Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

Mock3

VIEWS: 26 PAGES: 132

									                                            SCEA PRACTICE QUESTIONS




1.       Which of the following are true about Active Replication?


A        It is a fault-tolerance mechanism
B        It is achieved by taking cold back ups
C        Each replica attempts to process each request but extra calls may be intercepted via an interceptor
D        State changes are logged and periodically flushed to the replicas
E        State is synchronized only when the primary service fails
F        Each replica is identical to the main service.


Choices A, C and F are correct.

Active Replication is a fault tolerance mechanism where each replica is identical to the main service and attempts to
service each request. An interceptor is used to block extra responses. Active replication is similar in concept to Hot
Backups. Hence choices A, C and F are correct.

Active Replication is not achieved through cold backups. In cold backups, the replicas are not constantly updated. Their
state is synchronized with the primary service in regular intervals. In the event that the primary service fails, one of the
replicas has to be synchronized (perhaps with data from a storage device) before it can service requests. Hence choice
B is incorrect.

Choice D refers to the concept of Warm Backus. In warm backups, only the primary service responds to requests.
However all activity is constantly logged. Periodically these logs may also get flushed to the replicas. When the
primary service fails, a replica takes over after its state is synchronized with the logs. Hence choice D is incorrect.

With active replication, as mentioned before, the state of all replicas is constantly synchronized. Hence choice E is
incorrect.


2        Which of the following are benefits of Server Clustering?

A        Replication
B        High Security
C        Easy Manageability
D        Load Balancing
E        Fault Tolerance


Choices A, D and E are correct.

Through the use of replicas, server clusters increase the reliability and availability of a system. They provide a fault
tolerance mechanism with load distribution and load balancing capabilities. Hence choices A, D and E are correct.

J2EE applications offer security features through Identification, Authentication and Authorization mechanisms. In
addition they also provide APIs that allow secure communication, encryption of messages and so on. This is not a
feature of server clusters though. Hence choice B is incorrect.

Managing multiple servers is always a harder than managing just one server. Hence easy manageability may not always
be true with distributed platforms. With J2EE, due to clear roles and responsibilities of tiers and layers, applications
may be relatively easier to manage than other distributed systems. However manageability is not the best asset of
distributed systems. Hence choice C is incorrect.


Refer to the following diagram:




In the above diagram:

A        Class D implements Class C
B        Class C implements Class D
C        Interface C implements Class D
D        Interface D implements Class C
E        Class D implements interface C

Choice E is correct.

In the diagram, A and B are classes, C is an interface and D is a class that implements C. Hence Choice E is correct.
Choice A is incorrect because <<Interface>> C is not a class and you can only extend classes, not implement them.
Choice B is the reverse of choice A but again incorrect because C is an interface, not a class.
Choice C is incorrect because it claims that the interface C implements class D, whereas in reality class D implements
interface C.
Choice D is incorrect because it claims that D is an interface. And C is a class, while it is the other way round.


3        Which of the following are true about Passive Replication?


A        Primary Service and all replicas respond to all requests
B        Primary Service randomly delegates requests to one of the secondary replicas
C        Primary service handles all requests
D        State is periodically synchronized between the Primary service and all replicas
E        It is similar to hot backup
F        It is similar to Warm Backup


Choices C, D and F are correct.

In Passive Replication, the primary service handles all requests. The state of the replicas is periodically synchronized.
In the event that the primary service fails, one of the replicas takes over after its state is synchronized (with log files, for
example.) In concept, passive replication is similar to that of Warm Backups. Hence choices C, D and F are correct.
Only in Active Replication, the primary service and all replicas respond to all requests. Hence choice A is incorrect.
Choice B seems to indicate that Passive replication uses some kind of load distribution mechanism. Hence choice B is
incorrect.
Passive replication is similar to warm backups as opposed to active replication, which is similar to hot backups. Hence
choice E is incorrect.


4        CORBA is a standard for

A        Messaging using virtual channels called Queues
B        Standardized development practices
C        Messaging using virtual channels called topics
D        Accessing distributed object systems in many platforms and languages
E        Accessing Distributed object systems based only on Java Technologies

Choice D is correct.

Common Object Request Broker Architecture (CORBA) is a standard for distributed communication involving
applications written using different languages. Hence choice D is accurate.
Queues are the mechanism by which two parties communicate in a Point-to-Point asynchronous messaging paradigm.
Hence choice A is incorrect.
Choice B indicates that CORBA is a methodology, as opposed to a standard and is incorrect.
Topics are the mechanism through with Publish Subscribe messaging is accomplished. Choice C is incorrect.
Although choice E talks about distributed object systems, it is referring to pure Java objects. CORBA is used object
distribution involving different languages. Hence choice E is incorrect.


5        RMI-IIOP does not provide which of the following capabilities?


A        Remote Method Invocation
B        Stub Downloads
C        Objects pass by value (state only)
D        Distributed Garbage Collection

Choices B and D are correct.

RMI-IIOP does not support Stub downloads and distributed garbage collection. Hence choices B and D are correct.
Both Remote Method Invocation and Objects pass by value are supported by RMI-IIOP. Hence choices A and C are
incorrect.


6        Which of the following are not true about Screen Scrapers?

A        Screen scrapers function as Terminal Emulators on one end and as Object Interfaces on the other.
B        Screen Scraping may be a useful tool when used in conjunction with the off-board servers.
C        Changes to legacy UI has little or no impact on the new GUI
D        Screen Scraping is best used when the legacy clients have loose coupling with other tiers.

Choices C and D are correct.

When using screen scrapers, any changes to the legacy user interface will also affect the new GUI. Also screen scraping
is the best alternative only if the existing UI is very tightly coupled with the business tier of the legacy application.
Hence choices C and D are false and therefore the correct choices.
Choices A and B are true about screen scrapers and hence incorrect.
7        Which of the following methods may be present in the Home Interface of an Entity Bean?

A        create()
B        findByPrimaryKey()
C        remove()
D        locateByPrimaryKey()
E        retrieveBean()

Choices A, B and C are correct.

The Home Interface provides methods for creation, location and removal of beans. Hence you could find create(),
findByPrimaryKey() and remove() methods in the bean's Home Interface. Choices A, B and C are therefore correct.
There are no methods like locateByPrimaryKey() and retrieveBean() in the Home Interface. Hence choices D and E are
incorrect.


8        Undefined Primary Keys refers to?

A        Refers to Entity Beans that do not use Primary Keys
B        Primary Keys that are defined during development
C        Primary Keys that remain undefined until the bean is deployed
D        Entity Beans cannot have undefined Primary Keys

Choice C is correct.

One problem with container-managed persistence in EJB 1.0 was that the bean developer had to define the primary key
during development. This forced the developer to make assumptions thus limiting the bean's portability across
databases. EJB 1.1 allows the primary key to remain undefined until deployment. Hence choice C is correct.
Choice A is incorrect because all entity beans must have a serializable primary key that can be used to uniquely identify
an entity bean in the database.
Undefined Primary Keys are not defined during development. Hence choice B is incorrect.
Choice D is incorrect because it indicates that Entity Beans are not allowed to have undefined Primary Keys. This was
true in EJB1.0 but not in EJB1.1.


9        Which of the following are valid life cycle states for a Stateless Session Bean?

A        Does not Exist
B        Pooled State
C        Method Ready Pool
D        Passive

Choices A and C are correct.

The two valid states in a Stateless Session Bean's life cycle are 'Does Not Exist' and 'Method Ready Pool.' When Beans
are not instantiated they are said to be in the 'Does Not Exist' state. Beans transition from 'Does Not Exist' to 'Method
Ready Pool' when instantiated. The container does this automatically, as needed. Hence choices A and C are correct.
Pooled and Passive are not valid states in the lifecycle of a Stateless Session Bean. Hence choices B and D are
incorrect.


10       Both CMT and BMT may be used with Entity and Session Beans. True or False?

A        True
B        False

Choice B is correct

With EJB1.1 only Session Beans with <transaction-type> equal to 'Bean' can have bean-managed transactions. Entity
Beans are not allowed to be BMT beans. Hence choice B is correct.



11        A session bean called SomeBean has a method called someMethod(), which calls someOtherMethod (same
bean) followed by someOtherBeanMethod() of SomeOtherBean. SomeOtherBean is an Entity Bean with CMT. Which
of the following is true?


A          SomeOtherBean has no control on the transaction since it is a CMT bean.
B          SomeOtherBean has full access to the UserTransaction object through which it can control the
transaction.
C          SomeOtherBean has access only to the transaction methods in EJBContext, which gives it the power to veto
transactions.
D          SomeOtherBean has access on the transaction only if the method had RequiresNew set as its transaction
attribute.


Choice C is correct.

Only BMT beans have access to the User-Transaction from the EJBContext. The EJBContext provides the methods
setRollbackOnly() and getRollbackOnly(), to provide CMT beans access to the transaction. The setRollbackOnly()
method gives a bean the power to veto a transaction. Hence choice C is correct.
Choice A is incorrect because the entity bean has the capability to veto the transaction.
Choice B is incorrect because CMT beans only have the power to veto user transactions.
Choice D makes an incorrect argument and is thus wrong.




12       Which of the following is not a resource management technique?


A        Maintaining a smaller pool of Stateless Beans to serve a large number of clients.
B        Providing Database Connection Pooling
C        Persistence of Entity Beans
D        Passivation of Stateful Beans

Choice C is correct.

Persistence of Entity beans is the ability to save data represented by the bean into a database. It is not a resource
management technique. Choice C is false and therefore correct.
Maintaining a smaller number of beans to serve a larger number of clients is a very clever resource management
technique. It is also an example of the Flyweight Design Pattern. Choice A is thus a resource management technique
and therefore incorrect.
Database connection pooling, a similar concept as bean pools, is also a good resource management technique. Choice B
is therefore incorrect.
With Stateful Session Beans, the container uses passivation to manage memory. In passivation the state of the bean is
serialized and its memory freed up for reuse by other services. Hence bean passivation is a memory management
technique making choice D incorrect.
13       Which of the following are invalid states in the life of a Stateful Session Bean?

A        Does Not Exist
B        Method Ready Pool
C        Method Ready in Transaction
D        Method Ready
E        Ready
F        Pooled
G        Passive

Choices B, E and F are correct.

The valid life cycle states of a Stateful Session Bean are 'Does Not Exist', 'Method Ready', 'Method Ready in
Transaction' and 'Passive'. 'Method Ready Pool' is a life cycle state of Stateless Session Beans. 'Pooled' and 'Ready' are
life cycle states of Entity Beans. Hence choices B, E and F are correct.


14       What is the sequence of steps in the life cycle of a Stateless Session Bean?

A        class.newInstance(), setSessionContext (ctx), ejbCreate()
B        ejbCreate(), setSessionContext (ctx), class.newInstance()
C        class.newInstance(), ejbCreate(), setSessionContext (ctx)
D        setSessionContext (ctx), ejbCreate(), class.newInstance()

Choice A is correct.

When Stateless Session Beans transition from 'Does Not Exist' to 'Method Ready Pool', the container invokes
newInstance(), setSessionContext() and ejbCreate() methods. Hence choice A is correct.
Although choices B, C and D have the same methods, the order in which they appear to be called is wrong. Therefore
choices B, C and D are incorrect.


15       HTTPS is defined as

A        HTTP with Security
B        HTTP on secure line
C        HTTP over SSL
D        HTTP with SSL


Choice C is correct

HTTPS stands for HTTP over SSL. With HTTPS, SSL sits above the TCP-IP layer and below the application protocol
layer. Hence choice C is correct.


16       HTTP is

A        Connection Less
B        Connection Base
C        Stateful
D        Stateless
E        Secure

Choice B and D are correct.
HTTP (HyperText Transfer Protocol) is a transport mechanism for MIME (Multipurpose Internet Mail Extensions)
documents. MIME documents often contain HTML (HyperText Markup Language) code for display in browser
windows. HTTP consists of a request sent by the client to the server, followed by a response sent from the server back
to the client. HTTP uses TCP/IP as the underlying transport and network protocols.

The following is taken from:
http://www.w3.org/Protocols/Activity.html

"Whenever a client accesses a document, an image, a sound bite etc. HTTP/1.0 creates a new TCP connection and as
soon as it is done, it is immediately dismissed and never reused."

"HTTP/1.1 fixes this in two ways. First, it allows the client to reuse the same TCP connection (persistent connections)
again and again when talking to the same server. Second, it makes sure that the courier carries as much information as
possible (pipelining) so that it doesn't have to run back and forth as much. That is, not only does HTTP/1.1 use less
TCP connections, it also makes sure that they are better used. The result is less traffic jam and faster delivery."
The following is taken from:
http://www.w3.org/Protocols/HTTP/HTTP2.html
"HTTP is a protocol with the lightness and speed necessary for a distributed collaborative hypermedia information
system. It is a generic stateless object-oriented protocol, which may be used for many similar tasks such as name
servers, and distributed object-oriented systems, by extending the commands, or 'methods', used."
Hence choices B and D are correct. Since choices A and C are the opposite, they are incorrect.
HTTP can be made secure by using 'HTTP over SSL' or HTTPS. But by itself, HTTP is not secure. Hence choice E is
incorrect.



17       Asynchronous communication is achieved by using:

A        Remote Procedure Calls
B        RMI/IIOP
C        Message Oriented Middleware
D        CORBA

Choice C is correct.

Message Oriented Middleware or MOM is used for asynchronous messaging between applications. Most popular
implementations support Point to Point (one to one) and Publish Subscribe (one to many) messaging. Hence choice C is
correct.
Remote Procedure Calls are used for synchronous communication between applications. CORBA and RMI/IIOP are
two protocols that support RPC based communication. Hence choices A, B and D are incorrect.



18       Which of the following is not part of the Messaging architecture:

A        Decentralized messaging using IP Multicasting
B        Decentralized messaging using Secure Sockets Layer (SSL)
C        Use of virtual channels called Queues
D        Use of virtual channels called Topics

Choice B is correct.

Only choice B is not a standard paradigm in messaging architecture. Hence choice B is correct.
IP Multicasting can be used as a technique for decentralized messaging. Queues and Topics are used with Point to Point
and Publish Subscribe messaging. Hence choices A, C and D are incorrect.
19       In P2P, clients send messages to:

A        A designated queue
B        Multiple Queues
C        A specific node for redistribution to subscribers
D        CORBA compliant ORB


Choice A is correct.

P2P or Point to Point messaging is used for one to one communication between two components or applications. In the
P2P model, message producers send messages to a designated queue. Hence choice A is correct.
Although it is possible to mimic Publish Subscribe architecture by sending P2P messages to multiple queues, it is not a
standard practice. Hence choice B is incorrect.
In Publish Subscribe architecture, messages are sent to a specific node for redistribution to subscribers. Hence choice C
is incorrect.
CORBA is an RPC protocol and is not used for asynchronous messaging. Hence choice D is incorrect.



20       Happy Joe Banking Corporation is building a Banking application to provide online access to their account
holders. They have chosen 2 SUN 450s for their web server cluster and 1 SUN E10000 for their application server. The
business requirements indicate that to become a customer, a person must have at least a primary checking account with
the bank. Further since the customer will be using the Internet to view confidential information, security is considered
paramount.
What do you understand about the requirements of the system?

A         The need for Security is a classic example of a functional service level requirement and the checking account
rule, an example of non-functional QoS requirement.
B         The discussion about Security and the mandatory checking account both illustrate functional service level
requirements.
C         Neither Security nor the mandatory Checking Account is an example of any kind of requirements,
theoretically speaking.
D         {Security is an Architectural non-functional requirement and the Mandatory Checking Account a functional
design requirement.
E         They are both examples of Business Use Cases.

Choice D is correct.

Successful software architecture deals with addressing the non-functional service level requirements of a system. The
Design process takes all the functional business requirements into account. Security is considered a non-functional
requirement and specific business rules, such as the one described with the checking account are considered functional
requirements. D is the only choice that accurately describes this.
A is incorrect because the functional and non-functional requirements are flipped over.
B is incorrect because only one of them is a functional requirement.
C is incorrect because as described above, one of them is a functional requirement and the other, a non-functional
requirement.
Finally E is incorrect because business analysis may start with use cases (where the checking account rules may be
captured), but this discussion is specifically questioning functional vs. non-functional requirements.
21        In an interview between the senior management of Happy Joe Banking Corporation and the J2EE application
architect Scott Khosla, the following points were discussed:
I.        The system needed to respond within 5 seconds
II.       The system is needed to have a 99.9% uptime
III.      HJBC was in the process of acquiring another bank which would add two hundred thousand customers to their
already existing half million.
IV.       Each phase of the SDLC was to have a clear sign off process.
V.        The development team was expected to provide a detailed unit test plan and user documentation.
VI.       In order to ensure privacy, HTTPS was to be used.

22       What non-functional requirements were discussed?

A        Scalability, Availability, Extensibility, Manageability and Security
B        Performance, Reliability, Elaboration, Transition, Documentation and Security
C        Specification, Elaboration, Construction, Transition, Use Cases and Security
D        Performance, Availability, Scalability and Security
E        Reliability, Availability, Scalability, Manageability and Security

Choice D is correct.

The non-functional service level requirements discussed are Performance (system needs to respond within 5 seconds),
Availability (system is needed to have a 99.9% uptime), Scalability (additional two hundred thousand subscribers), and
Security (HTTPS is to be used.) Hence choice D is correct.
There is no mention of extensibility (ability to easily add or extend functionality) and Manageability (ability to monitor
the health of the system.) Hence choice A is incorrect.
Specification, Elaboration, Construction, Transition, Documentation and use cases are not non-functional service level
requirements. Hence choices B and C are incorrect.
While scalability and reliability may be related (will the system perform as reliably when more users operate on it),
there is no mention of reliability in the question. Hence choice E is incorrect.



23      N-tier applications show better performance than 2-tier applications because they are modular in nature, which
means that they can be scaled easily, by tuning components and containers individually. True/False ?

A        True
B        False

Choice A is correct.

N-Tier applications (especially those based on J2EE) are designed to be very modular in nature. The tiers and layers
separate roles and responsibilities of each component and container. Hence components and containers can be
individually targeted and scaled as needed. This results in better performance. Hence choice A is correct.



24       Moon Microsystems has a web-based solution that was originally built using Servlets. However, in recent
months, the IS manager has asked developers to use JSP technology with Java Scriptlets embedded in HTML code.
Scott Khosla, the architect, however is insisting that the code be modularized and that EJBs be used instead of Servlets
and JSP for business logic processing. In asking developers to modularize existing code, what software development
technique is Scott asking the developers to follow?

A        Code Break up
B        Code engineering
C        Code Tiering
D        Code Factoring
Choice D is correct.

Software applications have a tendency to grow in complexity over time. When that happens, they become difficult to
extend, maintain and modify. They also become hard to understand.
Code factoring is a modularization technique that deals with the separation of responsibilities in code. Factored code
has loose coupling and minimal dependencies, making components and code more reusable. Hence choice D is correct.
There are no concepts like code break up, code engineering or code tiering. Hence choices A, B and C are incorrect.




25      Refer to the following exhibit
In UML,




A        (i) represents an object and (ii) a class
B        (ii) represents a package and (i) a class
C        (i) represents a class and (ii) an object
D        (i) and (ii) both represent components

Choice C is correct.

In the above diagram Aclass represents a class and: Aclass represents an object. Hence choice C is correct.



26       'A' has a dependency with 'B' is best expressed by:




A        Option a
B        Option b
C        Option c
D        Option d
E        Option e
F        Options b and d
G        Options d and e

Choice D is correct.

Option D shows a diagram with two packages A and B. Package A has a dependency with Package B. Hence choice D
is correct.
In option A, class A extends class B. Hence choice A is incorrect.
In option B, class A implements interface B. Hence choice B is incorrect.
In option C, class A has an association relationship with interface B. Hence choice C is incorrect.
In option E, Package B has a dependency with Package A. Hence choice E is incorrect.
Since options B and E are incorrect, choices F and G are incorrect.


