes(USE_CASE_ATTRS);

Answer: C


QUESTION NO: 196


Given an HttpServletRequest request:
22. String id = request.getParameter("jsessionid");
23. // insert code here
24. String name = (String) session.getAttribute("name");
Which three can be placed at line 23 to retrieve an existing HttpSession object? (Choose three.)
A. HttpSession session = request.getSession();
B. HttpSession session = request.getSession(id);
C. HttpSession session = request.getSession(true);
D. HttpSession session = request.getSession(false);
E. HttpSession session = request.getSession("jsessionid");

Answer: A,C,D


QUESTION NO: 197


A developer for the company web site has been told that users may turn off cookie support in their
browsers. What must the developer do to ensure that these customers can still use the web
application?
A. The developer must ensure that every URL is properly encoded using the appropriate URL
rewriting APIs.
B. The developer must provide an alternate mechanism for managing sessions and abandon the
HttpSession mechanism entirely.
C. The developer can ignore this issue. Web containers are required to support automatic URL
rewriting when cookies are not supported.
D. The developer must add the string ?id=<sessionid> to the end of every URL to ensure that the
conversation with the browser can continue.

Answer: A


QUESTION NO: 198


You need to store a floating point number, called Tsquare, in the session scope. Which two code
snippets allow you to retrieve this value? (Choose two.)
A. float Tsquare = session.getFloatAttribute("Tsquare");
B. float Tsquare = (Float) session.getAttribute("Tsquare");
C. float Tsquare = (float) session.getNumericAttribute("Tsquare");
D. float Tsquare = ((Float) session.getAttribute.("Tsquare")).floatValue();
E. float Tsquare = ((Float) session.getFloatAttribute.("Tsquare")).floatValue;
F. float Tsquare = ((Float) session.getNumericAttribute.("Tsquare")).floatValue;

Answer: B,D

QUESTION NO: 199


Given the definition of MyObject and that an instance of MyObject is bound as a session attribute:
8. package com.example;
9. public class MyObject implements
10. javax.servlet.http.HttpSessionBindingListener {
11. // class body code here
12. }
Which is true?
A. Only a single instance of MyObject may exist within a session.
B. The unbound method of the MyObject instance is called when the session to which it is bound
times out.
C. The com.example.MyObject must be declared as a servlet event listener in the web application
deployment descriptor.
D. The valueUnbound method of the MyObject instance is called when the session to which it is
bound times out.

Answer: D

QUESTION NO: 200


As a convenience feature, your web pages include an Ajax request every five minutes to a special
servlet that monitors the age of the user's session. The client-side JavaScript that handles the
Ajax callback displays a message on the screen as the session ages. The Ajax call does NOT
pass any cookies, but it passes the session ID in a request parameter called sessionID. In
addition, assume that your webapp keeps a hashmap of session objects by the ID. Here is a
partial implementation of this servlet:
10. public class SessionAgeServlet extends HttpServlet {
11. public void service(HttpServletRequest request, HttpServletResponse) throws IOException {
12. String sessionID = request.getParameter("sessionID");
13. HttpSession session = getSession(sessionID);
14. long age = // your code here
15. response.getWriter().print(age);
16. }
... // more code here
47. }
Which code snippet on line 14, will determine the age of the session?
A. session.getMaxInactiveInterval();
B. session.getLastAccessed().getTime() - session.getCreationTime().getTime();
C. session.getLastAccessedTime().getTime() - session.getCreationTime().getTime();
D. session.getLastAccessed() - session.getCreationTime();
E. session.getMaxInactiveInterval() - session.getCreationTime();
F. session.getLastAccessedTime() - session.getCreationTime();

Answer: F

SCWCD Questions 181 - 190

QUESTION NO: 181


Your web application uses a simple architecture in which servlets handle requests and then
forward to a JSP using a request dispatcher. You need to pass information calculated in the
servlet to the JSP for view generation. This information must NOT be accessible to any other
servlet, JSP or session in the webapp. Which two techniques can you use to accomplish this goal?
(Choose two.)
A. Add attributes to the session object.
B. Add attributes on the request object.
C. Add parameters to the request object.
D. Use the pageContext object to add request attributes.
E. Add parameters to the JSP's URL when generating the request dispatcher.

