New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > GIAC > GIAC Certification > GSSP-Java

GSSP-Java GIAC Secure Software Programmer – Java Question and Answers

Question # 4

Which of the following classes enables a programmer to create an object and protect its confidentiality with a cryptographic algorithm?

A.

MAC

B.

SealedObject

C.

KeyGenerator

D.

SecretKeyFactory

Full Access
Question # 5

Which of the following statements about serialization are true?

Each correct answer represents a complete solution. Choose all that apply.

A.

Transient variables cannot be serialized.

B.

Externalizable is a marker interface and does not define any method.

C.

Serializable is a marker interface and does not define any method.

D.

Static variables cannot be serialized.

Full Access
Question # 6

You work as a Software Developer for BlueWell Inc. Your team creates a Web site for online shopping.

All payments are made through credit cards. Hence, you want to ensure that the information transferred between the customers and your Web site is encrypted. Which of the following authentication mechanisms will you use to accomplish the task?

A.

FORM

B.

DIGEST

C.

BASIC

D.

CLIENT-CERT

Full Access
Question # 7

Mark works as a Programmer for InfoTech Inc. He develops the following code snippet. class Auto

{public static void main(String args[])

{Character iob ='d';float i=iob;System.out.println(iob);}}

What will be the result when Mark tries to execute the code snippet?

A.

It will display d.

B.

It will show a runtime error.

C.

It will show a compile-time error.

D.

It will display 0.00.

Full Access
Question # 8

Which of the following pieces of codes will be placed at the line XXX to successfully compile the given class?

public interface Publication

{

String GetDetails();

}

public class Book implements Publication

{

//line XXX

}

A.

public String GetDetails(){}

B.

Object GetDetails(){}

C.

long GetDetails(){}

D.

private String GetDetails(){}

Full Access
Question # 9

In which of the following cases is the GET method used to retrieve information?

Each correct answer represents a complete solution. Choose all that apply.

A.

Using a hyperlink inside a Web page.

B.

Using a form with no method definition.

C.

Adding the request parameter to the URL.

D.

Requesting to retrieve a large amount of data.

Full Access
Question # 10

Which of the following code fragments will throw NumberFormatException?

A.

Double dbl = new Double(true);

B.

Character ch = new Character('A');

C.

Float flt = new Float("true");

D.

Boolean bool = new Boolean("123");

Full Access
Question # 11

You write the following code.

class Father {public void Method() {System.out.println("I am Father");}}

public class Son extends Father {public static void main(String argv[]) {Son son = new Son();son.Method();}

private void Method() {System.out.println("I am Son");}}

Which of the following will be the result, when you try to compile and run the code?

A.

I am Father will be displayed as the output.

B.

A runtime error will result.

C.

I am Son will be displayed as the output.

D.

The code will execute but without displaying any output.

E.

A compile-time error will result.

Full Access
Question # 12

Which of the following statements about the isCallerInRole() method are true?

Each correct answer represents a complete solution. Choose all that apply.

A.

It can be called from the PostConstruct and PreDestroy callback methods of a stateful session bean.

B.

It is present in the UserTransaction interface.

C.

It cannot be called from a message-driven bean.

D.

It can be invoked only from the business method of an enterprise bean.

Full Access
Question # 13

You have created a Java application that will retrieve and insert data into a database table. Which of the following objects will you use to pass the JDBC Driver to obtain a connection to the database server?

A.

DriverManager

B.

ResultSet

C.

Connection

D.

Statement

Full Access
Question # 14

Mark writes a class Practice.java. This class needs to access the com.bar.Test class that is stored in the Test.jar file in the directory /practice. How would you compile your code?

A.

javac -classpath /practice/Test.jar Practice.java

B.

javac -classpath /practice/ Practice.java

C.

javac -classpath /practice/Test.jar/com/bar Practice.java

D.

javac -classpath /practice Practice.java

Full Access
Question # 15

Which of the following statements about a JAR file are true?

Each correct answer represents a complete solution. Choose all that apply.

A.

It cannot be accessed through a class path, nor they can be used by java and javac.

B.

It is used to compress and archive data.

C.

It can be moved from one computer to another.

D.

It is created by using the jar command.

Full Access
Question # 16

You work as a Software Developer for UcTech Inc. You create a session using the HttpSession interface. You want the attributes to be informed when the session is moved from one JVM to another and also when an attribute is added or removed from the session. Which of the following interfaces can you use to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

A.

HttpSessionBindingListener

B.

HttpSessionListener

C.

HttpSessionActivationListener

D.

HttpSessionAttributeListener

Full Access
Question # 17

Which of the following is used to restore the objects that have been previously serialized by a stream?