27       Refer to the following exhibit

From the following diagram it can be deduced that:




A        Changes to classes in the Customer package may only impact the Order package
B        Changes to classes in the Customer package will impact Order and OrderLine packages.
C        Changes to the OrderLine package will impact the Customer package
D        Changes to the Customer package will have no impact on the other two packages

Choice A is correct.

The package Order has a dependency with the package Customer. Hence any changes in the Customer Package could
impact the Order Package. Hence choice A is correct.
(Fowler 109)"A dependency between two packages exists if any dependency exists between any two classes in the
packages." Since Customer and OrderLine have no dependencies, choices B and C are incorrect.
Changes to the Customer package may impact the Order package. Hence choice D is incorrect.
28       Refer to the following exhibit



From the exhibit, it can be inferred that




A        1 A can have 2 Bs associated with it
B        1 A can have 4 Bs associated with it
C        1 A can have 2 to 4 Bs associated with it
D        1 A can have exactly 2 or 4 Bs associated with it
E        The multiplicity indicated is only legal in the Booch method, not in UML

Choices A, B and D are correct.

The multiplicity between A and B shown by (2,4) indicates that an A may have exactly 2 or 4 Bs associated with it.
Hence choices A, B and D are correct.

Choice C is incorrect because a 2 to 4 multiplicity would be indicated as (2..4)

The multiplicity shown is perfectly legal in UML. Choice E is therefore incorrect.



29       Fragile Oars, a manufacturer of boating supplies has a mainframe based legacy application for customer and
order management. Recently, Fragile Oars embarked on a project to add Internet presence to its products and services
and hence created a company website. Since then, its management has realized the importance of having an eFront and
wants to start conducting business over the Internet. Fragile Oars wants to use Applets as the front-end. What is the best
method to connect to this legacy system?


A        Using the same applets
B        Using different applets
C        Using Java Server Pages
D        Using Java Servlets


Choice D is correct.

The best approach in this case is to have the applets talk to Servlets that can act as mediators between the applets and
the Legacy system. Hence choice D is correct.
Applets and JSP are used to construct the view of an MVC application. They should not be used as controllers for
dispatching requests. Hence choices B and C are incorrect.



30       Baby Bell is a new local Telephony provider in Chicago, IL. It has a legacy application for the B2B
transactions with Verizon, the Incumbent Local Exchange Carrier (ILEC.) Baby Bell frequently purchases blocks of
Telephone numbers from the ILEC using a CORBA RPC call. There numbers are then assigned to the customers in
sequence. Sometimes customers request vanity numbers, in which case, a custom synchronous query is made on the
ILEC's operational support system, to check for number's availability.
If Baby Bell were to rewrite its existing legacy code using newer J2EE technology, what technology would you choose
so that both the block purchase and the individual query might be accommodated?

A        Java Applet technology for the CORBA call and custom socket programming for vanity number requests.
B        Java Servlet API for the CORBA call and JSP for the custom socket programming
C        Entity EJBs for both
D        Session EJBs for both
E        JNDI for both
F        MQ Series with a JMS based solution for both

Choice D is correct.

Session beans can be used for making both the CORBA call for block purchase of telephone numbers and the custom
synchronous call to request a special vanity number. Hence choice D is correct.
Both operations represent business processes involving partner OSS. integration. Applets are not used for modeling the
business workflow of a system. Hence choice A is incorrect.
JSP represent the view construction process in an MVC application. They should not be used for processing business
logic. Hence choice B is incorrect.
Entity beans represent the business model of an application and provide a representation of enterprise data. They are
not to be used for workflow processing which is better accomplished by using Session Beans. Hence choice C is
incorrect.
JNDI provides Naming and Directory interfaces not workflow processing. Hence choice E is incorrect.
The question specifically says that a synchronous mechanism is to be used for the vanity number request. The CORBA
RPC call for TN reservation is also synchronous. MQ Series is a MOM used for messaging. Messaging is an inherently
asynchronous communication mechanism. Hence choice F is incorrect.



31       Julia Fractals Inc. is building a J2EE based application for Order Entry and management of their fractal
software. Once the order is taken, it is submitted to a relational database. A provisioning system then queries data and
makes appropriate calls to various subsystems using JMS on MQ Series. What design pattern is JMS an example of
here?

A        Observer
B        Mediator
C        Adapter
D        Bridge
E        Visitor

Choice D is correct.

Bridge (GOF 151)"Decouple an abstraction from its implementation so that the two can vary independently." In this
case JMS is the abstraction. The implementation could be MQ Series, TIBCO Rendezvous and Vitria Businessware.
Hence choice D is correct.
Observer (GOF 293)"Define a one-to-many dependency between objects so that when one object changes state, all its
dependents are notified and updated automatically." Hence choice A is incorrect.
Mediator (GOF 273)"Define an object that encapsulates how a set of objects interact. Mediator promotes loose
coupling by keeping objects from referring to each other explicitly, and lets you vary their interaction independently."
Hence choice B is incorrect.
Adapter (GOF 139)"Convert the interface of a class into another interface clients expect. Adapter lets classes work
together that couldn't otherwise because of incompatible interfaces." Hence choice C is incorrect.
Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you
define a new operation without changing the classes of the elements on which it operates." Hence choice E is incorrect.
32       What design pattern best explains the use of the stub and the skeleton in CORBA based RPC applications?

A        Factory Method
B        Singleton
C        Strategy
D        Proxy
E        Decorator

Choice D is correct.

Proxy (GOF 207)"Provide a surrogate or placeholder for another object to control access to it." Hence choice E is
incorrect. The applicability section (GOF 208) defines 'remote proxy' as"A remote proxy provides a local representative
for an object in a different address space." Using the stub and the skeleton, CORBA based applications provide local
representatives for distributed objects. Hence choice D is correct.
Factory Method (GOF 107)"Define an interface for creating an object, but let subclasses decide which class to
instantiate. Factory method lets a class defer instantiation to subclasses." Hence choice A is incorrect.
Singleton (GOF 127)"Ensure a class only has one instance, and provide a global point of access to it." Hence choice B
is incorrect.
Strategy (GOF 315)"Define a family of algorithms, encapsulate each one and make them interchangeable. Strategy lets
the algorithm vary independently from clients that use it." Hence choice C is incorrect.
Decorator (GOF 175)"Attach additional responsibilities to an object dynamically. Decorators provide a flexible
alternative to subclassing for extending functionality." Hence choice E is incorrect.




33      An application has three Stateless Session Beans - SB1, SB2 and SB3. The stubs that implement the respective
Home Interfaces are SH1, SH2 and SH3. A client application performs a JNDI lookup to obtain a reference to one of
these Home Objects. This is then narrowed and used to create the remote reference to the corresponding remote object.
What design pattern best explains the creation of the Remote Object, in this case?

A        Prototype
B        Builder
C        Factory Method
D        Business delegate
E        Service Locator

Choice C is correct.

                  Factory Method (GOF 107)"Define an interface for creating an object, but let subclasses decide
which class to instantiate. Factory method lets a class defer instantiation to subclasses."
Hence the closest pattern this concept is similar to is the Factory Method pattern. Therefore choice C is correct.

Prototype (GOF 117)" Specify the kinds of objects to create using a prototypical instance, and create new objects by
copying this prototype." Hence choice A is incorrect.

Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction
process can create different representations." Hence choice B is incorrect.

                  The following is taken from: http://java.sun.com/blueprints/patterns/BusinessDelegate.html
                "In distributed applications, lookup and exception handling for remote business components can be
complex. When applications use business components directly, application code must change to reflect changes in
business component APIs.

                   These problems can be solved by introducing an intermediate class called a business delegate, which
decouples business components from the code that uses them. The Business Delegate pattern manages the complexity
of distributed component lookup and exception handling, and may adapt the business component interface to a simpler
interface for use by views." Hence choice D is incorrect.

                  The following is taken from: http://java.sun.com/blueprints/patterns/ServiceLocator.html

                  "Enterprise applications require a way to look up the service objects that provide access to distributed
components. Java™ 2 Platform, Enterprise Edition (J2EE) applications use Java Naming and Directory Interface
(JNDI) to look up enterprise bean home interfaces, Java Message Service (JMS) components, data sources,
connections, and connection factories. Repetitious lookup code makes code difficult to read and maintain. Furthermore,
unnecessary JNDI initial context creation and service object lookups can cause performance problems.

                   The Service Locator pattern centralizes distributed service object lookups, provides a centralized
point of control, and may act as a cache that eliminates redundant lookups. It also encapsulates any vendor-specific
features of the lookup process." Hence choice E is incorrect.




34       When remote calls are made on the container provided implementations of the EJBHome and EJBObject,
various transactional and security checks are applied before the call is actually passed on to the bean instance.
The Container provided implementations of EJBHome and EJBObject are performing what Design Pattern's task?

A        Command
B        Adapter
C        Bridge
D        Decorator
E        Facade

Choice D is correct.

The intent of the Decorator pattern as described by GOF (175) -"Attach additional responsibilities to an object
dynamically. Decorators provide a flexible alternative to subclassing for extending functionality." A request intended
for a component is routed to the decorator instead. The decorator forwards the request to the component. It may
perform pre or post processing tasks before or after forwarding the request. J2EE is filled with examples of the use of
design patterns. The container provided implementations of EJBHome and EJBObject decorate bean classes by
providing transactional and security functionalities.
Choice A is incorrect because Command is used to encapsulate a request as an object (GOF 233.) Choice B is incorrect
because Adapter (GOF 139) converts the interface of a class into another interface clients expect. Choice C is incorrect
because Bridge (GOF 151) decouples an abstraction from its implementation so that the two can vary independently
and choice E is incorrect because Façade (GOF 185) provides a unified interface to a set of interfaces in a subsystem.




35       Compact Computers is a small computer assembly company. Their online application allows customers to
pick and choose accessories to build their own PCs. The accessories are:

i.       Processor - 800Mhz, 1Ghz, 1.2Ghz
ii. HDD - 40 GB, 60 GB, 80 GB
iii. Memory - 128 MB, 256 MB, 512 MB

If a computer can have exactly 1 processor, 1 HDD and 1 memory stick, what pattern would be best used here?

A        Factory Method
B        Builder
C        Prototype
D        Abstract Factory
E        Singleton

Choice B is correct.

Builder (GOF 97) separates the construction of a complex object from its representation so that the same construction
process can create different representations. Here the complex object is a computer. A computer is always made up of
exactly one processor, one HDD and one Memory stick (problem description.) However there is no predetermined
formula for combining the parts. Hence Builder is the best pattern here and B is therefore the right answer.
Answer A is incorrect because Factory Method (GOF 107) defines an interface for creating an object but lets subclasses
decide which class to instantiate. You may use factories of factories to construct a complex object, but by itself, the
Factory method is good for creating one out of many. Example: create one processor out of a set of three processors.
Answer C is incorrect because Prototype (GOF 117) specifies the kinds of objects to create using a prototypical
instance. Example: Given a processor, if you were asked to create a computer that used multi processors, this would be
a good option.
Answer D is incorrect because Abstract Factory (GOF 87) provides an interface for creating a family of related or
dependent objects. If the question had defined a relation such as 'A computer of 800 MHz processor can only be
coupled with a 40 GB HDD and 128 MB RAM stick', this would have been an ideal solution.
Answer E is incorrect because Singleton (GOF 127) ensures that a class has only one instance (or a well-defined
number of variable instances) and appropriate global pointers are available to the instance(s).




36       Ibid is an e-auction house that auctions refurbished products. Each product has a minimum bid price. Buyers
can query the system for a list of products and then select a product to bid on. They can then place a higher bid on the
selected product. Transactional Integrity is very important as dirty reads, non-repeatable reads and phantom reads can
lead to data inconsistency.

What technology combination might be most suitable for addressing Ibid's needs?


A        Applets for presentation and JTA/JTS for transactional integrity
B        HTML and JSP for presentation, and Servlets for data retrieval and transaction management.
C        Servlets and JSP for presentation, a stateful session bean with DAO for list retrieval and a stateless session
bean for transaction management.
D        Servlets and JSP for presentation, a stateless session bean with DAO for list retrieval and CMT Entity bean for
Transaction management.
E        Servlets and JSP for presentation, and a Java class to encapsulate database access and transaction
management.

Choice D is correct.

The Model 2 architecture (based on the Model View Controller pattern) suggests that Servlets and JSP be used in the
presentation tier. JSP combine template data with dynamic data to display dynamic content to the user. Servlets act as
front controllers, and forward requests to appropriate events in the business logic tier. Unless concurrent use of shared
data is involved, it may be an overkill to use Entity beans (as in the example of a simple list retrieval.) The list retrieval
is therefore best accomplished by using a session bean with a Data Access Object (DAO.) Since the bidding represents
concurrent use of shared data, this is best accomplished by using an Entity bean.
Choice A is incorrect because this would not be an ideal application for applets.
Choice B is incorrect because it suggests the use of Servlets for all retrieval and updates. Although possible, this is not
recommended in the J2EE best practices as an ideal way when dealing with complex applications.
Choice C is incorrect because it is suggesting that a stateless session bean be used for managing concurrent access to
shared data, something best done by entity beans. Choice E is incorrect because though it may be suited for smaller
applications that are not very transactional in nature, the discussion specifically talks about the need for transactional
integrity. Therefore this is not the recommended solution.




37        Heartbreak Hospital has two applications - Patient Registration System and Patient Billing System. Patient
Billing, an older application has CORBA interfaces for updating Billing Information. The newer Patient Registration
system was built as a Java based Application. Heartbreak now wants to automatically update Billing Information from
the Patient Registration Application. What Java technology may be most suited for this?

A        RMI-JRMP
B        RMI-JNI
C        RMI-IIOP
D        EJB
E        Java IDL
F        Java-CORBA Bridge

Choice E is correct.

The following is taken from:
http://java.sun.com/j2se/1.3/docs/guide/idl/
"Java IDL adds CORBA (Common Object Request Broker Architecture) capability to the Java platform, providing
standards-based interoperability and connectivity. Java IDL enables distributed Web-enabled Java applications to
transparently invoke operations on remote network services using the industry standard IDL (Object Management
Group Interface Definition Language) and IIOP (Internet Inter-ORB Protocol) defined by the Object Management
Group." Hence choice E is correct.
RMI-JRMP is used for distributed processing in a pure Java environment. Hence choice A is incorrect.
There is no indication whether the Patient Billing system supports JNI. Hence choice B is incorrect.
RMI-IIOP is useful when dealing with EJB applications. Hence choices C and D are incorrect.
There is no such thing as a Java-CORBA bridge. The Java IDL API performs that function. Hence choice F is
incorrect.




38     In which of the following cases would an application not necessarily benefit from the use of Enterprise Java
Beans?

A        Small Scale deployment
B        Large scale deployment
C        Transactional in nature
D        No Transactional requirements

Choices A and D are correct.

Enterprise Java Beans are best used with large and complex enterprise applications with high deployment and
transactional requirements. Hence choices A And D are correct.
39       The container applies what memory management techniques in the case of Session Beans?

A        Bean Pooling
B        Bean Passivation
C        Bean Persistence
D        Bean Purge

Choices A and B are correct.

While EJBs offer business services, EJB Containers offer many peripheral services such as memory management,
persistence, transactions and so on. Bean Pooling (in the case of Stateless Session Beans) and Bean Passivation (in the
case of Stateful Session Beans and Entity Beans) are two techniques the container uses for managing memory. Hence
choices A and B are correct.
Bean persistence refers to persisting the data represented by Entity Beans to physical storages such as Relational,
Object or other databases. It has nothing to do with memory management. Therefore choice C is incorrect.
There is nothing called Bean Purge. Beans are removed when the client calls the remove() method on the Home
Interface (Stateful Session Beans) and when the container decides (in the case of Stateless Session Beans and Entity
Beans which reside in Bean Pools when not in use.) In the case of Entity Beans, the remove() method also deletes the
data the bean instance represents. Hence choice D is incorrect.




40        Outstanding Perf is a perfume manufacturing company. The management is currently in the process of
architecting a new J2EE based solution for their online catalog. If performance is paramount and session state needs to
be managed as well, it would be preferable to use HTTP and HTTPSession object as opposed to using HTTPS.
True/False?

A        True
B        False

Choice A is correct.

The question specifies that performance is important. There is no mention of the security requirements. Apart from
providing Session State, HTTPS includes additional functionality for allowing secure communication between the
client and the server. Because of all the extra processing with encryption and decryption, HTTPS is slower than HTTP.
Hence in this case, it may be preferable to use HTTP (which is stateless) with HTTPSession Object (to store state on
the server.) Hence choice A is correct.




41        Staledexho, A renowned catering company has just contracted your services to track their orders. An online
menu is available, for each country serviced. Customers choose what they want, the quantity and provide relevant
billing information. Fed Ex ships the food in a special container.
What classes and APIs are you most likely to use to support Internationalization?

A        Locale
B        Collection Interface
C        ListIterator
D        ResourceBundle
E        KeyStore

F        OutputStreamWriter

Choices A, D and F are correct.

The following is taken from:
http://developer.java.sun.com/developer/technicalArticles/Intl/IntlIntro/
"Locales are used throughout the Java class libraries to customize how data is presented and formatted. They affect
language choice, collation, calendar usage, date and time formats, number and currency formats, and many other
culturally sensitive data representations. If you intend to create international Java applications, you'll definitely use the
java.util.Locale class. There's no getting around it; you'll use Locales to create well-behaved, internationalized,
multilingual Java applications. So, if you haven't had time to explore all the JDK 1.1 international features yet, you'll
get a clearer understanding of the core of the internationalization model, the Locale, as you read and understand the
descriptions and examples in this article.
A Locale is a relatively simple object. It identifies a specific language and a geographic region. In fact, the only
significant contents of a Locale object are language and country. Although superficially these attributes are not
particularly impressive, they represent a very rich and interesting set of information. A Locale object represents the
language and cultural preferences of a geographic area. Language is a fairly easy idea to grasp; cultural preferences
may not be immediately clear. Dates, time, numbers, and currency are all examples of data that is formatted according
to cultural expectations. Cultural preferences are tightly coupled to a geographic area; that's why country is an
important element of locale. Together these two elements (language and country) provide a precise context in which
information can be presented. Using Locale, you can present information in the language and form that is best
understood and appreciated by the user.
Resource Bundles - This internationalization feature of the JDK provides a mechanism for separating user interface
(UI) elements and other locale-sensitive data from the application logic in a program. Separating locale-sensitive
elements from other code allows easy translation. It allows you to create a single code base for an application even
though you may provide 30 different language versions. Although you might be predisposed to think of text only,
remember that any localizable element is a resource, including buttons, icons, and menus.
The JDK uses resource bundles to isolate localizable elements from the rest of the application. The resource bundle
contains either the resource itself or a reference to it. With all resources separated into a bundle, the Java application
simply loads the appropriate bundle for the active locale. If the user switches locales, the application just loads a
different bundle.
Resource bundle names have two parts: a base name and a locale suffix. For example, suppose you create a resource
bundle named MyBundle. Imagine that you have translated MyBundle for two different locales, ja_JP and fr_FR. The
original MyBundle will be your default bundle; the one used when others cannot be found, or when no other locale-
specific bundles exist. However, in addition to the default bundle, you'll create two more bundles. In the example these
bundles would be named MyBundle_ja_JP and MyBundle_fr_FR. The ResourceBundle.getBundle method relies on
this naming convention to search for the bundle used for the active locale.
The java.util.ResourceBundle class is abstract, which means you must use a subclass of ResourceBundle. The JDK
provides two subclasses: PropertyResourceBundle and ListResourceBundle. If these don't meet your needs, you can
create your own subclass of ResourceBundle."