Answer: B,E


QUESTION NO: 182


For which three events can web application event listeners be registered? (Choose three.)
A. when a session is created
B. after a servlet is destroyed
C. when a session has timed out
D. when a cookie has been created
E. when a servlet has forwarded a request
F. when a session attribute value is changed

Answer: A,C,F


QUESTION NO: 183


Given:
String value = getServletContext().getInitParameter("foo");
in an HttpServlet and a web application deployment descriptor that contains:
<context-param>
<param-name>foo</param-name>
<param-value>frodo</param-value>
</context-param>
Which two are true? (Choose two.)
A. The foo initialization parameter CANNOT be set programmatically.
B. Compilation fails because getInitParameter returns type Object.
C. The foo initialization parameter is NOT a servlet initialization parameter.
D. Compilation fails because ServletContext does NOT have a getInitParameter method.
E. The foo parameter must be defined within the <servlet> element of the deployment descriptor.
F. The foo initialization parameter can also be retrieved using
getServletConfig().getInitParameter("foo").

Answer: A,C


QUESTION NO: 184


Click the Exhibit button. Given the web application deployment descriptor elements:
11. <filter>
12. <filter-name>ParamAdder</filter-name>
13. <filter-class>com.example.ParamAdder</filter-class>
14. </filter>
...
31. <filter-mapping>
32. <filter-name>ParamAdder</filter-name>
33. <servlet-name>Destination</servlet-name>
34. </filter-mapping>
...
55. <servlet-mapping>
56. <servlet-name>Destination</servlet-name>
57. <url-pattern>/dest/Destination</url-pattern>
58. </servlet-mapping>
What is the result of a client request of the Source servlet with no query string?

A. The output "filterAdded = null" is written to the response stream.

B. The output "filterAdded = addedByFilter" is written to the response stream.

C. An exception is thrown at runtime within the service method of the Source servlet.

D. An exception is thrown at runtime within the service method of the Destination servlet.

Answer: A

QUESTION NO: 185

Given a Filter class definition with this method:

21. public void doFilter(ServletRequest request,

22. ServletResponse response,

23. FilterChain chain)

24. throws ServletException, IOException {

25. // insert code here

26. }

Which should you insert at line 25 to properly invoke the next filter in the chain, or the target

servlet if there are no more filters?

A. chain.forward(request, response);

B. chain.doFilter(request, response);

C. request.forward(request, response);

D. request.doFilter(request, response);

Answer: B

QUESTION NO: 186

Servlet A forwarded a request to servlet B using the forward method of RequestDispatcher. What

attribute in B's request object contains the URI of the original request received by servlet A?

A. REQUEST_URI

B. javax.servlet.forward.request_uri

C. javax.servlet.forward.REQUEST_URI

D. javax.servlet.request_dispatcher.request_uri

E. javax.servlet.request_dispatcher.REQUEST_URI

Answer: B

QUESTION NO: 187

You want to create a valid directory structure for your Java EE web application, and you want to

put your web application into a WAR file called MyApp.war. Which two are true about the WAR

file? (Choose two.)

A. At deploy time, Java EE containers add a directory called META-INF directly into the MyApp

directory.

B. At deploy time, Java EE containers add a file called MANIFEST.MF directly into the MyApp

directory.

C. It can instruct your Java EE container to verify, at deploy time, whether you have properly

configured your application's classes.

D. At deploy time, Java EE containers add a directory call META-WAR directly into the MyApp

directory.

Answer: A,C

QUESTION NO: 188

Which two from the web application deployment descriptor are valid? (Choose two.)

A. <error-page>

<exception-type>*</exception-type>

<location>/error.html</location>

</error-page>

B. <error-page>

<exception-type>java.lang.Error</exception-type>

<location>/error.html</location>

</error-page>

C. <error-page>

<exception-type>java.lang.Throwable</exception-type>

<location>/error.html</location>

</error-page>

D. <error-page>

<exception-type>java.io.IOException</exception-type>

<location>/error.html</location>

</error-page>

E. <error-page>

<exception-type>NullPointerException</exception-type>

<location>/error.html</location>

</error-page>

Answer: C,D

QUESTION NO: 189

After a merger with another small business, your company has inherited a legacy WAR file but the

original source files were lost. After reading the documentation of that web application, you

discover that the WAR file contains a useful tag library that you want to reuse in your own webapp

packaged as a WAR file.

What do you need to do to reuse this tag library?