A.

FileInputStream

B.

ObjectOutputStream

C.

ObjectInputStream

D.

FileOutputStream

Full Access
Question # 18

Mark works as a Programmer for InfoTech Inc. He develops a Java application that uses the encryption and compression techniques. Which of the following interfaces will he use to control the serialization and deserialization processes?

A.

Flushable

B.

Closeable

C.

Serializable

D.

Externalizable

Full Access
Question # 19

Harry works as a Software Developer for SoftTech Inc. He has developed a Java application to perform various SQL statements such as INSERT, UPDATE, etc., against a database table named Employee. He has used the executeUpdate() method to perform various SQL queries and to know the exact affected rows in the database if any of the operations is performed against the database table.

Which of the following types of values is returned by this method?

A.

Double

B.

Integer

C.

Float

D.

String

Full Access
Question # 20

Which of the following are valid code samples for creating file permissions?

Each correct answer represents a complete solution. Choose all that apply.

A.

FilePermission per = new FilePermission("-", "read, execute");

B.

FilePermission per = new FilePermission("<>", "read");

C.

FilePermission per = new FilePermission("file1", "read, write");

D.

FilePermission per = new FilePermission("/bin/*", "execute");

E.

FilePermission per = new FilePermission("/tmp/myfile", "read, delete");

F.

FilePermission per = new FilePermission("/*", "read");

Full Access
Question # 21

Which of the following fields must be present in the login page when using the form-based

authentication?

Each correct answer represents a part of the solution. Choose two.

A.

j_login

B.

j_password

C.

get_pw

D.

j_pw

E.

j_username

F.

user_pw

Full Access
Question # 22

You have written the following code snippet.

1. public class Read {

2. protected int ReadText(int x) { return 0; }

3. }

4. class Text extends Read {

5. /*insert code here*/

6. }

Which of the following methods, inserted independently at line 5, will compile?

Each correct answer represents a complete solution. Choose all that apply.

A.

private int ReadText(long x) { return 0; }

B.

protected long ReadText(int x, int y) { return 0; }

C.

protected long ReadText(long x) { return 0; }

D.

protected int ReadText(long x) { return 0; }

E.

private int ReadText(int x) { return 0; }

F.

public int ReadText(int x) { return 0; }

G.

protected long ReadText(int x) { return 0; }

Full Access
Question # 23

Mark works as a Programmer for InfoTech Inc. He develops the following security-constraint code.

Manager

/acme/Manager/*

GET

POST

// code

Manager

/acme/Manager/*

GET

POST

// code

Which of the following element declarations of the will allow everybody to access the same resources?

A.

Place the following code in the second declaration.

*

B.

Place the following code in the first declaration.

Manager

Place the following code in the second declaration.

*

C.

Place the following code in the first declaration.

Manager

Place the following code in the second declaration.

ALL

D.

Place the following code in the first declaration.

Manager

Place the following code in the second declaration.

Full Access
Question # 24

You work as a Software Developer for Developer Inc. You write the following code.

interface A {public boolean b = false;}

class C implements A {public static void main(String args[]) {b = true;System.out.println(b);}}

Which of the following will be the result, when you try to compile and execute the above code?

A.

The code will compile and print false.

B.

The code will compile, but it will not execute.

C.

The code will compile and print true.

D.

The code will not compile.

Full Access
Question # 25

Rachel works as a Software Developer for Vivanet Inc. She writes the following code using Java.

class catchexcp

{public static void metha()

{int x=4/0;System.out.print("Caught exception");}

public static void main(String args[])

{try{metha();}catch(ArithmeticException ae){System.out.print("Caught ArithmeticException");}finally{try{metha();}catch(ArithmeticException ae){System.out.print("ReCaught ArithmeticException");}}}}

What will happen when she tries to compile and execute the code?

A.

It will compile and execute and will display ReCaught ArithmeticException.

B.

It will not compile.

C.

It will compile but will throw an exception at runtime.

D.

It will compile and execute and will display Caught exception Caught ArithmeticException

ReCaught ArithmeticException.

E.

It will compile and execute and will display Caught exception ReCaught ArithmeticException.

F.

It will compile and execute and will display Caught ArithmeticException ReCaught

ArithmeticException.

Full Access
Question # 26

You work as a Software Developer for UcTech Inc. You want the deployment descriptor to contain entries for the authentication type and the security realm. In order to accomplish this, you have to use the sub-elements of the element. Which of the following will you use?

Each correct answer represents a complete solution. Choose all that apply.

A.

B.

C.

D.

E.

F.

G.

Full Access
Question # 27

Mary works as a Software Developer for XYZ Inc. She writes the following code.