The following is taken from:
http://java.sun.com/docs/books/tutorial/i18n/text/stream.html
"The java.io package provides classes that allow you to convert between Unicode character streams and byte streams of
non-Unicode text. With the InputStreamReader class, you can convert byte streams to character streams. You use the
OutputStreamWriterclass to translate character streams into byte streams."
Thus we can see that Locale, ResourceBundle and OutputStreamWriter play a vital role in Java Internationalization.
Hence choices A, D and F are correct.
The Collection interface, ListIterator and KeyStore are not relevant to I18N. Hence choices B, C and E are incorrect.
42       The conversion between 16-bit Unicode and 8-bit local encoding formats is done by:

A        MessageFormat and NumberFormat
B        Locale and ResourceBundle
C        Properties files
D        InputStreamReader and OutputStreamWriter

Choice D is correct.

The following is taken from:
http://java.sun.com/docs/books/tutorial/i18n/text/stream.html
"The java.io package provides classes that allow you to convert between Unicode character streams and byte streams of
non-Unicode text. With the InputStreamReader class, you can convert byte streams to character streams. You use the
OutputStreamWriterclass to translate character streams into byte streams." Hence choice D is correct.
MessageFormat, NumberFormat, Locale, ResourceBundle and properties files are all used in I18N. These are not
however used for conversion between Unicode character format and local 8-bit byte streams. Hence choices A, B and C
are incorrect.



43       Fire Hall, manufacturers of fire extinguishers, is building a corporate Intranet and wants its employees to
access payroll information via the Internet. They are planning to use Applets, because of its richer GUI capabilities.
The View401K applet requires a Java 1.4 plug in on the host where it is being executed. This applet will read data
cached on a temporary directory in the host to calculate 401K distributions.
What are your observations on the use of Applets for this purpose?

A       The Applet technology is not a viable solution for this application because applets are subjected to the sandbox
model, which prevents them from reading from or writing to the host where they are being executed.
B       The Applet technology is a viable solution for this application because the Security policy of the Java 2
Platform is totally flexible.

Choice B is correct.

The following is taken from:
http://java.sun.com/docs/books/tutorial/security1.2/overview/index.html

"JDK 1.1 introduced the concept of a "signed applet," as illustrated in the next figure. A digitally signed applet is
treated like local code, with full access to resources, if the public key used to verify the signature is trusted. Unsigned
applets are still run in the sandbox. Signed applets are delivered, with their respective signatures, in signed JAR (Java
Archive) files.

JDK 1.2 introduces a number of improvements over JDK 1.1. First, all code, regardless of whether it is local or remote,
can now be subject to a security policy. The security policy defines the set of permissions available for code from
various signers or locations and can be configured by a user or a system administrator. Each permission specifies a
permitted access to a particular resource, such as read and write access to a specified file or directory or connect access
to a given host and port.

The runtime system organizes code into individual domains, each of which encloses a set of classes whose instances
are granted the same set of permissions. A domain can be configured to be equivalent to the sandbox, so applets can
still be run in a restricted environment if the user or the administrator so chooses. Applications run unrestricted, as
before, by default but can optionally be subject to a security policy." As we can see, the Java 2 Security model is totally
flexible. Hence choice B is correct.
44       Which of the following statements is true about SSL?

A        SSL runs above high-level application protocols such as HTTP and LDAP
B        SSL runs below TCP-IP
C        SSL runs above TCP-IP and below application protocols
D        SSL does not have anything to do with either the application or the network layer in the OSI model

Choice C is correct.

The following is taken from:
http://developer.netscape.com/docs/manuals/security/sslin/contents.htm

"The Transmission Control Protocol/Internet Protocol (TCP/IP) governs the transport and routing of data over the
Internet. Other protocols, such as the HyperText Transport Protocol (HTTP), Lightweight Directory Access Protocol
(LDAP), or Internet Messaging Access Protocol (IMAP), run "on top of" TCP/IP in the sense that they all use TCP/IP
to support typical application tasks such as displaying web pages or running email servers.

The SSL protocol runs above TCP/IP and below higher-level protocols such as HTTP or IMAP. It uses TCP/IP on
behalf of the higher-level protocols, and in the process allows an SSL-enabled server to authenticate itself to an SSL-
enabled client, allows the client to authenticate itself to the server, and allows both machines to establish an encrypted
connection." Therefore choice C is correct.

Choice A is incorrect because it suggests that SSL runs above application protocols.

Choice B is incorrect because it suggests that SSL runs below TCP/IP.

SSL runs between TCP/IP and HTTP. Hence choice D is incorrect.




45       What happens when the remove() method is called on the Home Interface of an Entity Bean?

A        The remote reference is invalidated
B        The bean instance is destroyed
C        The bean instance is Passivated
D        The data represented by the bean instance is deleted from the database
E        The Bean Instance moves from pooled state to ready state

Choices A and D are correct.

The remove() method, in the case of Entity Beans, invalidates the client stub, and deletes the data represented by the
bean, from the database. Hence choices A and D are correct.

The bean instance is returned to the pool. It is not destroyed when the remove() method is called on an Entity Bean.
Therefore choice B is incorrect.

The container passivates the bean instance whenever required (for memory management.) It is not a consequence of the
remove() method though. Hence choice C is incorrect.

The Bean instance moves from the Ready State to the Pooled State upon removal, not the other way round as the point
suggests. Hence choice E is incorrect.



46       What types of transactions are supported by Enterprise Java Beans?
A        Implicit Declarative Transactions
B        Explicit JTA based transactions
C        Either A or B (based on vendor implementation)
D        Both A and B

Choice D is correct.

Enterprise Java Beans specification supports both Implicit Declarative transactions and explicit Java Transaction API
(JTA) based transactions. Hence choice D is correct.



47      With Entity Beans, the container automatically generates implementations of all find methods at deployment
time.True/False?

A        True
B        False

The above statement is False.

The container only generates implementations of the find methods at deployment time, in the case of Container
Managed Persistence.




48       What does the ejbCreate() method return in the case of Entity Beans in EJB 1.1?

A        A remote reference to the EJBObject for both BMP and CMP beans
B        The Bean's Primary Key for both BMP and CMP beans
C        A reference to itself in BMP and NULL in CMP
D        NULL value of type BeanPK in CMP and Primary Key in BMP

Choice D is correct.

In EJB1.0, the ejbCreate() method returned void. In EJB1.1, a null value of the bean's primary key type is returned by
the ejbCreate() method (in CMP.) In BMP, the ejbCreate() method returns the primary key of the newly created entity.
Hence choice D is correct.

The Container intercepts the return value from the Bean and returns a remote reference to the remote object, to the
calling client. Hence choice A is incorrect.

Choice B suggests that the Primary Key of the newly created instance is returned in both CMP and BMP. Hence it is
incorrect.

The Bean instance never returns a reference to itself upon creation. Hence choice C is incorrect.




49       You have just started a new job working for a top finance company and you have been asked to provide a
user-friendly interface to an existing mainframe application. You don't have any access to the mainframes source code.
What is the best technique for this?
A        It can't be done.
B        Use a screen scraper.
C        Re-write the main frame using Java and high-end Unix servers. Although it may take some time to do this in
the long run this will benefit the company.
D        Write a Java front end then use CORBA to communicate with the mainframe.
E        Use the Java Native Interface (JNI) to communicate with the mainframe.
F        Use object Mapping
F        Use JMS

B is correct choice.

The key to this question is that you don't have access to the mainframes source code. A screen scraper emulates a
mainframe terminal. Basically the screen scraper logs on to the mainframe like a normal user and sends requests to the
mainframe and then reads the response. The problem with a screen scraper is that if you change any of the mainframes
code there is always the possibility that the screen scraper will stop working.Choice A is incorrect because it can be
done. Choice C would take far too long, would cost too much and is not what the customer wants. Choice D, E and F
are not appropriate are would require access to the mainframes source code. Choice G is incorrect because there is no
mention that the mainframe supports a messaging system. Some of them do and even provide interfaces for JMS
however as it's not stated in the question then this is not the right answer.




50       The company you have been working for has released the next generation of its sales system. You have
several very powerful servers and a few basic servers at your disposal. A network expert has suggested that in order to
get the best possible performance out of these machine you use reverse proxy load balancing? What is reverse proxy
load balancing?

A        Splitting requests evenly amongst all back end servers
B        The proxy sits behind the backend servers monitoring the performance of each one. When it notices one is
being used too much it will automatically forward requests to a different server.
C        Splitting requests amongst all back end servers depending on the amount of spare CPU time each server has
available.
D        A technique used to target certain requests to certain backend servers, e.g. All Servlet requests from one
server. All static HTML from another.
E        A way of filtering out certain requests. It is used to protect against denial of service attacks

Choice D is correct.

Reverse proxy load balancing is generally used when you have servers with different amounts of CPUs and Memory.
You might have some really powerful servers just to be used for SSL sessions and others to handle static html. Using
this will maximise the performance of your applicationChoice A is a description of round-robin load distribution.
Choice B doesn't describe any particular method of load balancing. Choice C is an inaccurate description of reverse-
proxy load balancing and you would need access to the mainframes source code to do this. Choice E is a cross between
a firewall and a standard proxy server this does not do any load balancing.




51       You are working for a web design company and one of your clients would like to convert their website that
currently uses Perl and CGI scripts over to a language that is easier to maintain and reuse. Their website is a sports
betting website where the customer is able to logon and place bets on a variety of different sporting events. What would
you replace this with?
A        JSP/Servlets
B        JSP/Servlets/EJBs
C        JMS
D        ASP

Choice B is correct.

The key to this question is that the site offers the facility to place bets online. Therefore transactions are involved and
this means that Enterprise Java Beans need to be used. It is very hard to implement transactions with just Servlets and
JSPs. Hence choice B is correct.Choice A is incorrect because transactions are involved. JMS is the messaging package
of the J2EE and therefore C is incorrect. And choice D well, enough said!


52       You are in charge on converting an existing web based solution over to the appropriate J2EE technology.
What should you use? The website offers the customers price comparisons on a variety of different products. Revenue
is generated by click through sales when the customer has found the best price.

A        JSP, Servlets
B        JSP, Servlets, EJBs
C        Applets, EJBs
D        No need to change it PERL/CGI scripts is the best solution.

Choice A is correct.

The key to this question is that the revenue is generated by click through sales; this implies that there are no
transactions involved. If transactions were involved then you would use EJBs as well.Choices B and C are incorrect
because there are no transactions involved in this application. PERL/CGI scripts are harder to maintain than Java code
so choice D is not the best option.




53       Your 3-tier application has been deployed in a production environment and has been running smoothly for
over 3 months. However recently due to a Television campaign you're getting 3 times the normal volume of traffic. To
cope with this you decided to introduce Round-Robin load balancing. How is round robin load balancing going to help
with the extra traffic?

A        Splitting requests evenly amongst all back end servers
B        The proxy sits behind the backend servers monitoring the performance of each one. When it notices one is
being used too much it will automatically forward requests to a different server.
C        Splitting requests amongst all back end servers depending on the amount of spare CPU time each server has
available.
D        A technique used to target certain requests to certain backend servers, e.g. All Servlet requests from one
server. All static HTML from another.

Choice A is correct.

Round-Robin load balancing is the process of splitting requests evenly irrespective of the request type (i.e. SSL, JSP,
HTML). If you have 3 servers as the first request comes in it goes to the first sever, second request to the second server
and the third request to the third server. As the fourth request comes in the process starts again and so this request is
forwarded to the first server.Choices B and C are not descriptions of any known load-balancing technique. Choice D is
a description of reverse proxy load balancing. This is generally used when you have servers with different amounts of
CPUs and Memory. You might have some really powerful servers just to be used for SSL sessions and others to handle
static html. Using this will maximise the performance of your application.
54       A Fortune 500 company wishes to add new functionality to its existing sales system and has contracted you as
the lead architect for the project. The legacy system has been written in C++ and they wish to keep this system running
although they may switch over to full Java solution later, depending on the performance of the new extra functionality.
How will connect to this legacy system?

A       Wrap the application using JNI and make it accessible using RMI.
B       Rewrite the C++ code in Java. This shouldn't be too hard because it's converting from one object-orientated
language to another.
C       Use a screen scraper.
D       Use CORBA to talk to the C program then get the CORBA to talk to the RMI server.

Choice A is correct.

JNI stands for Java Native Interface and is used to allow Java to communicate with programs written in languages like
C. In effect you are wrapping the C code to make it available to Java. For example you will wrap a C method called
debitAccount(int amount) with a similar Java method, the Java method will just call the C method. This means you can
now make the method accessible via RMIChoice B is incorrect because this is not what customer wants, you must stick
to the requirements. It would be inappropriate to use a screen scraper here so choice C is incorrect. Although choice D
might be possible, to get this to work would take far more work than is actually required. You would need to get the C
and CORBA programs working first then try and interface CORBA and RMI, which is not necessary, in this case.




55        The IT company you are working currently doesn't offer the facility for customers to buy PCs bundled with
printers. Luckily they have just struck a deal with another printer company. The list of printers they offer is maintained
in a database that runs on one of the printer companies servers. You need to connect to this database however you don't
have a JDBC driver that you can install on the server. The database server does have an ODBC driver installed on it.
How do you connect to the database?

A        You can't, change the data store.
B        Get the printer company to write a web page that you can pass SQL requests to. (You would simply send SQL
queries as POST requests and the output would be the ResultSet) This should be implemented securely using SSL with
client and server authentication
C        Wrap some JNI access code around the OBDC driver then connect using JDBC.
D        (Don't implement the solution using Java.
E        Send the database requests as JMS method calls
F        Use the JDBC-OBDC bridge driver.

Choice F is correct.

The key to this question is that with the JDBC-ODBC you are not connecting to the database directly you are
connecting to the ODBC driver instead. So it doesn't matter what the database is as along as there is an ODBC driver
available.Choice A is incorrect because it can be done. Although choice B may work it is not the best solution, the
JDBC-ODBC Bridge is the best solution. You don't need to wrap JNI code around the ODBC driver to connect to it.
Hence choice C is incorrect. Choice D is incorrect because it is possible to connect to the data source using Java.
Choice E is incorrect because there is no mention of any Message server in the question and this is not suitable
technology for the job.
56       A work colleague has been describing a mainframe application that your company uses to maintain their sales
data. He says that the next application you will need to design will involve screen scraping, as he can't see how else the
connection to the mainframe will be possible. What is screen scraping?

A       A plastic tool to get ice off a car windscreen.
B       A program that interacts with a mainframe passing requests from the users directly to custom written code that
you have added in the mainframe.
C       A program that emulates a mainframe terminal and passes user input to the mainframe.
D       A program that's supplied by the mainframe for Java programs to interact with.
E       Your colleague is wrong. It will be quite easy to connect directly to the mainframe using Java.
F       A program that uses JNI to access the mainframe.
G       A program that use JMS to send messages to the mainframe. Note this only works if the mainframe has a
message server built into it.

Choice C is correct.

A screen scraper emulates a mainframe terminal. Basically the screen scraper logs on to the mainframe like a normal
user and sends requests to the mainframe and then reads the response. The problem with a screen scraper is that if you
change any of the mainframes code there is always the possibility that the screen scraper will stop working.Choice A
maybe true but it's not the right kind of screen scraper! Choices B and F require that you have access to the mainframes
source code. Screen scrapers are written as and when they are needed, the mainframe vendor does not supply them so
choice D is incorrect. Your colleague is right. Therefore choice E is incorrect. Choice G is incorrect because although
you can communicate with mainframes via JMS the process is different from screen scraping.




57      You are working for a company with a worldwide presence; their offices are spread across many countries and
over many computer networks. Virtual private networks have been set up to increase security. What are Virtual Private
Networks are where are they created? (VPNs)

A         A network created between two other networks (these are not located in the same place, geographically).
Encryption and Authentication are used in the VPN. Normally the VPN is a network on top of an untrusted network
(like the Internet).
B         The area between two firewalls. You let traffic from the Internet into this area (through the first firewall) but
not through the second firewall (to your secure network).
C         The secure (inner) network as described in answer B.
D         A network created between two other networks (these are not located in the same place, geographically).
Encryption and Authentication are NOT used in the VPN. Normally the VPN is a network on top of a trusted network
(like the Internet).

Choice A is correct.

The answer given in choice A explains what a Virtual Private Network is (VPN). Choice B describes a DMZ; choice C
the local area network in the DMZ and choice D is incorrect because encryption and authentication are used in the
VPN.



58       What is object mapping?

A       The process of converting a class diagram to Java code.
B       A program that emulates a mainframe terminal and passes user input to the mainframe.
C       The process of building object wrappers around Java interfaces. This allows the legacy system to interact with
your Java application.
D       The process of building object wrappers around legacy interfaces. This makes the legacy system available in
an OO fashion.

Choice D is correct.

Object mapping is used when accessing legacy systems. You need access to the legacy system's source code in order to
do this.Choice A sounds plausible but is incorrect. Choice B is a description of a screen scraper. There is no need to
build object wrappers around Java interfaces. Choice C describes the opposite. Hence choice C is incorrect.




59        You are the lead architect for a project that will require you interfacing with existing CORBA systems. You
are planning to use Java IDL to integrate with these other systems. Which of the following statements about Java IDL
are true?

A         Allows Java to use CORBA
B         Should be used when most of your new Java applications will be entirely Java based.
C         Should be used if you have already been using CORBA for a while and wish to carry on with some CORBA
systems
D         Java IDL has nothing to do with CORBA. To communicate with CORBA you will need to use JNI (Java
native interface) and J2C (Java 2 CORBA)t +Same as E expect you won't need to use JNI.
E         Java IDL should be used when servicing messaging requests from CORBA clients.

Choices A and C are correct.

The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/index.htmlJava IDL adds CORBA (Common
Object Request Broker Architecture) capability to the Java platform, providing standards-based interoperability and
connectivity. Java IDL enables distributed Web-enabled Java applications to transparently invoke operations on remote
network services using the industry standard IDL (Object Management Group Interface Definition Language) and IIOP
(Internet Inter-ORB Protocol) defined by the Object Management Group. Runtime components include Java ORB for
distributed computing using IIOP communication.Choice B is incorrect because you should use RMI-IIOP instead of
Java IDL. Choices D and E are not true as Java IDL adds CORBA capability to the Java platform. Choice F is incorrect
because Java IDL shouldn't be used when servicing requests from CORBA clients and the reference to messaging is a
red herring.




60      You are designing an Enterprise Application to provide a way for customers to buy products from many
companies through one standard site. The application servers you have use the EJB specification 1.1. You have a
customer bean and are not sure whether to use CMP or BMP. When should you use CMP?

A        When performance is essential and you are storing standard data types.
B        When performance is not essential and you are storing standard data types.
C        When performance is essential and you are storing complex data types.
D        When performance is not essential and you are storing complex data types.

Choice B is correct.

Please note that this is referencing EJB1.1This is a time dependent question as technologies have changed. When Sun
wrote the EJB specification 1.1 Application Servers weren't very efficient at generating SQL used for persistence and it
used to be recommended that you use BMP instead. However App Servers have improved and some would argue that
CMP is now more efficient than BMP. In the SCEA guidebook by Cade it says BMP will out perform CMP. When the
exam is updated to EJB 2.0, the answer to this question would probably change.Choice A is incorrect because BMP can
be more efficient than CMP. CMP cannot cope with mapping complex data types to a database very efficiently. Hence
choice C is incorrect. Even if performance is not an issue, it is still recommended that you use BMP when storing
complex data types. Therefore choice D is incorrect.




61       You've written all the UML diagrams you need for your companies online store. Other developers and
architects have approved them. Now you are deciding which Enterprise Beans will use Container Managed Persistence
(CMP) and which will use Bean Managed Persistence (BMP). When should you use BMP?


A        When performance is essential and you are storing standard data types.
B        When performance is not essential and you are storing standard data types.
C        When performance is essential and you are storing complex data types.
D        When performance is not essential and you are storing complex data types.

Choices A, C and D are correct.