A. Simply rename the legacy WAR file as a JAR file and place it in your webapp's library directory.

B. Unpack the legacy WAR file, move the TLD file to the META-INF directory, repackage the

whole thing as a JAR file, and place that JAR file in your webapp's library directory.

C. Unpack the legacy WAR file, move the TLD file to the META-INF directory, move the class files

to the top-level directory, repackage the whole thing as a JAR file, and place that JAR file in your

webapp's library directory.

D. Unpack the legacy WAR file, move the TLD file to the META-INF directory, move the class files

to the top-level directory, repackage the WAR, and place that WAR file in your webapp's WEB-INF

directory.

Answer: C

QUESTION NO: 190

Which path is required to be present within a WAR file?

A. /classes

B. /index.html

C. /MANIFEST-INF

D. /WEB-INF/web.xml

E. /WEB-INF/classes

F. /WEB-INF/index.html

G. /META-INF/index.xml

Answer: D

SCWCD Questions 171 - 180

QUESTION NO: 171


Which two security mechanisms can be directed through a sub-element of the <user-dataconstraint>
element in a web application deployment descriptor? (Choose two.)
A. authorization
B. data integrity
C. confidentiality
D. authentication

Answer: B,C


QUESTION NO: 172


You are developing several tag libraries that will be sold for development of third-party web
applications. You are about to publish the first three libraries as JAR files: container-tags.jar,
advanced-html-form-tags.jar, and basic-html-form-tags.jar. Which two techniques are appropriate
for packaging the TLD files for these tag libraries? (Choose two.)
A. The TLD must be located within the WEB-INF directory of the JAR file.
B. The TLD must be located within the META-INF directory of the JAR file.
C. The TLD must be located within the META-INF/tld/ directory of the JAR file.
D. The TLD must be located within a subdirectory of WEB-INF directory of the JAR file.
E. The TLD must be located within a subdirectory of META-INF directory of the JAR file.
F. The TLD must be located within a subdirectory of META-INF/tld/ directory of the JAR file.

Answer: B,E


QUESTION NO: 173
A custom tag is defined to take three attributes. Which two correctly invoke the tag within a JSP
page? (Choose two.)
A. <prefix:myTag a="foo" b="bar" c="baz" />
B. <prefix:myTag attributes={"foo","bar","baz"} />
C. <prefix:myTag jsp:attribute a="foo" b="bar" c="baz" />
D. <prefix:myTag>
<jsp:attribute a:foo b:bar c:baz />
</prefix:myTag>
E. <prefix:myTag>
<jsp:attribute ${"foo", "bar", "baz"} />
</prefix:myTag>
F. <prefix:myTag>
<jsp:attribute a="foo" b="bar" c="baz"/>
</prefix:myTag>
G. <prefix:myTag>
<jsp:attribute name="a">foo</jsp:attribute>
<jsp:attribute name="b">bar</jsp:attribute>
<jsp:attribute name="c">baz</jsp:attribute>
</prefix:myTag>

Answer: A,G


QUESTION NO: 174


In a JSP-centric shopping cart application, you need to move a client's home address of the
Customer object into the shipping address of the Order object. The address data is stored in a
value object class called Address with properties for: street address, city, province, country, and
postal code. Which two JSP code snippets can be used to accomplish this goal? (Choose two.)
A. <c:set var='order' property='shipAddress'
value='${client.homeAddress}' />
B. <c:set target='${order}' property='shipAddress'
value='${client.homeAddress}' />
C. <jsp:setProperty name='${order}' property='shipAddress'
value='${client.homeAddress}' />
D. <c:set var='order' property='shipAddress'>
<jsp:getProperty name='client' property='homeAddress' />
</c:store>
E. <c:set target='${order}' property='shipAddress'>
<jsp:getProperty name='client' property='homeAddress' />
</c:set>
F. <c:setProperty name='${order}' property='shipAddress'>
<jsp:getProperty name='client' property='homeAddress' />
</c:setProperty>

Answer: B,E


QUESTION NO: 175

You have been contracted to create a web site for a free dating service. One feature is the ability
for one client to send a message to another client, which is displayed in the latter client's private
page. Your contract explicitly states that security is a high priority. Therefore, you need to prevent
cross-site hacking in which one user inserts JavaScript code that is then rendered and invoked
when another user views that content. Which two JSTL code snippets will prevent cross-site
hacking in the scenario above? (Choose two.)
A. <c:out>${message}</c:out>
B. <c:out value='${message}' />
C. <c:out value='${message}' escapeXml='true' />
D. <c:out eliminateXml='true'>${message}</c:out>
E. <c:out value='${message}' eliminateXml='true' />

Answer: B,C


QUESTION NO: 176


Click the Exhibit button.
Assuming the tag library in the exhibit is imported with the prefix forum, which custom tag
invocation produces a translation error in a JSP page?