1. class Alpha {

2. public static class Beta { }

3. }

4. class Delta {

5. // insert code here

6. }

Which of the following code statements can be inserted at line 5 to create an instance of the Beta class defined in the class Alpha?

A.

Beta b = new Beta();

B.

Alpha a = new Alpha();

C.

Beta = new a.Beta();

D.

The class Beta cannot be instantiated at line 5.

E.

Alpha.Beta b = new Alpha.Beta();

Full Access
Question # 28

Mary works as a Software Developer for ABC Solutions Inc. She writes the following code.

public class StringMethods {

public static void main(String[] args) {

String str = new String("abc");

str.concat("xyz");

StringBuffer strBuf = new StringBuffer(" 123");

strBuf.append(" no");

System.out.println(str + strBuf);}}

What will be the output when Mary tries to compile and execute the code?

A.

Compilation will fail.

B.

The program will print abc xyz 123 no when run.

C.

The program will print xyz 123 no when run.

D.

The program will print abc 123 no when run.

Full Access
Question # 29

Peter works as a Programmer in Magi Net Inc. He writes the following code.

1. class Ques0190{

2. public static void main(String[] argv){

3. byte a = 100;

4. switch(a){

5. case 10.

6. System.out.println("ten");

7. case 100.

8. System.out.println("hundred");

9. case 1000.

10. System.out.println("thousand");

11. }

12. }

13. }

What will happen when Peter attempts to compile and execute the code?

A.

The code will compile and execute displaying hundred.

B.

The code will not compile because 1000 is not assignment compatible with a byte data type.

C.

The code will not compile because the argument to the switch cannot be a primitive type byte value.

D.

The code will compile and execute displaying hundred followed by thousand.

Full Access
Question # 30

Which of the following init() method calls initializes a cipher object with a key in the SECRET_MODE?

A.

cipher.init(2, key);

B.

cipher.init(1, key);

C.

cipher.init(3, key);

D.

cipher.init(4, key);

Full Access
Question # 31

Which of the following circumstances can prevent the execution of code in a finally block?

Each correct answer represents a complete solution. Choose two.

A.

An exception arising in the try block that precedes the finally block.

B.

An exception arising in the finally block itself.

C.

No exception condition arising in the try block that precedes the finally block.

D.

The use of the System.exit(0); statement in the finally block.

Full Access
Question # 32

Mark works as a Programmer for InfoTech Inc. He develops a Web application that takes input from users. Which of the following methods can be used by the client and server to validate the users input?

Each correct answer represents a complete solution. Choose all that apply.

A.

Validation through Servlets on the server side

B.

Validation using JavaScript on the client side

C.

Validation through Java Applets on the client side

D.

Validation through XML on the server side

Full Access
Question # 33

Which of the following exceptions will be thrown if a cipher is in decryption mode but the decrypted data is not bounded by the appropriate bytes?

A.

IllegalArgumentException

B.

ShortBufferException

C.

ReadOnlyException

D.

BadPaddingException

Full Access
Question # 34

Which of the following methods of the HttpServletResponse interface is used for URL rewriting?

Each correct answer represents a complete solution. Choose all that apply.

A.

encodeURL

B.

encodeRedirectURL

C.

sendRedirect

D.

getRequestURL()

Full Access
Question # 35

Which of the following access modifiers is allowed for the constructor for a session bean class?

A.

static

B.

private

C.

protected

D.

public

Full Access
Question # 36

Which of the following exceptions will be thrown by the getFeature() method if the feature value cannot be assigned or retrieved?

A.

SAXNotSupportedException

B.

SAXNotRecognizedException

C.

NullPointerException

D.

IllegalArgumentException

Full Access
Question # 37

Which of the following elements indicates which users in specified roles are permitted access to a resource collection?

A.

auth-constraint

B.

user-data-constraint

C.

web-resource-collection

D.

login-config constraint

Full Access
Question # 38

Which of the following attribute scopes does not exist for a Servlet?

A.

Request

B.

Session

C.

Context

D.

Page

Full Access
Question # 39

The ______________ method of the EJBContext interface tests whether the client is a member of the role specified in the argument to the method.

A.

isMember()

B.

isAuthorized()

C.

getCallerPrincipal()

D.

isCallerInRole(String rolw)

E.

getUserTransaction()

Full Access
Question # 40

Which of the following deployment descriptor elements is used to declare the reference of a

client's application to an external resource?

A.

B.

C.

D.

Full Access
Question # 41

In which of the following locations the helper classes of a session bean class reside?

A.

EJB JAD file

B.

Deployment descriptor

C.

META-INF directory

D.

EJB JAR file

Full Access