Please note that this is referencing EJB1.1This is a time dependent question as technologies have changed. When Sun
wrote the EJB specification 1.1 Application Servers weren't very efficient at generating SQL used for persistence and it
used to be recommended that you use BMP instead. However App Servers have improved and some would argue that
CMP is now more efficient than BMP. In the SCEA guidebook by Cade it says BMP will out perform CMP. When the
exam is updated to EJB 2.0, the answer to this question would probably change.Choice C is incorrect because using
Container Managed Persistence will increase the portability of the Enterprise Bean and should be used wherever
possible.



62        Your company has won a contract with a major supermarket company to allow customers to do their grocery
shopping online. As this will involve a huge number of shoppers you have decided to opt for a J2EE solution. When
creating the Enterprise Beans to be used in this application what components do you need?

A        A Home interface, A Remote Interface and a class that implements either the SessionBean or EntityBean
interfaces.
B        A Home interface and a class that implements either the SessionBean or EntityBean interfaces.
C        A Remote interface and a class that implements either the SessionBean or EntityBean interfaces.
D        A Remote interface and a class that implements the EnterpriseBean interface.
E        An EJBObject interface, a Remote interface and a class that implements either the SessionBean or EntityBean
interfaces.
F        An EJBObject interface, a Home interface and a class that implements either the SessionBean or EntityBean
interfaces.

Choice A is correct.

You need a Home interface that has create() and find() methods, a Remote interface to define your business methods,
and a class that implements either the SessionBean or EntityBean interfaces.Choice B is incorrect because you also
need a Remote interface. Choice C is incorrect because you also need a Home interface. Choice D is incorrect because
you need the Home interface and a class that implements either the SessionBean or EntityBean interfaces. Choices E
and F are incorrect because you don't need an EJBObject interface.
63       What is the difference between Stateful session beans and stateless session beans?

A        Stateful session beans are pooled and Stateless session beans aren't.
B        A Stateful session bean can persist its state through a server crash but a Stateless session bean can't.
C        A Stateful session bean can remember its state with a client, like a conversation but a Stateless session bean
can't.
D        A Stateful session bean uses a Primary Key interface to maintain persistence.

Choice C is correct.

An example use for a stateful session bean would be a shopping basket because it maintains its state. However a
stateless session bean can't and instead should be used as a service e.g. credit card validation. A stateful session bean
cannot survive a server crash, as none of its data is permanently stored like Entity beans.Choice A is incorrect because
Stateless session beans are pooled. Choice B is incorrect because a stateful session bean cannot survive a server crash.
Choice D is incorrect because the data in a stateful session bean is not stored on a database and therefore there is no
Primary Key interface for stateful session beans.



64       What is the difference between stateful Session beans and Entity beans?


A        Stateful session beans can survive a server crash but Entity beans can't.
B        Entity beans can survive a server crash but Stateful session beans can't.
C        Session beans are typically used to make calls on Entity beans.
D        Entity beans are typically used to make calls on Session beans.

Choices B and C are correct.

Entity beans represent data on a database whereas session beans represent workflow. It is very expensive to create
Entity beans and the code can become quite complicated. Hence you should use the Session-Façade pattern, where the
customer talks to a Session bean which in turn talks to the Entity bean.Choice B is incorrect because session beans
cannot survive a server crash and in choice D the description is the other way around.



65       You have an application that will be used for customers to buy service engineers time and extend warranties
online. You have several different Enterprise Beans in this application for example, Customer, Warranties,
CreditCardValidation etc. It's a long time since you've coded EJBs (normally your time is spent designing applications
at a higher level) and you've forgotten which methods should go in which interface. What methods do you put in the
Remote interface?

A        Defines create(), find(), remove(Object) methods.
B        Defines signatures of EJB's business methods.
C        Defines the persistence of the bean, e.g. how to persist etc.
D        Defines all methods that the client can call on the EJB.
E        You don't need a Remote interface for an EJB. An EJB consists of a Home interface and an EJBObject
interface.


Choices B and D are correct.

The Remote interface is used to define all of the methods that can be called by the client on the Enterprise Bean. If you
try and call a method that exists in the Enterprise bean class but hasn't been defined here you will get a
RemoteException.The methods in choice A are defined the Home interface. Choice C describes information that would
be found in the deployment descriptor and application server. Choice E is incorrect because a remote interface (that
implements javax.ejb.EJBObject) is required.




66      You are designing an Enterprise Bean to represent a customer in your new application. You have many
methods for this EJB for example:createAccount()deductAmount()create()find()Which of these methods needs to go in
the Home Interface and what is it used for?

A       Defines create(), find(), remove (Object) methods.
B       Defines signatures of EJB's business methods.
C       Defines the persistence of the bean, e.g. how to persist etc.
D       Defines all methods that the client can call on the EJB.
E       The createAccount(), deductAmount() methods need to go in the Home interface as it defines the business
methods.

Choice A is correct.

The Home interface defines the create(), find(), and remove() methods.The Remote interface is used to define all of the
methods that can be called by the client on the Enterprise Bean. If you try and call a method that exists in the Enterprise
bean class but hasn't been defined in the remote interface, you will get a RemoteException.Choice B is incorrect
because these are methods defined in the Remote interface. Choice C describes information that would be found in the
deployment descriptor and the application server. Choices D and E describe the Remote interface.


67       Select the most appropriate use for an Entity Bean?

A        Store state for a particular client.
B        To store data permanently such as financial data.
C        Store state for any client, not any in particular.
D        Provide a service to the client.

Choice B is correct.

The key to this question is"select the most appropriate" there are a two possible right answers. (B) Is the most correct
because it has the word permanently in the answer. Entity beans represent data on a database. It might be possible to
argue that (A) is also right because maybe that is a customer Entity Bean storing their address and personal details. But
there is no reference to permanent data storage. Hence (B) is the better answer.Choice C would require either a stateless
or stateful session bean. The reason it could be either is because it says"not any particular client". Choice D would
typically require a stateless session bean.




68       You've managed to work out what the next big online shop will be way ahead of everyone else, and are
currently designing it. Although the design is still in a rough stage and you have yet to secure sponsors to take it into
production you have already decided on some of the Enterprise Beans that you will need. You know you will need a
customer EJB, Shopping basket EJB, another EJB to be used when accessing data on a legacy system. You know you
will need many more but what would be an appropriate use for a Stateless Session Bean?

A        To represent a shopping basket.
B        Provide a service to the client.
C        Store state for a particular client.
D        To access data on a legacy system.

Choice B is correct.

Stateless session beans can't remember which client they were last talking to and any data they might hold is not saved
in a database. Stateless session beans are used to provide a service. E.g. credit card validation.Choice A is incorrect
because a shopping basket would require state (a Stateful Session Bean). Choice C would require a Stateful Session
Bean or Entity Bean depending on whether the data needed to be permanently stored for that client. Although choice D
is possible this isn't the most appropriate use for a stateless session bean.



69      In a Catalog Enterprise Bean, (used in an online sports shopping site) you have code that will be executed
when ejbPassivate() and ejbActivate() are called. The code is used to perform basic house keeping tasks. You need to
know when the code will execute so which of the following statements are true?

A        ejbPassivate() is called prior to passivation.
B        ejbPassivate() is called immediately after passivation.
C        ejbActivate() is called prior to activation.
D        ejbActivate() is called immediately after activation.

Choices A and D are correct.

The descriptions in choices B and C are the wrong way round.




70       You have never worked with J2EE application servers before and are about to release your first 3-Tier
application. Your company already has a strong customer base so you expect a huge volume of traffic over the first few
days of the launch. You're not to sure how your application server will cope with all the customers but a colleague
reassures you that the Enterprise beans are pooled and the performance of the system will be fine. What are the benefits
of bean pooling?

A        Improves response time between client and bean
B        Means you need fewer instances of the beans and therefore increases scalability.
C        Means you need fewer instances of the beans but this does nothing for increasing scalability.
D        Means you keep more instances of the beans in memory but this improves performance of the Application
server ten fold.

Choice B is correct.

Bean pooling is just like database connection pooling. There is no point having a few thousand instances in memory
when you could get by with 50. When a bean is in a pooled state it is not associated with any particular client.The
following are wrong because:You could argue that by bean pooling it reduces the load on the application server and
this indirectly improves the response time. However this choice (A) is not the most appropriate. Choice C is incorrect
because bean pooling does increase scalability. Choice D is incorrect because you keep fewer instances of the beans in
memory.



71       Which of the following statements are true with regards to bean pooling?
A        The EJB specifies how many instances to pool at deployment time.
B        Although bean pooling improves performance it doesn't offer any advantages in Scalability terms.
C        If your server has enough memory you should avoid bean pooling.
D        The application server depending on the beans usage decides the number of instances to pool.

Choice A is correct.

You can say how many instances should be pooled at deployment time.Choice B is incorrect because bean pooling
does increase scalability. There is no need to avoid bean pooling and if you didn't do it the amount of memory you
would need would be far too expensive. Hence choice C is incorrect. The number of beans to pool is set at deployment
time. Hence choice D is also incorrect.



72       Its not just Stateless Session beans that are pooled, Entity beans are as well. True/False?

A        TRUE
B        FALSE

The above statement is true.

Yes they are both pooled to reduce the load on the Application server.



73       When should RMI over IIOP be used?

A        RMI over IIOP is used all the time with standard RMI.
B        When performance doesn't matter.
C        When you are dealing with a pure Java system, no legacy systems etc.
D        When RMI is used with Enterprise Javabeans.

Choice D is correct.

The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/jidlFAQ.htmlRMI-IIOP - If you are writing
most of your new applications using the Java programming language, but need to maintain legacy applications written
in other programming languages as well, you will probably want to use Java RMI with its IIOP compiler option.Choice
A is incorrect because JRMP is the standard for RMI. Whether you use IIOP or JRMP is irrelevant in terms of
performance. Hence choice B is incorrect. You should use standard JRMP in the case choice C describes.



74       As part of your online shopping site you need customers to be able to pay for their goods securely. You have
decided that you will use SSL with 128bit encryption to transmit the credit card details. What port number does HTTPS
run on and can it be configured to run elsewhere?

A        8443 and yes it can run elsewhere
B        8443 and no it can not run elsewhere it must run on this port
C        443 and yes it can run elsewhere
D        622 and yes it can run elsewhere
E        443 and no it can not run elsewhere it must run on this port

Choice C is correct.
As a standard HTTPS runs on port 443 but it can be configured to run elsewhere. With web servers such as Tomcat the
SSL port is 8443.



75       You are designing an application that will use JRMP over IIOP. The Network engineers at your company
would like to know what port you intend to use to access the internet and other networks so that they can make it
available on the companies firewall. What port do you ask for?

A        443
B        535
C        1099
D        8443
E        80

Choice C is correct.

JRMP runs on port 1099 as standard although it is possible to run it on a different port.Choice A is the standard SSL
port number. IIOP uses port 535. Web servers such as Tomcat use the port 8443 for SSL. And choice E is the standard
HTTP port. Although you wish to access the internet you are not making http requests.For more information please
refer to the following URL:http://www.iana.org/assignments/port-numbers



76       You need to replace ASP scripts. What J2EE technology do you use?

A        JMS, JSP and Servlets
B        JSP and Servlets
C        JTA, JSP and Servlets
D        Applets

Choice B is correct.

ASP and JSP have a very similar syntax so it makes sense to replace ASP with JSP. You should also try and extract
parts from the ASP script that perform controller operations or other processing and implement them as Servlets.Choice
A is incorrect because the Java Message Service and has nothing to do with web pages. There is no mention of
transactions in the questions and if there was it would probably be better to use EJBs as well so choice C is incorrect.
Although choice D is possible this is not the best answer as there would be too much work involved in creating the
Applets.




77       As part of your new application you need to connect to a database. You don't have any access to the database
server so you can't change the ODBC driver that's currently installed. How do you connect?

A        CORBA
B        JMS-JNI
C        JDBC-ODBC bridge
D        JDBC

Choice D is correct.

The key to this question is that you don't need to install a new ODBC driver or anything like that, you can connect to
the database directly via JDBCCORBA is used for distributed systems not database connectivity so choice A is
incorrect. Choice B wouldn't work and choice C isn't necessary, as the question doesn't say that you can't use a normal
JDBC driver.



78       When would you choose RMI-JRMP over CORBA?

A        When you are designing a pure Java solution.
B        When you are designing a solution that will not be pure Java but will mainly be in Java.
C        When you will interact with applications written in other languages such as C/C++
D        When performance is essential.

Choice A is correct.

The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/index.htmlThis is a fundamental question and
it's important to understand the distinction between these two ways of integrating the Java programming language with
CORBA. Java IDL is for CORBA programmers who want to program in the Java programming language based on
interfaces defined in CORBA Interface Definition Language (IDL). This is "business as usual" CORBA programming,
supporting Java in exactly the same way as other languages like C++ or COBOL. RMI-IIOP (Remote Method
Invocation over Internet Inter-ORB Protocol) is for Java programmers who want to program to the RMI interfaces, but
use IIOP as the underlying transport. RMI-IIOP provides interoperability with other CORBA objects implemented in
various languages - but only if all the remote interfaces are originally defined as Java RMI interfaces. It is of particular
interest to programmers using Enterprise JavaBeans (EJB), since the remote object model for EJBs is RMI-based.You
would use RMI-IIOP in choice B. In choice C you would use CORBA. CORBA actually slightly outperforms RMI.
Hence choice D is also incorrect.




79      You have a distributed system that is not made up entirely of Java objects (some of them are CORBA) what
technology should you use?

A        RMI-JRMP
B        CORBA
C        Rewrite the objects so the system in entirely Java based
D        RMI-IIOP

Choice B is correct.

The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/jidlFAQ.htmThere are several scenarios that
will define how you will want to create distributed CORBA applications. Here are some of them: Java IDL - If you
have been developing CORBA applications using IDL for some time, you will probably want to stay in this
environment. Create the interfaces using IDL, and define the client and server applications using the Java programming
language to take advantage of its "Write Once, Run AnywhereTM" portability, its highly productive implementation
environment, and its very robust platform. RMI-JRMP - If all of your applications are written in the Java programming
language, you will probably want to use Java RMI to enable communication between Java objects on different virtual
machines and different physical machines.

Using Java RMI without its IIOP option leverages its strengths of code portability, security, and garbage collection.
RMI-IIOP - If you are writing most of your new applications using the Java programming language, but need to
maintain legacy applications written in other programming languages as well, you will probably want to use Java RMI
with its IIOP compiler option.RMI-JRMP would be used in an all Java solution so choice A is incorrect. There is no
need to rewrite the objects so the system in entirely Java based so choice C is incorrect. There already are CORBA
objects so although choice D is possible it is not the most appropriate answer.
80       When would you use a JDBC-ODBC Bridge?

A        This is the standard, and is used all the time.
B        When you have to use a database that has an ODBC driver but the JDBC driver doesn't exist.
C        When you are connecting to a database running on a Windows server (NT, 2000 etc).
D        When you need faster response times.

Choice B is correct.

You are basically connecting to the ODBC driver as opposed to directly to the database.Choice A is incorrect; normally
you would just connect directly via JDBC. Whether you are connecting to a database running on a Windows server
(NT, 2000 etc) makes no difference at all. Hence choice C is incorrect. The JDBC-ODBC bridge will not increase
performance as described in choice D.




81       You have had enough with all the UML tools on the market as none do exactly what you want them to. So
you've decided to design your own. However when designing it you realise that certain parts will be really complicated
for example you have a Diagram object that is made up of lots of other objects. This diagram object can be used for a
variety of different diagrams including class and sequence diagrams. When you create it you only want to specify its
type and content. What pattern should you use?

A        Abstract Factory
B        Factory Method
C        Builder
D        Decorator

Choice C is correct.

The builder pattern separates the construction and representation of an object. The client is shielded from the objects
construction only needing to specify it's content and type.The Abstract Factory pattern is used for creating many objects
that are dependent on each other. Hence choice A is incorrect. The Factory Method pattern provides an interface for
creating an object that allows either sub classes or helper classes to create that object. Hence choice B is also incorrect.
The Decorator pattern isn't used to build objects. It adds extra functionality to existing objects. Hence choice D is
incorrect.



82       You need to interface with an existing application. You have full access to the source code and UML diagrams
from the existing application. Part of the requirements implies that you will need to connect unrelated objects together.
You want to know whether the Bridge pattern or the Adapter pattern will be suitable. Which of the following are true
about the Bridge and Adapter patterns?

A          The Adapter pattern implements an interface known to its clients and provides an instance of a class not
known to its clients.
B          The Bridge pattern implements an interface known to its clients and provides an instance of a class not known
to its clients.
C          The Adapter pattern creates a separation between abstractions and classes that implement those abstractions.
D          The Bridge pattern creates a separation between abstractions and classes that implement those abstractions.

Choices A and D are correct.
As the answers state the Adapter pattern implements an interface known to its clients and provides an instance of a
class not known to its clients. And the Bridge pattern creates a separation between abstractions and classes that
implement those abstractions. Choices B and C are incorrect because the descriptions are the other way around.



83       As part of your new application you need to create a custom class loader so that you can implement with
custom security. So you need to create objects without knowing the class of the objects or how to create them. What
pattern should you use for this?

A        Abstract factory
B        Factory Method
C        Builder
D        Prototype
E        Singleton

Choice D is correct.

This pattern is used to create new objects by copying its prototype.The Abstract factory pattern is used for creating
many objects that are dependent on each other. Therefore choice A is incorrect. The Factory Method pattern provides
an interface for creating an object defers creation to either sub classes or helper classes. Hence choice B is incorrect.
The Builder pattern separates the construction and representation of an object. The client is shielded from the objects
construction only needing to specify it's content and type. Choice C is therefore incorrect. The Singleton pattern creates
either one or a variable number of instances of a class making choice E incorrect.



84        You are creating a web application for an online product ordering system. You will be using data from several
different databases and to reduce the load on the databases you have decided to use connection pooling. You have a
ConnectionPool class and you want one pool for each database however you will have to connect to a variable number
of databases. What pattern should you use?

A        Abstract factory
B        Factory Method
C        Builder
D        Prototype
E        Singleton

Choice E is correct.

The Singleton doesn't just create a single instance it can also be used to create a variable number of instances of a
class.The Abstract factory pattern is used for creating many objects that are dependent on each other so choice A is
incorrect. The Factory Method pattern provides an interface for creating an object defers creation to either sub classes
or helper classes. Hence choice B is incorrect. The Builder pattern separates the construction and representation of an
object. The client is shielded from the objects construction only needing to specify it's content and type. Choice C is
hence incorrect. The Prototype pattern is used to create new objects by copying its prototype. Choice D is therefore
incorrect.



85       You are interfacing with a server that is running as a JMS server and email server. Basically your company
has an online shopping store and when a customer buys something you need to send an email confirmation. Email
requests will be sent as JMS messages so as to reduce the load on the email server. Does JMS provide the
implementations to allow you to send these messages to the email server? True/False?

A        TRUE
B        FALSE

The above statement is False.

The JMS only defines interfaces there are no implementation classes in the package. So you will need to write all of the
implementations yourself.



86       Is Point-to-Point (PTP) is based on message queues?

A        TRUE
B        FALSE

Choice A is correct.

Point-to-Point messaging is typically used where a client application sends a message to another application. This is the
one-to-one messaging paradigm. In contrast, Publish Subscribe, allows broadcast communication (one-to-many.)



87       Your have decided to let people shopping at your site receive confirmation emails when they buy online. The
emails will not contain their credit card numbers but will contain the amount they have been charged. A JMS request to
an email server will be used to do this. However you are worried about how secure this will be but a college re-assures
you that JMS has security built into it. Is this true? True/False?

A        TRUE
B        FALSE


The above is false.

The JMS only defines interfaces so you will need to design your own security around this.



88        You've designed an application that allows customers to buy chapters of e-books. Due to the success of the
project this will be launched as a worldwide application. In the process of converting this application to be suitable for
worldwide use, which of the following will you use?