A. <forum:message from="My Name" subject="My Subject" />

B. <forum:message subject="My Subject">

My message body.

</forum:message>

C. <forum:message from="My Name" subject="${param.subject}">

${param.body}

</forum:message>

D. <forum:message from="My Name" subject="My Subject">

<%= request.getParameter( "body" ) %>

</forum:message>

E. <forum:message from="My Name"

subject="<%= request.getParameter( "subject" ) %>">

My message body.

</forum:message>

Answer: D

QUESTION NO: 177

Which JSTL code snippet can be used to import content from another web resource?

A. <c:import url="foo.jsp"/>

B. <c:import page="foo.jsp"/>

C. <c:include url="foo.jsp"/>

D. <c:include page="foo.jsp"/>

E. Importing cannot be done in JSTL. A standard action must be used instead.

Answer: A

QUESTION NO: 178

Click the Exhibit button.

Assume the tag library in the exhibit is placed in a web application in the path /WEBINF/

tld/example.tld.

1.

2. <ex:hello />

Which JSP code, inserted at line 1, completes the JSP code to invoke the hello tag?

A. <%@ taglib prefix="ex" uri="/WEB-INF/tld" %>

B. <%@ taglib uri="/WEB-INF/tld/example.tld" %>

C. <%@ taglib prefix="ex"

uri="http://localhost:8080/tld/example.tld" %>

D. <%@ taglib prefix="ex"

uri="http://example.com/tld/example" %>

Answer: D

QUESTION NO: 179

Which JSTL code snippet produces the output "big number" when X is greater than 42, but

outputs "small number" in all other cases?

A. <c:if test='<%= (X > 42) %>'>

<c:then>big number</c:then>

<c:else>small number</c:else>

</c:if>

B. <c:if>

<c:then test='<%= (X > 42) %>'>big number</c:then>

<c:else>small number</c:else>

</c:if>

C. <c:choose test='<%= (X > 42) %>'>

<c:then>big number</c:when>

<c:else>small number</c:otherwise>

</c:choose>

D. <c:choose test='<%= (X > 42) %>'>

<c:when>big number</c:when>

<c:otherwise>small number</c:otherwise>

</c:choose>

E. <c:choose>

<c:when test='<%= (X > 42) %>'>big number</c:when>

<c:otherwise>small number</c:otherwise>

</c:choose>

Answer: E

QUESTION NO: 180

A developer chooses to avoid using SingleThreadModel but wants to ensure that data is updated

in a thread-safe manner. Which two can support this design goal? (Choose two.)

A. Store the data in a local variable.

B. Store the data in an instance variable.

C. Store the data in the HttpSession object.

D. Store the data in the ServletContext object.

E. Store the data in the ServletRequest object.

Answer: A,E

SCWCD Questions 161 - 170

QUESTION NO: 161


The tl:taskList and tl:task tags output a set of tasks to the response and are used as follows:
11. <tl:taskList>
12. <tl:task name="Mow the lawn" />
13. <tl:task name="Feed the dog" />
14. <tl:task name="Do the laundry" />
15. </tl:taskList>
The tl:task tag supplies information about a single task while the tl:taskList tag does the final
output. The tag handler for tl:taskList is TaskListTag. The tag handler for tl:task is TaskTag. Both
tag handlers extend BodyTagSupport.
Which allows the tl:taskList tag to get the task names from its nested tl:task children?
A. It is impossible for a tag handler that extends BodyTagSupport to communicate with its parent
and child tags.
B. In the TaskListTag.doStartTag method, call super.getChildTags() and iterate through the
results. Cast each result to a TaskTag and call getName().
C. In the TaskListTag.doStartTag method, call getChildTags() on the PageContext and iterate
through the results. Cast each result to a TaskTag and call getName().
D. Create an addTaskName method in TaskListTag. Have the TaskListTag.doStartTag method,
return BodyTag.EVAL_BODY_BUFFERED. In the TaskTag.doStartTag method, call
super.getParent(), cast it to a TaskListTag, and call addTaskName().
E. Create an addTaskName method in TaskListTag. Have the TaskListTag.doStartTag method,
return BodyTag.EVAL_BODY_BUFFERED. In the TaskTag.doStartTag method, call
findAncestorWithClass() on the PageContext, passing TaskListTag as the class to find. Cast the
result to TaskListTag and call addTaskName().

Answer: D


QUESTION NO: 162


Click the Exhibit button.
Given:
10. <form action='create_product.jsp'>
11. Product Name: <input type='text' name='prodName'/><br/>
12. Product Price: <input type='text' name='prodPrice'/><br/>
13. </form>
For a given product instance, which three jsp:setProperty attributes must be used to initialize its
properties from the HTML form? (Choose three.)

A. id

B. name

C. type

D. param

E. property

F. reqParam

G. attribute

Answer: B,D,E

QUESTION NO: 163

Given:

1. package com.example;

2.

3. public abstract class AbstractItem {

4. private String name;

...

13. }

Assume a concrete class com.example.ConcreteItem extends com.example.AbstractItem. A

servlet sets a session-scoped attribute called "item" that is an instance of

com.example.ConcreteItem and then forwards to a JSP page.

Which two are valid standard action invocations that expose a scripting variable to the JSP page?

(Choose two.)

A. <jsp:useBean id="com.example.ConcreteItem"

scope="session" />

B. <jsp:useBean id="item" type="com.example.ConcreteItem"

scope="session" />

C. <jsp:useBean id="item" class="com.example.ConcreteItem"

scope="session" />

D. <jsp:useBean id="item" type="com.example.ConcreteItem"

class="com.example.AbstractItem"

scope="session" />

Answer: B,C

QUESTION NO: 164

Your web application views all have the same header, which includes the <title> tag in the <head>

element of the rendered HTML. You have decided to remove this redundant HTML code from your

JSPs and put it into a single JSP called /WEB-INF/jsp/header.jsp. However, the title of each page

is unique, so you have decided to use a variable called pageTitle to parameterize this in the

header JSP, like this:

10. <title>${param.pageTitle}<title>

Which JSP code snippet should you use in your main view JSPs to insert the header and pass the

pageTitle variable?

A. <jsp:insert page='/WEB-INF/jsp/header.jsp'>

${pageTitle='Welcome Page'}

</jsp:insert>

B. <jsp:include page='/WEB-INF/jsp/header.jsp'>

${pageTitle='Welcome Page'}

</jsp:include>

C. <jsp:include file='/WEB-INF/jsp/header.jsp'>

${pageTitle='Welcome Page'}

</jsp:include>

D. <jsp:insert page='/WEB-INF/jsp/header.jsp'>

<jsp:param name='pageTitle' value='Welcome Page' />

</jsp:insert>

E. <jsp:include page='/WEB-INF/jsp/header.jsp'>

<jsp:param name='pageTitle' value='Welcome Page' />

</jsp:include>

Answer: E

QUESTION NO: 165

Click the Exhibit button.

Given the JSP code:

1. <%

2. pageContext.setAttribute( "product",

3. new com.example.Product( "Pizza", 0.99 ) );

4. %>

5. <%-- insert code here --%>

Which two, inserted at line 5, output the name of the product in the response? (Choose two.)

A. <%= product.getName() %>

B. <jsp:useBean id="product" class="com.example.Product" />

<%= product.getName() %>

C. <jsp:useBean id="com.example.Product" scope="page">

<%= product.getName() %>

</jsp:useBean>

D. <jsp:useBean id="product" type="com.example.Product"

scope="page" />

<%= product.getName() %>

E. <jsp:useBean id="product" type="com.example.Product">

<%= product.getName() %>

</jsp:useBean>

Answer: B,D

QUESTION NO: 166

If you want to use the Java EE platform's built-in type of authentication that uses a custom HTML

page for authentication, which two statements are true? (Choose two.)

A. Your deployment descriptor will need to contain this tag:

<auth-method>CUSTOM</auth-method>.

B. The related custom HTML login page must be named loginPage.html.

C. When you use this type of authentication, SSL is turned on automatically.

D. You must have a tag in your deployment descriptor that allows you to point to both a login

HTML page and an HTML page for handling any login errors.

E. In the HTML related to authentication for this application, you must use predefined variable

names for the variables that store the user and password values.