A       Java runs with already as standard 16bit characters as standard so you don't need to use any particular classes
to change the text. All primitive objects can be used.
B       java.text package
C       java.lang.Integer Class
D       java.lang.Number Class
E       java.international package
F       java.Unicode package

Choice B is correct.

The java.text package contains classes such as MessageFormat and NumberFormat, these classes are used to layout text
in the appropriate way.Choice A is incorrect; primitive objects cannot be used. Choices C and D are incorrect because
the way numbers are displayed is different in most countries. The packages named in choices E and F don't exist.
89       Which of the following are used in Internationalization?

A        java.lang.Long Class
B        java.lang.Float Class
C        java.lang.Number Class
D        java.lang.String class
E        char primitive class

Choices D and E are correct.

The String and char primitive classes are used in the process of Internationalization.Choices A, B and C are all
incorrect because its the way numbers are displayed that is different in most countries.



90       What is the ResourceBundle class used for?

A        To store information about the program, like an external configuration file.
B        To store parts of the program that is Locale sensitive, e.g. the text on a message window.
C        To get access to local system resources such as files etc.

D        To access properties of the users environment, language and a region.

Choice B is correct.

A ResourceBundle is used to store all parts of a program that you will need to change as part of Internationalization.
For example you could put the text for dialog messages there and when it came to displaying the dialog, the program
will look up and retrieve the appropriate text based on the country of the user.Choice A is incorrect because the
ResourceBundle doesn't store any information about the program like an external configuration file. The
ResourceBundle doesn't give you any access to local resources. Hence choice C is incorrect. The properties of the
user's environment, language and a region are found in the users system properties, not the ResourceBundle. Hence
choice D is also incorrect.




91       You have been brought in from another project to help some colleagues with the documentation of an
application they have been working on. You need to show groups of classes as subsystems. What type of UML diagram
will you use?

A        Collaboration Diagram
B        Class Diagram
C        Package Diagram
D        Use case Diagram

Choice C is correct.

A package diagram is used to show groups of classes that belong together. Choice A is incorrect because a
Collaboration Diagram is a type of interaction diagram. A Class Diagram shows individual classes. Hence choice B is
incorrect. A Use case Diagram depicts a scenario that the system would be involved in. Thus choice D is also
incorrect.For more information about UML:http://www.uml.org/




92       What is true about the following diagram?
A        Class A inherits from Class B
B        Class B inherits from Class A
C        Class B will send messages to Class A
D        Class A will send message to Class B

Choice B is correct.

This diagram shows generalization (or inheritance). Note: Normally the sub class is be shown below the ancestor,
though that is not a UML constraint.Choice A is incorrect because it is the other way around. Choices C and D are both
incorrect because the empty triangle wouldn't be there in the diagram if messages were being sent.For more information
about UML:http://www.uml.org/




93       What is the "Something" shown in the following diagram?




A        A component
B        A package
C        A component collaboration
D        A super class

Choice B is correct.

This is a package and it represents a group of classes.The symbol is incorrect for it to be a component. Hence choice A
is incorrect. For this to be part of a collaboration diagram it would need to interact with another object. Hence choice C
is incorrect. If it were a super class, another class would need to extend from it. So choice D is also incorrect.For more
information about UML:http://www.uml.org/



94       What is true about the following diagram?




A        It is a class called AName
B        It is a static class called AName
C        It is an object called AName
D        It is an interface

Choice C is correct.

You can tell this is an object because its name is underlined. The following is taken from (Cade 42):"If the element
name is underlined, then it is an instance of an element. You can precede an element name with a : and have an
anonymous instance. You can place a name in front of the : and have a named instance of an element."Choices A and B
are incorrect because the name is underlined. Choice D is incorrect because the symbol would have the word interface
above it like this: <<interface>> if it were an interface.For more information about UML:http://www.uml.org/




95       When should you use Java IDL and when should you use RMI-IIOP?


A        You should use Java IDL when using Enterprise Javabeans.
B        You should use RMI-IIOP when using Enterprise Javabeans.
C        You HAVE to use RMI-IIOP when using Enterprise Javabeans.
D        Java IDL can be used even if the remote interfaces were originally defined as RMI interfaces.
E        RMI-IIOP can be used with CORBA only if the remote interfaces were originally defined as RMI interfaces.
F        RMI-IIOP can be used with CORBA even if not all of the remote interfaces were originally defined as RMI
interfaces.
G        It comes down to programmer preference as both can be used in all situations.

Choices B and E are correct.

The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/index.htmlThis is a fundamental question and
it's important to understand the distinction between these two ways of integrating the Java programming language with
CORBA. Java IDL is for CORBA programmers who want to program in the Java programming language based on
interfaces defined in CORBA Interface Definition Language (IDL). This is "business as usual" CORBA programming,
supporting Java in exactly the same way as other languages like C++ or COBOL. RMI-IIOP (Remote Method
Invocation over Internet Inter-ORB Protocol) is for Java programmers who want to program to the RMI interfaces, but
use IIOP as the underlying transport.

RMI-IIOP provides interoperability with other CORBA bjects implemented in various languages - but only if all the
remote interfaces are originally defined as Java RMI interfaces. It is of particular interest to programmers using
Enterprise JavaBeans (EJB), since the remote object model for EJBs is RMI-based. Choice A is incorrect; Java IDL has
nothing to do with Enterprise Javabeans. In choice C you can use JRMP instead of IIOP if you want. So this choice is
incorrect. Choice D is incorrect because Java IDL requires CORBA interfaces not RMI interfaces. Choice F is incorrect
as all the interfaces must be defined as RMI interfaces. Choice G is incorrect because although sometimes Java-IDL
and RMI-IIOP could be used for the same thing, generally a situation will suit one more than the other.




96       You have an online shopping application that has been deployed for some time. Previously all sales had been
diverted to another company. Because of the popularity of your site now, you have decided that your application will
handle credit card sales, going forward. You will use JMS to send requests to charge credit cards to a separate server.
You need an instant response as to whether the credit card transaction was approved. What type of messaging do you
use?

A        Publish/Subscribe
B        Point-to-Point
C        Topic Messaging
D        Instant Messaging
E        You wouldn't use messaging

Choice E is correct.

If you need an instant response you probably wouldn't use messaging. The idea of messaging is that you can send
messages to other applications and let them process the messages in their own time. For this solution it will be better to
use an EJB and directly query the credit card validation server.Choice A suggests that messages will be broadcast (one-
to-many.) For credit card validations, there is no need to broadcast the request. Besides the question says that an"instant
response is required." Messaging is inherently asynchronous. Hence choice A is incorrect.Point-to-Point or P2P is a
one-to-one messaging architecture. JMS does provide APIs that allow send-and-forget and send-and-respond messages.
Though a synchronous request is mimicked here, messaging architecture, unlike RPC models, is not truly synchronous.

Note: In some P2P implementations (where a synchronous response is required using messaging), the sender puts the
message in a queue. The receiver polls its queue and reads the message. The receiver then sends a response to another
queue, which the sender is polling for responses and so on. So though the credit card validation can be achieved
through P2P messaging, if a synchronous RPC call is available, that would be the preferred option.Topic Messaging is
the same as Publish Subscribe. Hence choice C is incorrect. Instant Messaging refers to a method of chatting on the
Internet. Hence choice D is incorrect.




97        You are working for a company that aims to provide its customers with the facility to buy and sell shares
online. You have been looking through the requirements document and notice that the process of selling/transferring
shares is very complicated due to the constant price change. Hence you are required to control transactions at a very
fine level of granularity. Should you use CMT or BMT?CMT = Container Managed TransactionBMT = Bean Managed
Transaction

A        CMT
B        BMT

Choice B is correct.

BMT gives you the developer much greater control over the transaction. As the developer, you can start the transaction
where you want and end it where you want.CMT does however give you the advantage of not having to worry about
code related to the transaction you can just focus on the business logic instead.The following is taken from:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.html

In a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the
transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions
instead. Although beans with container-managed transactions require less coding, they have one limitation: When a
method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will
make coding your bean difficult, you should consider using bean-managed transactions.
98       You have contracted by a company to assess an application currently deployed in production. The application
meets all of the company's original requirements and is coping well with the current number of users. The company is
quite happy with it. It has been written using PERL and CGI scripts and there are no transactions in this system. What
do you recommend they do?

A        Migrate the solution to ASP based solution.
B        Migrate the solution to JSP and Servlets. In the future this will be more maintainable solution.
C        Keep it the way it is.
D        Migrate to JSP/Servlets and an Application server. In the future this will be more maintainable solution.

Choice C is correct.

The key to this question is:The application meets all of the company's original requirements and is coping with current
number of users. The company is quite happy with it.There is no need to change an application that does everything it
is supposed to do. Choice B is technically correct, JSP and Servlets will be more maintainable than PERL/CGI scripts
but it is not the most appropriate answer. Choice D isn't correct for the same reasons as choice B, in addition to the fact
that there appears to be no clear need for using an Application Server (there are no transactions and there is no mention
of persistence requirements.) Choice A is also incorrect for the same reasons as choice B.




99       You have been contracted by a company to examine an existing system. It consists of PL/SQL stored
procedures a JSP/Tomcat cluster of web servers and an Oracle database. The owners are saying that maintenance is
their biggest problem, every time they try and change code they run into problems. What do you recommend they do?

A        Move the PL/SQL business logic into Servlets
B        There shouldn't be any problems with maintenance as the business logic has already been separated from the
presentation and data store (PL/SQL stored procedures).
C        Separate the business logic by using an Application Server.
D        Look through the code making sure it is structured well and commented, separating any duplicated code into a
common class.

Choice C is correct.

The key to this question is that the business logic has been implemented as PL/SQL stored procedures. This means
there is a tight coupling between the data store and the business logic. This will have a direct affect on the maintenance
of the application. To improve this the best thing to do would be move the business logic from the PL/SQL scripts to an
Application Server and use Enterprise Beans. Another reason why this is the best choice is because they are already
using JSP and Tomcat web servers. So the Application Server will integrate well into this solution. You could move the
business logic into Servlets as suggested in choice A but this would create tight coupling between the business logic
and presentation code. The application would still be hard to maintain, with problem areas at a different place. Choice
B is incorrect as there is tight coupling between the data store and business logic. Even if the code is properly
structured and commented there will still be tight coupling between the data stoe and business logic so choice D is
incorrect.
100      You have a method that can execute in a transaction as part of that transaction but it doesn't matter if it doesn't.
What is the correct attribute in the deployment descriptor?

A        Supports
B        Not Supported
C        Mandatory
D        Required
E        Leave is empty as this is the default setting

Choice A is correct.

A method must support execution within a transactional scope, if it is to be executed as part of a transaction. The word
'supports' also implies that although it can be part of a transaction, it doesn't have to. 'Not Supported' implies the
method cannot be executed as part of a transaction. 'Mandatory' and 'Required' imply that the method must be executed
as part of a transaction. Leaving the deployment descriptor empty is not the default setting for 'supports.'



101      What do Isolatable and Durable mean with reference to ACID?

A        Isolatable means only 1 transaction can execute at a time.
B        Isolatable means the transaction is the same as other transactions in structure.
C        Isolatable means a transaction must execute without the interference from other processes or transactions.
D        Isolatable means the transaction was started and finished in the same VM.
E        Durable means the transaction is the same as other transactions in structure.
F        Durable means the integrity of the underlying data source is maintained.
G        Durable means data must be written to the data source before the transaction is complete.
H        Durable means the transaction was started and finished in the same VM.

Choices C and G are correct.ACID stands for Atomic, Consistent, Isolatable and Durable. All transactions must adhere
to this. Isolatable means a transaction must execute without the interference from other processes or transactions. And
Durable means data must be written to the data source before the transaction is complete.



102      You are writing an application that will allow people to communicate directly with each other. The application
will consist of a frame with two panels, they will type their messages in the top panel and read messages in the bottom
panel. What is the best way to implement this application, as an Applet or a standard Java application?

A        As an Applet.
B        As a standard Java application.

Choice B is correct.

The reason for choosing the standard Java application over an Applet is all due to security restrictions. In the question
is says that the users will need to communicate directly with each other, not back to the server from which the applet
was downloaded. This wouldn't be allowed under standard Applet security permissions and although the security
settings can be fully customized to allow applets to connect to different machine that is not what applets were designed
for. Another key point to the question is that there is no requirement that this communication tool be made available
over the web. So creating this as a standard Java application is the most appropriate choice.




103      What is true about CMT (Container Managed Transactions)?
A        Works for both Entity and Session beans.
B        It is more flexible than BMT. Can handle transactions at a much finer granularities than BMT.
C        It is less flexible than BMT. Cannot handle transactions at a finer granularity than BMT.
D        Does not work for both Entity and Session beans.


Choices A and C are correct.

Entity Beans can only use Container Managed Transactions (CMT) but Session Beans can use either CMT or Bean
Managed Transactions (BMT). So choice D is the other way around. CMT is less flexible than BMT and cannot handle
transactions at the same level of granularity as BMT, so choice B is incorrect as well.The following is taken
from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction3.htmlIn an enterprise bean with container-managed
transactions, the EJB container sets the boundaries of the transactions. You can use container-managed transactions
with any type of enterprise bean: session, entity, or message-driven. Container-managed transactions simplify
development because the enterprise bean code does not explicitly mark the transaction's boundaries. The code does not
include statements that begin and end the transaction.http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.htmlIn
a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the
transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions
instead. Although beans with container-managed transactions require less coding, they have one limitation: When a
method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will
make coding your bean difficult, you should consider using bean-managed transactions.



104      You are developing an online shopping store for an art gallery. The company aims to bring fine art to the
masses and expects a huge volume of traffic through the site. The site allows customers to pay for goods and arrange
delivery methods using credit cards. You have read through the requirements and have a rough design in your head.
Which of the following is the most appropriate rough design for this site?

A       Have an Entity Bean to represent the customer. Use a Servlet to manage the users session and use BMT to
manage the transactions.
B       Have an Entity Bean to represent the customer. Use a Stateful Session Bean to manage the users session and
use BMT to manage the transactions.
C       Have an Entity Bean to represent the customer. Use a Servlet to manage the users session and use CMT to
manage the transactions.
D       Have an Entity Bean to represent the customer. Use a Stateful Session Bean to manage the users session and
use CMT to manage the transactions.

Choice C is correct.

The key to this question is the choice of Transactions Bean Managed Transactions or Container Managed Transactions.
There is no need to control transactions at a fine level of granularity and Entity Beans cannot take part in BMT. Hence
CMT may be a better choice. The Servlet is a more appropriate choice for handling the users session however you
would still need another Stateful Session Bean for the business logic of the application.The following is taken
from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction3.htmlIn an enterprise bean with container-managed
transactions, the EJB container sets the boundaries of the transactions. You can use container-managed transactions
with any type of enterprise bean: session, entity, or message-driven. Container-managed transactions simplify
development because the enterprise bean code does not explicitly mark the transaction's boundaries. The code does not
include statements that begin and end the transaction.http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.htmlIn
a bean-managed transaction, the code in the session or message-driven bean explicitly marks the boundaries of the
transaction. An entity bean cannot have bean-managed transactions; it must use container-managed transactions
instead. Although beans with container-managed transactions require less coding, they have one limitation: When a
method is executing, it can be associated with either a single transaction or no transaction at all. If this limitation will
make coding your bean difficult, you should consider using bean-managed transactions.
105      When would you use the DAO pattern in regards to a Stateful Session Bean?

DAO = Date Access Object CMP = Container Managed Persistence BMP = Bean Managed Persistence

A        When using CMP to reduce dependence on underlying data store.
B        When using BMP to reduce dependence on underlying data store.
C        When using BMP to increase performance.
D        When using CMP to increase performance.
E        You wouldn't use a DAO with Stateful Session Beans.
F        When writing to a temporary store when ejbPassivate() is called

Choice E is correct.

You would normally use a DAO with BMP Entity Beans or Stateless Session Beans. Entity Beans permanently persist
data and can survive server crashes. Choices C and D are incorrect because you would never use a DAO with CMP
irrespective of the type of bean you were dealing with. The Data Access Object does not improve the performance of
your application.When you use Bean Managed Persistence you are writing all the SQL needed to persist the bean
yourself. This means that you are using database specific SQL and the same SQL might not work with a different
database vendor. For simple operations like Catalog Retrieval, a Stateless Session Bean is often employed with DAO as
well.The flow for such operations often looks like:JSPàController (Request Processor / Request Dispatcher)àService
LocatoràSession BeanàDAOàDatabaseWith both BMP Entity Beans and Stateless Session Beans, the Data Access
Object pattern (DAO) is used to reduce the dependency between Enterprise Beans and the underlying database. This
means that the data object manages the connection to the data source and if the data source changes you only need
update this one object, the change doesn't affect the rest of your application.With Stateful Session Beans, the data is
never permanently stored in a database. Therefore they cannot survive a server crash. Stateful Session Beans, as the
name suggests, are used for maintaining conversational state with clients. They are generally more expensive in terms
of resources (they are not pooled) and are therefore not normally used for simple database operations such as catalog
retrieval.




106      What is the most important item in this list that should be considered when designing an application?

A        Scalability
B        Maintainability
C        Reliability
D        Meeting the needs of the customer
E        Performance
F        Ensuring the application is produced on time and within budget
G        Secure
H        That the application is technically the best possible solution
I        Availability
J        Extensibility


Choice D is correct.

The most important consideration when designing an application is that it meets the needs of the customer. Ensuring
the application is produced on time and within budget is something that should be done but it is not the number one
concern. The application does not have to be the best possible solution under the circumstances. As long as it meets the
customer''s needs, it is considered adequate. Performance - A measure of the system in terms of response time or
number of transactions per unit time. Load Distribution (e.g. DNS Round Robin) and Load Balancing are two
techniques that aid in higher performance. Other development and deployment related tasks such as Application
Tuning, Server Tuning, and Database Tuning also help the system perform better.Scalability - The ability of a system
to perform and behave in a satisfactory manner with increases in load.Reliability - The ability of a system to assure the
integrity and consistency of the application and all its data as the load increases.Availability - The ability of a system to
assure that all services and resources are always accessible. This can be achieved through fault tolerance (the ability to
prevent system failures in the event of service(s) / component(s) failures, commonly implemented via redundancy)
techniques such as Active and Passive Replication.Extensibility - The ability to easily add new functionality to the
existing system. This can be achieved by using best practices and well-defined architecture and design
techniques.Maintainability - Ability to easily correct flaws in the existing system.Security - The ability to protect a
system and all its components and services against potential attacks. Security attacks generally try to compromise
confidentiality and integrity of the system. Sometimes they also take the form of 'Denial of Service' (DoS) attacks that
bring down a system by flooding it with messages. Security can be addressed by the use of technologies (firewalls,
DMZ, data encryption, Digital Certificates and so on) and methodologies (good security policies and
procedures.)Manageability - The ability to monitor and perform preventive maintenance on a system.




107      Which list shows the correct order of Enterprise Beans in terms of resources?Note: Heaviest to lightest.

A        Stateful Session Bean, Stateless Session Bean, Entity Bean
B        Entity Bean, Stateful Session Bean, Stateless Session Bean
C        Stateful Session Bean, Entity Bean, Stateless Session Bean
D        Entity Bean, Stateless Session Bean, Stateful Session Bean
E        Stateless Session Bean, Stateful Session Bean, Entity Bean
F        Stateless Session Bean, Entity Bean, Stateful Session Bean


Choice B is correct.

An Entity Bean is the heaviest bean in terms of resources usage. The state of an Entity Bean is permanently persisted in
a database. Making a connection to the database is expensive in terms of CPU time so this bean has to be the most
expensive. Stateful Session Beans maintain their state by the Container writing the beans state to a temporary store
such as a file. Stateless Session Beans are least expensive because they have no state to persist, even temporarily.




108      You need to maintain a user's session for a web application. Which protocol do you use? Note: There is no
secure data in this application.

A        IIOP
B        HTTPS
C        SHTTP
D        HTTP
E        JRMP


Choice D is correct.