Answer: D,E

QUESTION NO: 167

Given the two security constraints in a deployment descriptor:

101. <security-constraint>

102. <!--a correct url-pattern and http-method goes here-->

103. <auth-constraint><role-name>SALES</role-name></auth-

103. <auth-constraint>

104. <role-name>SALES</role-name>

105. </auth-constraint>

106. </security-constraint>

107. <security-constraint>

108. <!--a correct url-pattern and http-method goes here-->

109. <!-- Insert an auth-constraint here -->

110. </security-constraint>

If the two security constraints have the same url-pattern and http-method, which two, inserted

independently at line 109, will allow users with role names of either SALES or MARKETING to

access this resource? (Choose two.)

A. <auth-constraint/>

B. <auth-constraint>

<role-name>*</role-name>

</auth-constraint>

C. <auth-constraint>

<role-name>ANY</role-name>

</auth-constraint>

D. <auth-constraint>

<role-name>MARKETING</role-name>

</auth-constraint>

Answer: B,D

QUESTION NO: 168

Which two are valid values for the <transport-guarantee> element inside a <security-constraint>

element of a web application deployment descriptor? (Choose two.)

A. NULL

B. SECURE

C. INTEGRAL

D. ENCRYPTED

E. CONFIDENTIAL

Answer: C,E

QUESTION NO: 169

Which basic authentication type is optional for a J2EE 1.4 compliant web container?

A. HTTP Basic Authentication

B. Form Based Authentication

C. HTTP Digest Authentication

D. HTTPS Client Authentication

Answer: C

QUESTION NO: 170

Which security mechanism uses the concept of a realm?

A. authorization

B. data integrity

C. confidentiality

D. authentication

Answer: D

SCWCD Questions 151 - 160

QUESTION NO: 151 DRAG DROP



Click the Task button.
Place the code snippets in the proper order to construct the JSP code to include dynamic content
into a JSP page at request-time.

Answer:

Explanation:

QUESTION NO: 152

Given:

6. <% int[] nums = {42, 420, 4200};

7. request.setAttribute("foo", nums); %>

Which two successfully translate and result in a value of true? (Choose two.)

A. ${true or false}

B. ${requestScope[foo][0] > 500}

C. ${requestScope['foo'][1] = 420}

D. ${(requestScope['foo'][0] lt 50) && (3 gt 2)}

Answer: A,D

QUESTION NO: 153

Click the Exhibit button.

Given:

11. <% com.example.Advisor advisor = new com.example.Advisor(); %>

12. <% request.setAttribute("foo", advisor); %>

Assuming there are no other "foo" attributes in the web application, which three are valid EL

expressions for retrieving the advice property of advisor? (Choose three.)

A. ${foo.advice}

B. ${request.foo.advice}

C. ${requestScope.foo.advice}

D. ${requestScope[foo[advice]]}

E. ${requestScope["foo"]["advice"]}

F. ${requestScope["foo"["advice"]]}

Answer: A,C,E

QUESTION NO: 154

You are creating an error page that provides a user-friendly screen whenever a server exception

occurs. You want to hide the stack trace, but you do want to provide the exception's error

message to the user so the user can provide it to the customer service agent at your company.

Which EL code snippet inserts this error message into the error page?

A. Message: <b>${exception.message}</b>

B. Message: <b>${exception.errorMessage}</b>

C. Message: <b>${request.exception.message}</b>

D. Message: <b>${pageContext.exception.message}</b>

E. Message: <b>${request.exception.errorMessage}</b>

F. Message: <b>${pageContext.exception.errorMessage}</b>

Answer: D

QUESTION NO: 155

You are building a dating web site. The client's date of birth is collected along with lots of other

information. You have created an EL function with the signature: calcAge(java.util.Date):int and it

is assigned to the name, age, in the namespace, funct. In one of your JSPs you need to print a

special message to clients who are younger than 25. Which EL code snippet will return true for

this condition?

A. ${calcAge(client.birthDate) < 25}

B. ${calcAge[client.birthDate] < 25}

C. ${funct:age(client.birthDate) < 25}

D. ${funct:age[client.birthDate] < 25}

E. ${funct:calcAge(client.birthDate) < 25}

F. ${funct:calcAge[client.birthDate] < 25}

Answer: C

QUESTION NO: 156

Given:

11. <% java.util.Map map = new java.util.HashMap();

12. request.setAttribute("map", map);

13. map.put("a", "b");

14. map.put("b", "c");

15. map.put("c", "d"); %>

16. <%-- insert code here --%>

Which three EL expressions, inserted at line 16, are valid and evaluate to "d"? (Choose three.)

A. ${map.c}

B. ${map[c]}

C. ${map["c"]}

D. ${map.map.b}

E. ${map[map.b]}

F. ${map.(map.b)}

Answer: A,C,E

QUESTION NO: 157

Assume the tag handler for a st:simple tag extends SimpleTagSupport. In what way can scriptlet

code be used in the body of st:simple?

A. set the body content type to JSP in the TLD

B. Scriptlet code is NOT legal in the body of st:simple.

C. add scripting-enabled="true" to the start tag for the st:simple element

D. add a pass-through Classic tag with a body content type of JSP to the body of st:simple, and

place the scriptlet code in the body of that tag

Answer: B

QUESTION NO: 158

Which statement is true if the doStartTag method returns EVAL_BODY_BUFFERED ?

A. The tag handler must implement BodyTag.

B. The doAfterBody method is NOT called.

C. The setBodyContent method is called once.

D. It is never legal to return EVAL_BODY_BUFFERED from doStartTag.

Answer: C

QUESTION NO: 159

You are creating a library of custom tags that mimic the HTML form tags. When the user submits a

form that fails validation, the JSP form is forwarded back to the user. The <t:textField> tag must

support the ability to re-populate the form field with the request parameters from the user's last

request. For example, if the user entered "Samantha" in the text field called firstName, then the

form is re-populated like this:

<input type='text' name='firstName' value='Samantha' />

Which tag handler method will accomplish this goal?

A. public int doStartTag() throws JspException {

JspContext ctx = getJspContext();

String value = ctx.getParameter(this.name);

if ( value == null ) value = "";

JspWriter out = pageContext.getOut();

try {

out.write(String.format(INPUT, this.name, value));

} (Exception e) { throw new JspException(e); }

return SKIP_BODY;

}

private static String INPUT

= "<input type='text' name='%s' value='%s' />";

B. public void doTag() throws JspException {

JspContext ctx = getJspContext();

String value = ctx.getParameter(this.name);

if ( value == null ) value = "";

JspWriter out = pageContext.getOut();

try {

out.write(String.format(INPUT, this.name, value));

} (Exception e) { throw new JspException(e); }

}

private static String INPUT

= "<input type='text' name='%s' value='%s' />";

C. public int doStartTag() throws JspException {

ServletRequet request = pageContext.getRequest();

String value = request.getParameter(this.name);

if ( value == null ) value = "";

JspWriter out = pageContext.getOut();

try {

out.write(String.format(INPUT, this.name, value));

} (Exception e) { throw new JspException(e); }

return SKIP_BODY;

}

private static String INPUT

= "<input type='text' name='%s' value='%s' />";

D. public void doTag() throws JspException {

ServletRequet request = pageContext.getRequest();

String value = request.getParameter(this.name);

if ( value == null ) value = "";

JspWriter out = pageContext.getOut();

try {

out.write(String.format(INPUT, this.name, value));

} (Exception e) { throw new JspException(e); }

}

private static String INPUT

= "<input type='text' name='%s' value='%s' />";

Answer: C

QUESTION NO: 160

Which two directives are applicable only to tag files? (Choose two.)

A. tag

B. page

C. taglib

D. include

E. variable

Answer: A,E

SCWCD Questions 141 - 150

QUESTION NO: 141


You need to create a servlet filter that stores all request headers to a database for all requests to
the web application's home page "/index.jsp". Which HttpServletRequest method allows you to
retrieve all of the request headers?
A. String[] getHeaderNames()
B. String[] getRequestHeaders()
C. java.util.Iterator getHeaderNames()
D. java.util.Iterator getRequestHeaders()
E. java.util.Enumeration getHeaderNames()
F. java.util.Enumeration getRequestHeaders()

Answer: E


QUESTION NO: 142


Given an HttpServletRequest request and HttpServletResponse response, which sets a cookie
"username" with the value "joe" in a servlet?
A. request.addCookie("username", "joe")
B. request.setCookie("username", "joe")
C. response.addCookie("username", "joe")
D. request.addHeader(new Cookie("username", "joe"))
E. request.addCookie(new Cookie("username", "joe"))
F. response.addCookie(new Cookie("username", "joe"))
G. response.addHeader(new Cookie("username", "joe"))

Answer: F


QUESTION NO: 143 DRAG DROP


Click the Task button.
Given a request from mybox.example.com, with an IP address of 10.0.1.11 on port 33086, place
the appropriate ServletRequest methods onto their corresponding return values.