This is a trick question. At first you would think that the best possible choice would be to use HTTPS. However all the
question is actually asking is how to maintain a user's session. This can be done through URL re-writing, cookies or
letting the web server handle the session. Most modern web servers can track clients and maintain sessions for them.
There is also no need for the security that HTTPS would give you and as encrypting each users session would be
expensive in terms of CPU time choice B cannot be correct. JRMP and IIOP are Stateful protocols but are not suitable
for web applications.




109       You are designing an application to be used to edit photographs. The aim of the application is to provide
effects such as converting a color picture to black and white, enlarging certain areas of the print, creating a watercolor
effect etc. At the moment the application is structured so that the photographic image is represented by one object,
other objects represent each effect and a control object is used to co-ordinate with these objects. When the user selects
the color to black and white effect it changes the state of the Color object to Black and White. This then needs to co-
ordinate with the control object and apply the effect. Basically as the state of the effects objects changes it need to co-
ordinate with the photographic image object.Which design pattern do you use?

A        Chain of Responsibility.
B        Notifier
C        Observer
D        Mediator
E        Command
F        State

Choice D is correct.

The key to this question is that this application uses a Control object to co-ordinate state changes between objects. The
Mediator pattern allows you to co-ordinate state changes between other objects by using one object. There is no design
pattern called the Notifier in the Gang of Four book or in the J2EE blueprint patterns catalog. Mediator - (GOF
273):"Define an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping
objects from referring to each other explicitly, and it lets you vary their interaction independently."The other patterns
were:Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving more than
one object a chance to handle the request. Chain the receiving objects and pass the request along the chain until an
object handles it."Command - (GOF 233):"Encapsulate a request as an object, thereby letting you parameterize clients
with different requests, queue or log requests, and support undoable operations"State - (GOF 305):"Allow an object to
alter its behaviour when its internal state changes. The object will appear to change its class."Strategy - (GOF
315):"Define a family of algorithms, encapsulate each one, and make them interchangeable. Strategy lets the algorithm
vary independently from clients that use it."


110       You are designing an application that will need to use SSL to transmit data securely from one application to
another. You know that you can easily get hold of existing implementations of SSL to use in your application but you'd
like to learn more about SSL and have decided to implement your own version. You know that as part of the SSL
handshake the client and server must agree a method of encryption. The problem is you don't know which method of
encryption that will be. Which design pattern will help with this? Note: This is not a web-based application.

A        Decorator
B        Interpreter
C        Strategy
D        Composite
E        Template Method

Choice C is correct.
There are really only two possible answers for this question, the Strategy pattern and the Template Method pattern. The
Strategy pattern is the better choice because the algorithms are encapsulated so that they can be used interchangeably.
So you can add RSA, DES, etc. and then during the handshake the server can select the appropriate encryption
object.Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them interchangeable.
Strategy lets the algorithm vary independently from clients that use it."The other patterns were:Interpreter - (GOF
243):"Given a language, define a representation for its grammar along with an interpreter that uses the representation to
interpret sentences in the language."Decorator - (GOF 175):"Attach additional responsibilities to an object dynamically.
Decorators provide a flexible alternative to subclassing for extending functionality."Composite - (GOF 163):"Compose
objects into tree structures to represent part-whole hierarchies. Composite lets clients treat individual objects and
compositions of objects uniformly."Template Method - (GOF 325):"Define the skeleton of an algorithm in an
operation, deferring some steps to subclasses. Template Method lets subclasses redefine certain steps of an algorithm
without changing the algorithm's structure."



111       You are a Computer Science lecturer at a top University. You are giving a presentation of a new piece of
software you have written. Basically you have written the next generation spell checker, the reason yours is so good is
that it can learn the common typing mistakes of an individual user. You have already sold licenses to many major
software vendors and plan to retire in the Sun. However before you go they all require slight changes in the logic to suit
their individual needs. What design pattern will help you slightly change the logic in a class to be used in many
applications?

A        Strategy
B        Adapter
C        Mediator
D        Interpreter
E        Template Method

Choice E is correct.

Template Method - (GOF 325):"Define the skeleton of an algorithm in an operation, deferring some steps to subclasses.
Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure."The
other design patterns:Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them
interchangeable. Strategy lets the algorithm vary independently from clients that use it."Mediator - (GOF 273):"Define
an object that encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from
referring to each other explicitly, and it lets you vary their interaction independently."Interpreter - (GOF 243):"Given a
language, define a representation for its grammar along with an interpreter that uses the representation to interpret
sentences in the language."



112      When would you use the Visitor pattern?

A         You need two unconnected objects to be able to send messages to each other.
B         You need two connected objects to be able to send messages to each other.
C         You need to create a new operation on an object and you will change the classes of elements on which it
operates.
D         You need to create a new operation on an object without changing the classes of elements on which it
operates.


Choice D is correct.

To solve the problem described in choice A, you would use the Adapter pattern. There is no problem described in
choice B as the objects are already connected and would be able to send messages to each other. In the Visitor pattern
you don't change the classes of elements on which it operates.Visitor - (GOF 331):"Represent an operation to be
performed on the elements of an object structure. Visitor lets you define a new operation without changing the classes
of the elements on which it operates."




113      You have been reading the Gang of Four pattern book again and you suddenly notice a similarity between a
design pattern and publish-subscribe messaging. What design pattern is similar to publish-subscribe messaging?

A        Publisher pattern.
B        Flyweight pattern.
C        Observer pattern.
D        Chain of Responsibility pattern.
E        Subscribe pattern.
F        Visitor pattern.
G        Proxy pattern.

Choice C is correct.

The observer pattern is similar to publish-subscribe messaging. There are no patterns called Publisher or Subscribe in
the Gang of Four pattern book.Observer - (GOF 293):"Define a one-to-many dependency between objects so that when
one object changes state, all its dependents are notifies and updated automatically."The other patterns were:Visitor -
(GOF 331):"Represent an operation to be performed on the elements of an object structure. Visitor lets you define a
new operation without changing the classes of the elements on which it operates."Chain of Responsibility - (GOF
223):"Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the
request. Chain the receiving objects and pass the request along the chain until an object handles it."Flyweight - (GOF
195):"Use sharing to support large numbers of fine-grained objects efficiently."Proxy - (GOF 207): "Provide a
surrogate or placeholder for another object to control access to it."Publish Subscribe Messaging: Generally Pub/Sub is
used when a one to many broadcast of messages is required. 'Producers' sends messages to many clients via virtual
channels called 'Topics.' 'Consumers' receive messages by subscribing to topics. Consumers receive a copy of all
messages in the topic they have subscribed to. The Publish Subscribe Architecture is generally a push-based model.
Consumers may optionally establish 'durable' subscriptions that allow them to collect messages after periods of
inactivity.




114      Which statements describe Publish-Subscribe Messaging and which describe Point To Point Messaging?

A        Publish-Subscribe Messaging is a message queue system.
B        Publish-Subscribe Messaging = One sender and one receiver.
C        Point To Point Messaging = N senders and one receiver.
D        Publish-Subscribe Messaging = 1 sender and n receivers.
E        Point To Point Messaging is a message queue system.
F        Point To Point Messaging = One sender and one receiver.


Choices D and F are correct.

Publish/Subscribe is like someone publishing one message on a bulletin board and that message being read by/emailed
to many subscribers. (One - many). Point to point messaging is a one-to-one relationship e.g. a message from one
application to another. (From one point to one other point)For more detailed explanations:Publish Subscribe
Messaging: Generally Pub/Sub is used when a one to many broadcast of messages is required. 'Producers' sends
messages to many clients via virtual channels called 'Topics.' 'Consumers' receive messages by subscribing to topics.
Consumers receive a copy of all messages in the topic they have subscribed to. The Publish Subscribe Architecture is
generally a push-based model. Consumers may optionally establish 'durable' subscriptions that allow them to collect
messages after periods of inactivity.Point-to-Point Messaging: Point-to-point: The point to point messaging model
allows both 'send and receive' and 'send and forget' messages, via virtual channels called 'queues.' The p2p model
typically uses a 'pull' or 'polling' model. In this model, clients generally request messages from queues.




115     As part of an application you are developing you need to move the state of an object but not its behavior. What
should you use?

A        HTTPS
B        CORBA
C        RMI
D        JRMP
E        IIOP

Choice B is correct.

CORBA only moves the state of an object but RMI moves the objects behavior as well. Choice A is not appropriate as
it is a stateful protocol and is not a framework for moving objects. Choices D and E are incorrect as they are both
names of protocols used by RMI and CORBA respectively. These are both protocols, not frameworks for moving
objects.




116      Which of the following is an accurate description of what the java.text package used for with regards to
Internationalization?

A        Contains dictionaries of foreign languages.
B        Contains classes used to read text in foreign languages.
C        Contains classes that support locale-specific manipulation of text.
D        Contains classes used to convert text into languages that use special symbols.

Choice C is correct.

The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/text/package-summary.htmlProvides classes and
interfaces for handling text, dates, numbers, and messages in a manner independent of natural languages. This means
your main application or applet can be written to be language-independent, and it can rely upon separate, dynamically
linked localized resources. This allows the flexibility of adding localizations for new localizations at any time.




117      Which of the following statements about the Properties class are true?

A        Is used to get access to local system resources such as files etc
B        To store information about the program, like an external configuration file.
C        It should only be used to store Strings.
D        It should be used to store all types of objects.

Choice C is correct.
Although choice D is technically correct this kind of use is strongly discouraged (see below for an explanation). The
Properties class stores no information about the Program and gives you no access to local system resources so choices
A and B are incorrect.The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/util/Properties.htmlThe
Properties class represents a persistent set of properties. The Properties can be saved to a stream or loaded from a
stream. Each key and its corresponding value in the property list is a string. A property list can contain another property
list as its "defaults"; this second property list is searched if the property key is not found in the original property list.
Because Properties inherits from Hashtable, the put and putAll methods can be applied to a Properties object. Their use
is strongly discouraged as they allow the caller to insert entries whose keys or values are not Strings. The setProperty
method should be used instead. If the store or save method is called on a "compromised" Properties object that contains
a non-String key or value, the call will fail.




118       You've designed an application that allows customers to buy chapters of e-books. Due to the success of the
project this will be launched as a worldwide application. You need to be able to get access to the users environment to
tell what language your application should display the text in. What class will help you do this?

A        Localization class
B        Properties class
C        Locale class
D        National class
E        International class
F        Environment class
G        Runtime class

Choice C is correct.

There are no classes called Localization, National, International and Environment as part of the Java Development Kit.
The following is taken from:http://java.sun.com/j2se/1.3/docs/api/java/util/Locale.htmlA Locale object represents a
specific geographical, political, or cultural region. An operation that requires a Locale to perform its task is called
locale-sensitive and uses the Locale to tailor information for the user. For example, displaying a number is a locale-
sensitive operation--the number should be formatted according to the customs/conventions of the user's native country,
region, or culture.The Properties class represents a persistent set of properties. The Properties can be saved to a stream
or loaded from a stream. Each key and its corresponding value in the property list is a string.Every Java application has
a single instance of class Runtime that allows the application to interface with the environment in which the application
is running. The current runtime can be obtained from the getRuntime method.




119      What is true about the following diagram?




A        Class1 has a public attribute called AnAttribute
B        Class1 has a private attribute called AnAttribute
C        Class2 has a public attribute called AnAttribute
D        Class2 has a private attribute called AnAttribute
Choice D is correct.

The diagram shown here is a class diagram. Attributes are shown above methods. The symbols used to describe
visibility in UML are:+ public, # protected, - privateFor more information about UML please go
to:http://www.uml.org/




120       You have been developing a 3-Tier web application to sell imported cars at huge discounts to customers. You
have many types of customers, ranging from individuals to corporate customers. You have Entity Beans to represent
the Cars and Stateful Session Beans for the business logic involved in pricing and selling a car. In the Session Bean
there are methods that apply discounts depending on who the customer is. You only want the client to be able to
execute these methods for corporate customers. Is it possible to specify which methods can and can't be executed on a
Session Bean or will this kind of security need to be coded by the developer?

A        Yes this is possible.
B        No this will need to be coded by the Developer.
C        It is not possible to do this even by writing you own code.

Choice A is correct.

It is possible to specify who is allowed to access to business methods. Firstly you define security roles e.g.
<security-role>
          <description>A corporate customer</description>
          <role-name>Corporate</role-name>
</security-role>

Then you can grant method permissions, e.g.
<method-permission>
        <role-name> Corporate</role-name>
        <method>
                <ejb-name>CarSale</ejb-name>
                <method-name>ApplyDiscount</method-name>
        </method>
</method-permission>




121      What type of diagram is this diagram?

A        Deployment
B        Collaboration
C        Component
D        Activity

Choice C is correct.

The diagram shown here is a Component diagram. To see examples of other diagrams please visit:http://www.uml.org/



122      You work colleague is always boasting about how fast his PC is. So as a lighthearted joke you decide to write
an applet to slow his PC down. Basically you are going to write an applet that tries to work out the square roots of huge
numbers. In order to use up his resources, your applet will spawn a new thread every twenty to thirty seconds. Will this
work or would the Java security manager stop it.

A         It will work.
B         The security manager kill the Applet as soon as it tries to use more resources than are specified in the
security.policy file.
C         The Applet will only use up the memory it's initially allocated and therefore won't use up any more resources
than that.

Choice A is correct.

Although Applets have very tight restrictions and execute within a sandbox they can actually use as many system
resources as the operating system allows them. There is no reference to the amount of memory an Applet can use in the
security.policy file so choice B is incorrect. Choice C is almost right but not the most appropriate choice. The operating
system will allocate memory initially for the JVM to run in but it is possible for this to be extended once the JVM is
running but this is entirely dependent on the operating system.




123     You have been given a JAR file that has been signed by a 3rd Party Vendor. A Trusted Certificate Authority
(CA) has signed the 3rd Party Vendors certificate. Is it possible to add any more classes to this JAR file?True/False?

A        Yes
B        No

Choice A is correct.

When you sign a JAR file you are not signing the JAR file itself but individual files it contains. This means you can use
a tool like WinZip to add new files (classes, images etc) to the existing JAR file without necessarily invalidating the
signature. Note: The files that have been added won't be signed.

________________________________
Done upto here on 22.2.03

124      You are working on a new application that will help your company co-ordinate sales data across different
departments. The aim is that everyone has the same sales data at the same time. This project needs to be finished as
soon as possible. You have therefore bought some third party code to speed up the development process. The code has
been signed and is packaged in a jar file. To test the signature the vendor of the software has emailed you the public
key. What do you know about it?

A        The code is fully tested and performs the task it was designed for.
B        The jar file contains no malicious code.
C        The code could not have been modified after it was signed.
D        If the public key doesn't validate the signature then you know all the code is malicious.
E        The code could not have been modified after it was signed.
F        If the public key validates the signature then you know all the code is safe.
G        None of the above.

Choice G is correct.

There are two key elements to this question. Firstly this is a question about digital signatures, not digital certificates and
secondly you were emailed the public key to validate the signature. You haven't been passed the public key in a secure
fashion so how do you know that someone hasn't altered the code signed it and then intercepted the key that you were
going to use to validate the signature. Digital certificates solve this problem and validate that a public key belongs to its
real owner.Just because the code is signed it doesn't mean that it is fully tested and does what it is supposed to do.
Choices B, C, D, E and F are incorrect because you don't know if you have the real public key to validate the signature.




125      You should use EJBs even if there is NO data to persist in your application but there are
transactions.True/False?

A        TRUE
B        FALSE

Choice A is correct.

It is recommended that you use Enterprise Javabeans if Transactions are involved in the application. See below for
more details.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/EJBConcepts2.htmlThe
application must be scalable. To accommodate a growing number of users, you may need to distribute an application's
components across multiple machines. Not only can the enterprise beans of an application run on different machines,
but their location will remain transparent to the clients. Transactions are required to ensure data integrity. Enterprise
beans support transactions, the mechanisms that manage the concurrent access of shared objects. The application will
have a variety of clients. With just a few lines of code, remote clients can easily locate enterprise beans. These clients
can be thin, various, and numerous.



126      In EJB 2.0 what is the Component interface?

A        The interface that Message-Driven Beans must implement
B        There is no component interface in EJB 2.0.
C        The new name for the Home interface.
D        The new name for the Remote interface.

Choice D is correct.

Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of
the SCEA.Message-Driven beans don't implement any interfaces in EJB 2.0. The Component interface is the new name
for the Remote interface as introduced in the EJB 2.0 specification.Remote Interface (Component Interface in EJB 2.0):
Defines the Bean's business methods. The Remote Interface extends javax.ejb.EJBObject.Home Interface: Defines the
Bean's life cycle methods - creation, location and removal. The Home Interface extends javax.ejb.EJBHome. Note that
the create method is optional for Entity Beans. This is useful when you do not want to clients to be able to insert data
into the database.



127      You are working on a new application that will help your company co-ordinate sales data across different
departments. The aim is to have everyone access the same sales data at all times. This project needs to be finished as
soon as possible and you have bought some third party code to speed up the development process. The code has been
signed using a digital certificate and packaged in a jar file. What do you know about it? Note: Digital certificates have
been provided that have been signed by a trusted Certificate Authority.

A        The jar file contains no malicious code.
B        The jar file was signed by the 3rd party vendor
C        The jar file contents may contain malicious code.
D        Someone impersonating the 3rd party vendor may have signed the jar file.
E        The code is fully tested and performs the task it was designed for.
Choice C is correct.

All you actually know is that the code has been signed using the 3rd party vendors private certificate. You don't know
that it was actually signed by the 3rd party vendor. For example if the certificate was copied or stolen then there is no
guarantee that the thief hasn't distributed code signed with the stolen certificate. The jar file may contain malicious
code or it may not, that is all you can guarantee. Just because code is signed doesn't mean it is fully tested and does
what it was supposed to do. Choice E is therefore incorrect.




128       You have been contracted by a movie memorabilia company to set up an online shop. The company buys bulk
goods from movie sets (stage props, costumes, gadgets etc), splits them into single items and then auctions them. The
company used to hire sports halls or community centers to auction items in a traditional manner. They predict that by
moving to an online solution they will reach a wider audience and make a greater profit despite the initial investment
that the new system will involve. What is the most suitable initial design in the list below?

A        The business logic will be handled in a Servlet
B        The business logic will be handled in a Stateful Session Bean
C        Use Container Managed Transactions
D        Use Bean Managed Transactions
E        The customer will be represented wth an Entity Bean
F        There is no need for a customer bean as a customers interaction with the site is just business logic and will be
handled in the Servlet/Stateful Session Bean
G        Use Container Managed Persistence
H        Use Bean Managed Persistence
I        The sale items will be represented with an Entity Bean
J        The sale items will be stored directly on a database

Choices B, D, E, G and I are correct.

This is question is really 5 mini questions. If the business logic is put into the Servlet you are creating Fat clients with
presentation and business logic tightly coupled. Therefore it is more appropriate to use a Stateful Session Bean
especially since the Bean can be used in the Session Façade pattern (See below). The site is an online auction site with
bids being placed at different times. This implies that transactions will need to be handled at a very fine level of
granularity therefore Bean Managed Transactions is the most appropriate choice.

The customer and sales items both need to be persisted so they should be implemented as Entity Beans. The Entity
Beans (customer and sales items) would not be complicated objects so Container Managed Persistence would be the
better choice.Session Façade:A client should never"talk" directly to an Entity EJB. Instead a Session to Entity pattern
called a Session-Façade should be used. As the name suggests, this pattern is based on the GoF Façade pattern. The
Session Facade provides a simple interface to a complex subsystem. The simple interface is the Session Bean and the
Complex subsystem is the Entity Bean. The client talks to the Session Bean, which in turn communicates with the
Entity Bean.




129        You have an application that is running in a DMZ that your company has set up. There are two firewalls, the
first filters out packets based on destination ports other than port 80 (allows standard HTTP requests). The second
filters out packets based on the origin IP address (only allows company IP addresses through). Can you connect to the
application running in the DMZ from your Home computer?
Note: The application running in the DMZ is on port 80. True/False?