Answer:

Explanation:

QUESTION NO: 144


Your web application requires the ability to load and remove web files dynamically to the web
container's file system. Which two HTTP methods are used to perform these actions? (Choose
two.)
A. PUT
B. POST
C. SEND
D. DELETE
E. REMOVE
F. DESTROY

Answer: A,D


QUESTION NO: 145


Every page of your web site must include a common set of navigation menus at the top of the
page. This menu is static HTML and changes frequently, so you have decided to use JSP's static
import mechanism. Which JSP code snippet accomplishes this goal?
A. <%@ import file='/common/menu.html' %>
B. <%@ page import='/common/menu.html' %>
C. <%@ import page='/common/menu.html' %>
D. <%@ include file='/common/menu.html' %>
E. <%@ page include='/common/menu.html' %>
F. <%@ include page='/common/menu.html' %>

Answer: D


QUESTION NO: 146


For manageability purposes, you have been told to add a "count" instance variable to a critical
JSP Document so that a JMX MBean can track how frequent this JSP is being invoked. Which
JSP code snippet must you use to declare this instance variable in the JSP Document?
A. <jsp:declaration>
int count = 0;
<jsp:declaration>
B. <%! int count = 0; %>
C. <jsp:declaration.instance>
int count = 0;
<jsp:declaration.instance>
D. <jsp:scriptlet.declaration>
int count = 0;
<jsp:scriptlet.declaration>

Answer: A


QUESTION NO: 147


You have a new IT manager that has mandated that all JSPs must be refactored to include no
scritplet code. The IT manager has asked you to enforce this. Which deployment descriptor
element will satisfy this constraint?
A. <jsp-property-group>
<url-pattern>*.jsp</url-pattern>
<permit-scripting>false</permit-scripting>
</jsp-property-group>
B. <jsp-config>
<url-pattern>*.jsp</url-pattern>
88
<permit-scripting>false</permit-scripting>
</jsp-config>
C. <jsp-config>
<url-pattern>*.jsp</url-pattern>
<scripting-invalid>true</scripting-invalid>
</jsp-config>
D. <jsp-property-group>
<url-pattern>*.jsp</url-pattern>
<scripting-invalid>true</scripting-invalid>
</jsp-property-group>

Answer: D


QUESTION NO: 148


You need to create a JSP that generates some JavaScript code to populate an array of strings
used on the client-side. Which JSP code snippet will create this array?
A. MY_ARRAY = new Array();
<% for ( int i = 0; i < serverArray.length; i++ ) {
MY_ARRAY[<%= i %>] = '<%= serverArray[i] %>';
} %>
B. MY_ARRAY = new Array();
<% for ( int i = 0; i < serverArray.length; i++ ) {
MY_ARRAY[${i}] = '${serverArray[i]}';
} %>
C. MY_ARRAY = new Array();
<% for ( int i = 0; i < serverArray.length; i++ ) { %>
MY_ARRAY[<%= i %>] = '<%= serverArray[i] %>';
<% } %>
D. MY_ARRAY = new Array();
<% for ( int i = 0; i < serverArray.length; i++ ) { %>
MY_ARRAY[${i}] = '${serverArray[i]}';
<% } %>

Answer: C


QUESTION NO: 149


You are building a Front Controller using a JSP page and you need to determine if the user's
session has NOT been created yet and perform some special processing for this case. Which
scriptlet code snippet will perform this test?
A. <% if ( request.getSession(false) == null ) {
// special processing
} %>
B. <% if ( request.getHttpSession(false) == null ) {
// special processing
} %>
C. <% if ( requestObject.getSession(false) == null ) {
// special processing
} %>
D. <% if ( requestObject.getHttpSession(false) == null ) {
// special processing
} %>

Answer: A


QUESTION NO: 150


You are creating a new JSP page and you need to execute some code that acts when the page is
first executed, but only once. Which three are possible mechanisms for performing this
initialization code? (Choose three.)
A. In the init method.
B. In the jspInit method.
C. In the constructor of the JSP's Java code.
D. In a JSP declaration, which includes an initializer block.
E. In a JSP declaration, which includes a static initializer block.

Answer: B,D,E