A        True
B        False

The above statement is True.

DMZ stands for Demilitarized zone. To set up a DMZ you need two firewalls and you create 3 separate regions. The
different regions are the internet, DMZ (in the middle) and the third is your network. You would have a server in the
DMZ that is accessible to both the public and your network. The internet may not access your network but they can
access the server in the DMZ. Your network must access the internet through the server in the DMZ.The key to this
question is that you are not trying to connect to an application within the second firewall that filters out requests based
on IP address. So you could definitely connect to the application from home.A Useful
link:http://www.saintrochtree.com/network-advices/000004.htm




130     The Enterprise JavaBean 2.0 specification has introduced the notion of local Clients. What are Local Clients
and why were they introduced?

A       Local Clients should be used when the web server is running on the same machine as the application server.
B       Local Clients should be used when Session Beans need to communicate with Entity Beans.t ;Beans in the
same Virtual Machine should use local Clients.
C       Local Clients have been introduced to make testing code easier.
D       Local Clients have been introduced to improve maintainability.
E       Local Clients have been introduced to improve performance.
F       Local Clients should be used when the database is running on the same machine as the application server.

Choices C and F are correct.

Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of
the SCEA.Prior to the Enterprise JavaBean 2.0 specification all Bean clients were seen as remote clients. This meant
that if a Session Bean needed to talk to an Entity Bean inside the same Virtual Machine it would still need to make a
remote call. This obviously had a direct impact on performance. In EJB 2.0 Enterprise Beans can now treat other beans
in the same VM as local clients. Local Clients can access the beans through its local and local home interfaces.Remote
clients use pass-by-value but Local clients use pass-by-reference.For more information please
see:http://java.sun.com/products/ejb/2.0.html




131      Which of the following offers an accurate description of Message-Driven Enterprise Beans?

A       Message-Driven beans are just a new way of describing a JMS message. This has been formalized with the
EJB 2.0 specification.
B       A Message-Driven bean is an enterprise bean that allows J2EE applications to process messages
asynchronously.
C       A Message-Driven bean is an enterprise bean that allows J2EE applications to process messages
synchronously.
D       A Message-Driven bean is used when you need to interact with messaging systems other than JMS.
E       A Message-Driven bean is like a Session Bean except that if the server is busy it will put the Message-Driven
beans' method requests in a queue and execute them one at a time to reduce the load on the Application Server.


Choice B is correct.
Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of
the SCEA.As stated in choice B a Message-Driven bean is an enterprise bean that allows J2EE applications to process
messages asynchronously. Choice C is incorrect because messages are sent asynchronously. Choices A, D and E are all
factually incorrect. For more information about Message-Driven beans see below.The following is taken
from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/EJBConcepts5.htmlA message-driven bean is an enterprise bean that
allows J2EE applications to process messages asynchronously. It acts as a JMS message listener, which is similar to an
event listener except that it receives messages instead of events. The messages may be sent by any J2EE component--
an application client, another enterprise bean, or a Web component--or by a JMS application or system that does not
use J2EE technology. Message-driven beans currently process only JMS messages, but in the future they may be used
to process other kinds of messages.



132      What's the biggest difference between Message-Driven Beans and Entity and Session Beans?

A      There is no difference in structure between Message-Driven Beans and Entity and Session Beans. They all
have Home, Remote interfaces and a bean class.
B      Message-Driven beans don't have a Home interface.
C      A Message-Driven bean is different from Session Beans because its state is persisted.
D      Clients don't access Message-Driven beans through interfaces.

Choices B and D are correct.




Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of
the SCEA.Choice A is incorrect, Message-Driven beans don't have Home or Remote interfaces, they just have a bean
class. The state of Message-Driven beans is not persisted like Entity beans. So choice C is incorrect.The following is
taken from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/EJBConcepts5.htmlThe most visible difference between
message-driven beans and session and entity beans is that clients do not access message-driven beans through
interfaces. Unlike a session or entity bean, a message-driven bean has only a bean class.




133      When should you use Message-Driven Beans?

A        If you need to send any JMS message.
B        When you need to use an external service such as a credit card validation service and performance is essential.
C        When you need to consume JMS messages asynchronously.
D        When you need to send JMS messages synchronously.

Choice C is correct.

Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of
the SCEA.Choice B is incorrect, Message-Driven beans will not increase the performance of a service. Choice D is the
other way around and choice A is factually incorrect.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3-
fcs/doc/EJBConcepts5.htmlSession beans and entity beans allow you to send JMS messages and to receive them
synchronously, but not asynchronously. To avoid tying up server resources, you may prefer not to use blocking
synchronous receives in a server-side component. To receive messages asynchronously, use a message-driven bean.
134     You are developing an application that will have to support a huge number of users. You are worried about the
performance of the application because you need to use many Entity Beans. A work colleague has suggested using the
Value Object design pattern. What is the pattern and how will it benefit you?

A        A snapshot of the state of an Entity Bean at a particular time.
B        An object that is used instead of an Entity Bean. For example if you were going to use a Customer bean you
would create a Customer Value Object and the Application Server would use this instead. A Stateful Session Bean
would control it.
C        An object that is used instead of an Entity Bean. For example if you were going to use a Customer bean you
would create a Customer Value Object and the Application Server would use this instead. A Stateless Session Bean
would control it.
D        There is no such thing as a Value Object design pattern.
E        There is a Value Object design pattern but it would not be appropriate to use it here.
F        A Value Object is the state of an Entity Bean that is kept in memory by the Application Server. (Its state is
periodically persisted.)
G        A Value Object is the state of an Entity Bean that is kept in memory by the Application Server. (Its state is not
persisted and the data becomes stale after a while.)

Choice A is correct.

Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of
the SCEA.Every time you access an Entity Bean there is a significant overhead, as the call must go across the network
and through the container to access the bean. One way to reduce the number of calls you need to make to Entity beans
is by using the Value Object pattern. A Value Object (VO) is a snapshot of the state of an Entity Bean at a particular
time. The idea is that a client will require more than one value from an Entity bean so instead of making several calls to
an Entity Bean a Value Object is created containing all of these values. This Value Object is downloaded by the client
so they can make the same calls only this time locally and directly on the bean. A Value Object is normally
implemented as a JavaBean and is made immutable because there is no data synchronization (the JavaBean only
provides getter methods).




135       Your have been contracted by a company to upgrade their online shopping application. Their site sells health
care insurance to customers at huge discounts. The process of buying insurance is complicated. They have however
tried to simplify it as much as possible for the customer. When the customer arrives at their site to register, they fill out
a 40-question questionnaire covering basic health and lifestyle information. The answers are then used for selecting the
most appropriate level of insurance. (Each customer does NOT get a custom health care insurance agreement; they get
the most suitable one out of a choice of 30). The customer then has the opportunity to purchase the insurance within
seven days before the quote becomes void. Based on the rough description of the system which of the following is the
most suitable design?

Note: This question should be based upon the EJB 2.0 specification.


A        The Customer should be an Entity Bean
B        The business logic should be represented with a Stateful Session Bean.
C        The business logic should be represented with a Servlet.
D        The system should use CMT.
E        Should use BMT.
F        The Health Plan should be an Entity Bean that supports local clients.
G        The Health Plan should be a Stateful Session Bean.
H        The Health Plan should be a Stateful Session Bean that supports local clients.
I       There is no need for Customer Bean as there is no need to store the customers details just the Health Plan they
bought.
J       The Customer should be an Entity Bean that supports local clients.


Choices B, D, F and J are correct.

Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of
the SCEA.The data that needs to be persisted are the customer data and the Customer's Health Plans data (which one
out of the 30 different plans.) Although the process of buying health care insurance sounds complicated (40-question
questionnaire) the data that actually needs to be stored is very simple (customer id, health plan id etc). This means that
CMT is more appropriate than BMT (choice E is therefore incorrect.) There is no benefit in putting the business logic
in a Servlet, there still needs to be a Session Bean to talk to the Customer and Health Plan Entity Beans. It is also
possible to use the Entity Beans local client interfaces (introduced in EJB 2.0) which will improve the performance of
the application.




136      What are the benefits of synchronous messaging?

A        Less coupling between the sender and receiver.
B        Network doesn't have to be available.
C        Does not block the sender.
D        Good for transaction processing.

Choice D is correct.

Choices A, B and C are all describing asynchronous messaging. Synchronous, tightly coupled communication between
distributed components: This is the model of CORBA, RMI, EJB and so on. The programming model is called Remote
Procedure Call (RPC).Asynchronous, loosely coupled communication between components: This is the Message
Oriented Middleware or MOM model. The programming model is called Messaging.




137      Can you use BMT (Bean Managed Transactions) with Entity Beans?True/False?

A        Yes
B        No

Choice B is correct.

Entity Beans can only use Container Managed Transactions (CMT) but Session Beans can use either CMT or Bean
Managed Transactions (BMT). CMT is less flexible than BMT and can't handle transactions at the same level of
granularity as BMT.The following is taken from:http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction3.htmlIn an
enterprise bean with container-managed transactions, the EJB container sets the boundaries of the transactions. You can
use container-managed transactions with any type of enterprise bean: session, entity, or message-driven. Container-
managed transactions simplify development because the enterprise bean code does not explicitly mark the transaction's
boundaries. The code does not include statements that begin and end the
transaction.http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Transaction4.htmlIn a bean-managed transaction, the code in
the session or message-driven bean explicitly marks the boundaries of the transaction. An entity bean cannot have
bean-managed transactions; it must use container-managed transactions instead. Although beans with container-
managed transactions require less coding, they have one limitation: When a method is executing, it can be associated
with either a single transaction or no transaction at all. If this limitation will make coding your bean difficult, you
should consider using bean-managed transactions.




138      How has Container-Managed Persistence Changed from EJB 1.1 - 2.0?

A        There has been no change with CMP but BMP has changed.
B        The performance of CMP has been improved so it no now more efficient than BMP.
C        The Bean class is now an abstract class.
D        You no longer need a deployment descriptor.
E        CMP doesn't exist in EJB 2.0 because BMP out performs CMP.
F        You define the fields to be persisted in the Remote interface.
G        You define the fields to be persisted in the Home interface.

Choice C is correct.

Note: This type of question will not be in the EJB 1.1 version of the SCEA but is likely to be in the EJB 2.0 version of
the SCEA.The following is taken
from:http://developer.java.sun.com/developer/technicalArticles/ebeans/EJB20CMP/Prior to the EJB 2.0 specification, a
client stored and accessed persistent data via an entity bean's instance variables. With the introduction of the 2.0
specification, you can designate instance variables to be container-managed persistence fields (cmp fields) or container-
managed relationship fields (cmr fields). You define these cmp and cmr fields in the deployment descriptor. You
retrieve and set the values of these cmp and cmr fields using public get and set methods defined in an entity bean.
Similar to the JavaBeans model, you do not access the instance variables directly, but instead use the entity bean's get
and set methods to retrieve and set these instance variables. (An enterprise bean does not declare these instance
variables.) Furthermore, you use the deployment descriptor to specify the relationships between entity beans. These
relationship specifications serve as the schema definition, so that when the bean is deployed, the bean relationships may
be captured in a relational database. For example, a relationship between two beans specified in the deployment
descriptor may appear as a foreign key relationship in a relational database. Choice A is incorrect because CMP has
been reviewed in EJB 2.0. Choices F, G and D are incorrect as specified in the above paragraphs. The performance of
CMP has improved but not to the point where it is more efficient than BMP so choice B and E are incorrect.




139      What are the benefits of the J2EE Blueprints Fast Lane Reader design pattern and when should it be used?

A        When you the performance of an application is essential and you need to perform lots of read/write actions.
B        Should be used when reading large amounts of read only data.
C        Increases maintainability.
D        Should be used when you need to access data that becomes stale very quickly.
E        Can reduce the amount of code needed.
F        Increases the amount of code needed.

Choices B and E are correct.The following is taken

from:http://java.sun.com/blueprints/patterns/FastLaneReader.htmlSometimes applications access data in a tabular
fashion, such as when browsing a catalog or a list of names or when exporting data in batches for use elsewhere. This
kind of data access is usually read-only. In such situations, using entity beans to represent persistent data incurs
overhead and provides little benefit. Entity beans are best for coarse-grained access to individual business entities, and
are not effective for read-only access to large quantities of tabular data. The Fast Lane Reader design pattern provides a
more efficient way to access tabular, read-only data. A fast lane reader component directly accesses persistent data
using JDBCTM components, instead of using entity beans. The result is improved performance and less coding,
because the component represents data in a form that is closer to how the data are used. Choice F is incorrect because
the Fast Lane Reader can reduce the amount of code needed. Choice C is not the most appropriate answer because
although there is less coding involved it does not have a direct affect on the maintainability of the application. (It may
even reduce maintainability by increasing the coupling between the data store and business logic). Choice A is
incorrect because the Fast Lane Reader pattern should only be used with Read Only data. Although choice D is feasible
it is not the most appropriate choice.



140      In which of the following situations would you use the Observer pattern?

A         When you need to have objects notified of events but you don't know which objects would have such needs, or
if you will need to add more objects to receive such notification, at a later date.
B         You want one object to monitor when the state of another object but you don't want the object being
monitored to need to send any messages regarding its state.
C         When the instances of your class can be use interchangeable and you want to reduce the number of instances
created in order to improve performance.
D         You are building an online auction site to sell rare and collectable toys. You want customers to be notified of
bids on items they are bidding for in as close to real time as possible. You would use the Observer pattern to notify the
customer objects of changes in the auction object.
E         When you need to co-ordinate state changes between other objects by using one object.

Choices A and D are correct.

The observer pattern is used to notify an objects dependents' when that object changes state. Choice E is a description
of the Mediator pattern. Choice C is incorrect because the Observer pattern does not reduce the number of instances
you need to create. Choice B is almost correct except that messages are sent when the object being monitored changes
state.Observer - (GOF 293): "Define a one-to-many dependency between objects so that when one object changes state,
all its dependents are notifies and updated automatically."Mediator - (GOF 273):"Define an object that encapsulates
how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each other
explicitly, and it lets you vary their interaction independently."




141     You need to access a complex object in a recursive way…building the object from other objects. This is an
example of which pattern?

A        Abstract Factory
B        Factory Method
C        Builder
D        Composite
E        Recursive Builder

Choice D is correct.

This is a bit of a trick question; you would assume that you would need to use a creational pattern such as the Builder
or Abstract Factory to do this <Prototype could be applicable as well, if we are not building a family or an aggregate
object, but simply prototyping existing objects>. The key is that you need to recursively build a composite object from
other objects. This is an example of the Composite pattern. There is no such pattern as the Recursive Builder so choice
E is incorrect.Composite - (GOF 163): "Compose objects into tree structures to represent part-whole hierarchies.
Composite lets clients treat individual objects and compositions of objects uniformly."The other patterns were:Abstract
Factory - (GOF 87):          "Provide an interface for creating families of related or dependent objects without specifying
their concrete classes."Factory Method - (GOF 107): "Define an interface for creating an object, but let subclasses
decide, which class to instantiate. Factory Method lets a class defer instantiation to subclasses."Builder - (GOF 97):
"Separate the construction of a complex object from its representation so that the same construction process can create
different representations."&&Sanjay"need to build a complex object" almost certainly suggests that we are talking
about a creational pattern. I understand the tricky nature of the question, however I was wondering if the question
needed to be reworded as"accessing a complex object" or something. Has been updated




142      When would you use the Flyweight pattern?

A        When you need classes to be notified of events but you don't know which classes or if you will need to add
more at a later date.
B        When the instances of your class can be used interchangeably and you want to reduce the number of instances
created in order to improve performance.
C        When the instances of your class cannot be used interchangeable and you need to convert them so that they are
interchangeable.

Choice B is correct.

Choice A is a description of the Observer pattern. Choice C is incorrect because the instances of your class can be used
interchangeably in the Flyweight pattern.Flyweight - (GOF 195):"Use sharing to support large numbers of fine-grained
objects efficiently."



143      You are currently designing your own Desktop Publishing application, as you have not found any that do
exactly what you want with existing applications. As part of the design you are using a Controller to which you send all
GUI requests. Not all objects can process the same commands. For example you can't select the spell check tool when
an image has the focus. To stop any possible errors you would like to filter out some of the messages as they are passed
from these objects to the Controller object. What pattern could you use?

A        Firewall
B        Proxy
C        Adapter
D        Observer
E        Chain of Responsibility
F        Filter

Choice B is correct.

Firewall and Filter are not design patterns. In this scenario what you are essentially trying to do is filter all packets that
don't meet a certain set of requirements. This behavior is just like a Proxy server dropping packets from certain IP
address etc.Proxy - (GOF 207): "Provide a surrogate or placeholder for another object to control access to it."The other
patterns:Adapter - (GOF 139):"Convert the interface of a class into another interface clients expect. Adapter lets classes
work together that couldn't otherwise because of incompatible interfaces."Observer - (GOF 293):"Define a one-to-
many dependency between objects so that when one object changes state, all its dependents are notifies and updated
automatically."Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving
more than one object a chance to handle the request. Chain the receiving objects and pass the request along the chain
until an object handles it."
144      When would you use the Mediator pattern?

A        When you need to co-ordinate state changes between other objects by using one object.
B        When you need to add functionality to a class without changing its interface.
C        When you need create a separation between abstractions and classes that implement those abstractions.
D        You need a class that will be used in lots of different applications where the logic will only change slightly.

Choice A is correct.

The Mediator pattern allows you to co-ordinate state changes between many objects by using one mediator object.
Choice B is a description of the Decorator pattern. The Strategy pattern is described in choice D and choice C describes
the Bridge pattern.Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator
promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction
independently."



145       A prospective employer is describing the existing architecture of a solution that is currently in production. He
says that it's a 3-tier system with 3 clustered web servers; a server for the Oracle database with the business logic
implemented using PL/SQL scripts. What is true about this system?

A        This solution has fat clients
B        This solution has thin clients
C        There is a good separation of business logic
D        The solution has good Scalability
E        There is a poor separation of business logic
F        The solution has poor scalability

Choices B, E and F are correct.

The key to this question is the fact that the business logic has been implemented using PL/SQL stored procedures. This
means the business logic is on the same server as the database and therefore this is a 2-tier system not a 3-tier system as
your prospective employer suggests. There is a very tight coupling between the data store and the business logic this
has a direct affect on the potential scalability of this system.When you think of 2-Tier systems you would normally
associate them with Fat clients. However as the business logic has been implemented using PL/SQL scripts this system
will have thin clients making choice A incorrect. Choice C is incorrect because the business logic and data store are
tightly coupled. This tight coupling will have a direct affect on scalability. You may not be able to horizontally scale
this system (adding more machines); vertical scaling might be easier (add more memory and CPUs.) But even with
vertical scaling you would always run the risk of a network bottleneck making choice D is incorrect as well.




146       Your have been contracted by a company to help them improve the performance of their sales application.
You have suggested that the hardware the application is currently deployed on (2 web servers and a database server) be
migrated to 3 web servers, an application server and a database server (all on different machines.) You assure them that
all the software re-writes needed will be well worth it in the end. What are the characteristics of your suggested
architecture?

A        Fat Clients
B        Thin Clients
C        Good separation of business logic
D        Good Scalability
E        Poor separation of business logic
F        Poor scalability
G        There is no difference in the separation of business logic

Choices B, C and D are correct.

The system you have suggested they migrate to is a 3-tier system. The characteristics of a 3-tier system are thin clients,
good separation of business logic and good scalability. This is due to the fact that each tier is separate from the other
(for example it would be possible to change the data store without affecting the business logic.)Choice A is incorrect;
the suggested system has thin clients, the business logic residing on the application server, in the middle tier. Since
there is a good separation of business logic, choices E and G are incorrect. Choice F is incorrect the 3-tier nature of the
system makes it very scalable.




147      Your boss is raving about the new 3-Tier architecture that your company's sales application will be deployed
on. He says that this architecture will solve all the existing problems. Is he right, or does a 3-Tier architecture have the
potential to introduce any new problems?

A        Fat Clients
B        Thin Clients
C        Poor scalability
D        Poor manageability
E        Reduced performance
F        Reduced separation of business logic
G        Single point of failure

Choice D is correct.

The only problem a 3-Tier architecture could have is the potential for poor manageability. The separation of tiers
creates thin clients and distributes business logic processing. However because of the distributed nature of the servers,
there could be manageability problems. With J2EE solutions however, the potential for such problems is limited
because J2EE tiers and layers have very well defined roles and responsibilities. Choice A is incorrect because Fat
clients are a characteristic of 2-Tier architecture where the business logic is implemented on the client side. Thin clients
are good. Therefore choice B is incorrect. A 3-Tier architecture has excellent scalability, including horizontal
scalability, making choice C incorrect. It's possible to argue that a 3-Tier architecture may not perform as well as a
single machine containing your web server, business logic and database. However as soon as you introduce a
significant amount of users a 3-Tier architecture would out perform a single machine. Therefore choice E is correct.
Choice F is incorrect because a 3-Tier architecture actually increases the separation of business logic. Choice G is
incorrect because a"single Point of failure" is not a problem that a 3-Tier architecture introduces. Although it may have
a single point of failure, with careful design you can avoid such pitfalls easily. This is much harder to do with 2-Tier
architecture and impossible with 1-Tier architecture.




148      You have written an application to allow customers to reserve tables at their favourite restaurants. In return
your company receives 10% of whatever the customer spends at the restaurant. At the moment, the application is being
run on a single Apache web server using PERL and CGI scripts for presentation and business logic with a separate
server for the Sybase database containing the restaurant details. What are the most notable weaknesses of this
architecture?
A        Fat Clients
B        Thin Clients
C        Scalability
D        Potential Network bottlenecks
E        Performance

Choices A,C and D are correct.

The architecture being described here is a 2-Tier architecture. The key as to whether this system has fat or thin clients is
that there is no reference to stored procedures. Generally if the business logic resides on the server it is in the form of
stored procedures. We therefore assume that all the business logic is in the PERL and CGI scripts. The reason for poor
scalability is due to the tight coupling of business logic and client presentation (fat clients). There is always a potential
of a network bottleneck in 2-Tier architectures because all requests have to go to one data store.Choice B in incorrect as
there is no mention of stored procedures in the scenario we assume that the business logic has been implemented in
PERL and CGI scripts on the client side. Performance is not the best answer here and so choice F is incorrect.




149        You have just bought a brand new dual processor server with over 3 Gigabytes of memory, the fastest server
in its class. This server will host Apache Web server (shipped with the Oracle Database) and an Oracle 8i database.
What are the most notable weaknesses of this architecture?

A        Scalability
B        Manageability
C        Security
D        Performance

Choice A is correct.

You can only vertically scale this system (add memory, CPUs etc). As soon as this system comes under a heavy load
you would have to separate the Apache web server from the Oracle database and build up a cluster of web servers. This
would be hard to do as the Oracle database and Apache web server are so tightly coupled.Note: A system can still be
scalable even if it is only one machine providing it has a good separation of the business logic, data store and client
presentation. Choice B is incorrect because this system would be easy to manage as everything is in one place. Choice
C is incorrect, you don't need to authenticate yourself to other machines or send traffic across the network to other
machines. Choice D is incorrect because although the system would perform really well under light traffic as soon as it
had heavy loads of traffic the performance would drop dramatically.



150      When should Java IDL be used?

A        When performance is essential (Performance is more important than scalability).
B        When accessing RMI servers.
C        When servicing requests from RMI clients.
D        When accessing existing CORBA servers.
E        When servicing requests from CORBA clients.

Choice D is correct.

The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/index.htmlThis is a fundamental question and
it's important to understand the distinction between these two ways of integrating the Java programming language with
CORBA. Java IDL is for CORBA programmers who want to program in the Java programming language based on
interfaces defined in CORBA Interface Definition Language (IDL). This is "business as usual" CORBA programming,
supporting Java in exactly the same way as other languages like C++ or COBOL. Although CORBA can slightly out
perform RMI that is not a reason to use Java IDL so choice A is incorrect. In choices B and C you would use RMI-
JRMP and inc choice E you would use RMI-IIOP.



151      You have just started a new job working for a top finance company and you have been asked to provide a
user-friendly interface to an existing mainframe application. You don't have any access to the mainframes source code.
What is the best technique for this?

A        It can't be done.
B        Use a screen scraper.
C        Re-write the main frame using Java and high-end Unix servers. Although it may take some time to do this in
the long run this will benefit the company.
D        Write a Java front end then use CORBA to communicate with the mainframe.
E        Use the Java Native Interface (JNI) to communicate with the mainframe.
F        Use object Mapping
G        Use JMS

Choice B is correct.

The key to this question is that you don't have access to the mainframes source code. A screen scraper emulates a
mainframe terminal. Basically the screen scraper logs on to the mainframe like a normal user and sends requests to the
mainframe and then reads the response. The problem with a screen scraper is that if you change any of the mainframes
code there is always the possibility that the screen scraper will stop working.Choice A is incorrect because it is possible
to add a GUI to the system. Choice C would take far too long, cost too much and is not what the customer wants.
Choices D, E and F would all require access to the mainframes source code. Choice G is incorrect because there is no
mention that the mainframe supports a messaging system. Some of them do and even provide interfaces for JMS
however as it is not stated in the question it is not the right answer.




152      You are working for a company that has yet to realise the full potential of Java. You offer to show them some
of the great things Java can do by integrating a new application with an existing CORBA system. Your bosses will then
assess the performance and reliability of this new system. How will you connect your RMI application to the CORBA
system?

A        Use Java-IDL
B        This is a standard feature of RMI.
C        Can't be done.
D        Can only be done by using JNI.
E        Use RMI-IIOP

Choice A is correct.

The following is taken from:http://java.sun.com/j2se/1.3/docs/guide/idl/jidlFAQ.htmThere are several scenarios that
will define how you will want to create distributed CORBA applications. Here are some of them: Java IDL - If you
have been developing CORBA applications using IDL for some time, you will probably want to stay in this
environment. Create the interfaces using IDL, and define the client and server applications using the Java programming
language to take advantage of its "Write Once, Run Anywhere TM" portability, its highly productive implementation
environment, and its very robust platform. RMI-JRMP - If all of your applications are written in the Java programming
language, you will probably want to use Java RMI to enable communication between Java objects on different virtual
machines and different physical machines. Using Java RMI without its IIOP option leverages its strengths of code
portability, security, and garbage collection. RMI-IIOP - If you are writing most of your new applications using the
Java programming language, but need to maintain legacy applications written in other programming languages as well,
you will probably want to use Java RMI with its IIOP compiler option.Choice B is incorrect because this is not a
standard feature of RMI. Choice C is incorrect because it can be done. You don't need to use JNI to do this so choice D
is incorrect. At present the existing systems all use CORBA. Therefore it is better to use Java IDL. Hence choice E is
also incorrect.



153      You are working for a car leasing company and you need to integrate with one of their mainframe
applications. You should do this using either object mapping or screen scraping. When should you use object mapping?

A        You should always use screen scrapers when you have the option.
B        When you have access to the mainframes code.
C        When you don't have access to the mainframes code.
D        When you are short of time and need a quick solution.

Choice B is correct.

Object mapping is the process of building object wrappers around legacy interfaces. This makes the legacy system
available in an OO fashion. You need access to the legacy systems source code in order to do this.A screen scraper
emulates a mainframe terminal. Basically the screen scraper logs on to the mainframe like a normal user and sends
requests to the mainframe and then reads the response. The problem with a screen scraper is that if you change any of
the mainframes code there is always the possibility that the screen scraper will stop working.Any change to the
mainframe might break the screen scraper and screen scrapers are only really used when you don't have access to the
mainframes source code so choice A is incorrect. Choice C is incorrect because you would use a screen scraper if you
didn't have access to the mainframes source code. In choice D you would probably use a screen scraper.



154     You have just joined a new company and have spent some time chatting with the network administrator. He
has mentioned that one of the servers is an off-board server. What is an off-board server?

A        Another way to describe a standard proxy server.
B        Another type of a screen-scraping program, (Like an object mapping one).
C        A server that runs within the DMZ.
D        A proxy for a legacy system.

Choice D is correct.

An off-board server is simply a proxy server for a legacy system.




155      You are designing an online cinema ticket booking application. At the moment you plan to have a controller to
maintain user sessions, a customer component to hold personal details, a credit card validation component, a set of GUI
screens and a cinema component with details of all movies and seating capacities. What should be used for each
component?

A       The controller should be a Stateful Session bean. The customer should be a Stateful Session bean. The cinema
component should be a Stateful Session bean. The credit card validation component should be an Entity bean.
B       The controller should be a Servlet. The customer should be a Stateful Session bean. The cinema component
should be a Stateful Session bean. The credit card validation component should be an Entity bean.
C       The controller should be a Stateful Session bean. The customer should be a Servlet. The cinema component
should be a Stateful Session bean. The credit card validation component should be a Stateful Session bean.

D        The controller should be a Servlet. The customer should be a Servlet. The cinema component should be a
Stateful Session bean. The credit card validation component should be a Stateful Session bean.
E        The controller should be a Stateful Session bean. The customer should be an Entity bean. The cinema
component should be an Entity bean. The credit card validation component should be a Stateless Session bean.
F        The controller should be a Servlet. The cinema component should be a Stateful Session bean. The cinema
component should be an Entity bean. The credit card validation component should be a Stateless Session bean.
G        The controller should be a Stateful Session bean. The customer should be an Entity bean. The cinema
component should be an Entity bean. The credit card validation component should be a Stateless Session bean.
H        The controller should be a Servlet. The customer should be an Entity bean. The cinema component should be
an Entity bean. The credit card validation component should be a Stateless Session bean.
I        Make the GUI using JSP pages
J        Make the GUI an applet

Choices H and I are correct.

The controller could be implemented as either a Servlet or a Stateful Session Bean but it makes more sense from a
resources point of view to implement this as a Servlet. The customer and cinema component need data to be stored
permanently so these should be Entity beans. The process of validating the credit card is a service so this should be a
Stateless Session Bean. JSP pages is a better choice than the applet because it means that the system can be used by a
greater number of people because there is no dependency on the Java plug in.




156      You have an Enterprise Bean that represents a customer's account. One of the methods that this bean provides
is deductCost(float amount) This method is used when a customer buys something from your company's website. This
method must be executed as part of an existing transaction. What is the correct attribute setting in the deployment
descriptor?

A        REQUIRED
B        REQUIRES NEW
C        SUPPORTS
D        MANDATORY

Choice D is correct.

If the calling client does not have a transaction (i.e. the transaction hasn't already started) a
javax.transaction.TransactionRequiredException will be thrown.Choice A is incorrect as REQUIRED will create a new
Transaction if a transaction does not already exist whereas the question says it must be part of an existing transaction.
Choice B is incorrect because REQUIRES NEW will create a new Transaction anyway. SUPPORTS will not force the
method to execute in a transaction. Hence choice C is also incorrect.



157      You have a method that can't be executed in a transaction. What is the correct attribute in the deployment
descriptor?

A        Leave it empty this is the default.
B        NEVER
C        NOT SUPPORTED
D        NO_TRANSACTIONS

Choice B is correct.
As the name suggests"NEVER" is the right answerChoice A is incorrect because leaving the deployment descriptor
empty is not the default for NEVER. NOT SUPPORTED just suspends the transaction making choice C incorrect.
NO_TRANSACTIONS is not a valid attribute. Hence choice D is also incorrect.



158      You have been reading up of the Gang of Four patterns and you notice that the Home interface of an
Enterprise Javabean is actually based on one of the patterns. Which pattern is the Home Interface of an Enterprise
Javabean based on?

A        Singleton
B        Facade
C        Builder
D        Factory Method

Choice D is correct.

This Factory Method pattern provides an interface for creating an object that allows either sub classes or helper classes
to create that object.The Singleton pattern creates either 1 or a variable number of instances of a class. So choice A is
incorrect. The Façade pattern provides a simple interface to a complex subsystem. Thus choice B is incorrect. The
Builder pattern separates the construction and representation of an object. The client is shielded from the object's
construction and it only needs to specify content and type. Hence choice C is also incorrect.



159       You've been developing a chat application so that members of your team can keep in touch with each other
irrespective of their location. You decided to implement the application as a Java Applet. In order to make sure the user
has the latest version, you require the applet to connect back to the server it was downloaded from and check with a file
there. Can this be done with JDK 1.3 or 1.4 without modifying the browser's policy files? True/False?

A        True
B        False

The above statement is True.

The key to this question is that the applet is only connecting back to the server it was downloaded from, and reading a
file. This has always been permitted and is permitted with both JDK 1.3 and 1.4. The applet wouldn't be allowed to
read a file on the client's machine or connect to machines other than the one it was downloaded from.Note: You may
think that if the applet has been downloaded then it must automatically be the latest one, this isn't true as most browser
cache applets.




160     You are writing an Enterprise Javabean to represent a Flight in a Travel agency application. One of the
developers recommended that you use Bean Managed Persistence (BMP) for the EJB. What is true about BMP?

A        Improves your ability to move your EJB from one Application server to another.
B        Reduces your ability to move your EJB from one Application server to another.
C        Improves your ability to move your EJB from one data store to another.
D        Reduces your ability to move your EJB from one data store to another.

Choice C is correct.
When you use Bean Managed Persistence you are writing all the SQL needed to persist the bean yourself. This means
that the SQL would have been tailored to the data store you are using and the same SQL might not work with a
different database vendor. You can cancel this out by using a Data Access Object. The Data Access Object pattern
(DAO) is used to reduce the dependency between Enterprise Beans and the underlying database. This means that the
data object manages the connection to the data source and if the data source changes you only need update this one
object, the change doesn't affect the rest of your application.




161      What do Atomic and Consistent mean in reference to ACID?

A        Atomic means a transaction must execute completely or not at all.
B        Atomic means a transaction must execute completely or log where it was stopped.
C        Consistent means a transaction must execute completely or log where it was stopped.
D        Atomic means the transaction is the same as other transactions in structure.
E        Consistent means the transaction is the same as other transactions in structure.
F        Consistent means the transaction was started and finished within the specified time.
G        Consistent means that the integrity of the underlying data source is always maintained.

Choices A and G are correct.

ACID stands for Atomic, Consistent, Isolatable and Durable. All transactions must adhere to this. Atomic means 'a
transaction must execute completely or not at all.' Consistent means 'the integrity of the underlying data source is
always maintained.'




162      You are working late at the office one day when the security guard informs that you have to leave as the
building is closed for the evening. As you are working on a big project you decide to continue your work at home.
However when you try to connect to the application from home you get no response. You are trying to connect to your
RMI-JRMP application; the port is available on the firewall, what is the most likely reason why you can't connect?

A        The port on the firewall isn't really available.
B        The company's proxy servers are filtering out your request based upon your IP address.
C        You have typed the connection address incorrectly.
D        Your application is only listening for internal requests and you will need to change setting in the
security.policy file if you wish to connect from home.
E        Your company knows that most hacking takes place at night and takes all of its systems off-line during the
night.

Choice B is correct.

The most likely explanation here is that your company's firewall is filtering your requests out based upon your IP
address. You would need to get your home IP address added to the list that the firewall trusts (and this won't be easy if
you're using DHCP!)Choices A and C are both possible but not the very likely here. Hence these answers are incorrect.
Choices D and E are not factually correct.
163      How are Entity Beans persisted?

A        Entity beans are stored in memory by the Application server.
B        Entity beans are not persisted
C        They are serialized and stored on a database.
D        They are NOT serialized but rather stored in a persistent storage medium such as a database.
E        It is up to the developer, than can either be serialized or mapped directly.

Choice D is correct.

A bean normally represents a row in the database. Each field that is persisted is typically mapped to a database. The
bean itself is not stored in the database, as the class is the same for all bean instances of the same type…it's just the
values that change. If beans were serialized when they where stored on the database you would have to de-serialize
each one when you were doing a find operation (by criteria). When Entity Beans are passivated (the state to the bean is
written to file), serialization may be used depending on the Application server, although most servers probably also
synchronize the state with the database as well.Storing them in memory is not persistence. If the server crashes, all the
data would be lost. Therefore choice A is incorrect. As Entity beans are persisted, choice B is incorrect. Choices C and
E are incorrect because Entity Beans are not serialized.




164      Which of the following statements are true?Note: This question assumes that the no-args constructor and
setEntityContext() method have already been called.

A        Entity Beans start in the"ready" state and move into the"pooled" state only after ejbActivate() has been called
on them.
B        Entity Beans start in the"pooled" state and move into the"ready" state only after ejbActivate() has been called
on them.
C        Entity Beans aren't pooled.
D        Entity Beans are never in either state.

Choice B is correct.

Entity Beans start in the pooled state (this is assuming that the no-args constructor and setEntityContext method has
been called). Then when ejbActivate() is called, they move into the ready state and return to the pooled state when
ejbPassivate() is called.



165      How do you find a particular Entity Bean?

A        Call various find methods defined in the Home interface.
B        Call various find methods defined in the Remote interface.

Choice A is correct.

The Home interface defines the create(), find(), and remove() methods and the finder methods are used for locating
beans.The Remote Interface is used to define all of the methods that can be called by the client on the Enterprise Bean.
If you try and call a method that exists in the Enterprise bean class but not in the Remote Interface, you will get a
RemoteException.



166      Which statements are true?
A        ejbFind() returns the Primary Key.
B        The find method/s in the Home interface return an EJBObject or an Enumeration.
C        The find method/s in the Home interface return a Primary Key.
D        ejbFind() returns an EJBObject.
E        The find method/s in the Remote interface return an EJBObject.
F        The find method/s in the Remote interface return a Primary Key.

Choices A and B are correct.

The Home interface defines the create(), find(), and remove() methods.The Remote Interface is used to define all of the
methods that can be called by the client on the Enterprise Bean. If you try and call a method that exists in the Enterprise
bean class but not in the Remote Interface, you will get a RemoteException.Choice C is incorrect because the find
method in the Home interface returns an EJBObject or an Enumeration. Choice D is incorrect because ejbFind() returns
the Primary Key. The find methods are not defined in the Remote interface so choices E and F are incorrect.




167      You are at home trying to work on an application you're developing for your company. You want to log on to
your machine at work and develop code for your application however you are having some trouble connecting directly
to the application (running on port 1099). What is the most likely reason that you can't connect?

A        A typing error in the connection details.
B        Your company is filtering traffic based upon IP address
C        Traffic is being filtered based upon the port number requested.
D        You need to update the security manager that is being used with the application to allow external connections.
E        There is a bug in your program stopping anyone from connecting whether internal or external.

Choice C is correct.

As you are able to connect to your desktop PC you know that your company doesn't filter traffic based upon IP address.
Therefore the most likely reason you can't connect is because you are requesting a different port and the firewall is
filtering that traffic.Although it's possible that a typing error in the connection details may be stopping you connecting
it isn't the most likely reason. So choice A is incorrect. You wouldn't be able to connect to your desktop PC if your
company was filtering traffic based upon IP address. So choice B is incorrect. When you connect to your application
from within the office you are still connecting via a socket. So you would not be able to connect at work either if there
was a problem with the security manager. Hence choice D is incorrect. Although choice E is possible it is not the most
likely reason.



168     You know that Java allows you to run JRMP over HTTP, to tunnel through firewalls but does Java allow you
to run CORBA over HTTP?(CORBA uses IIOP). True/False?

A        Yes
B        No

Choice B is correct.

The key to the question is what does Java allow you to do. Java has no direct relationship with CORBA so the answer
is No. However if the question was rephrased slightly for example using Java is it possible to tunnel IIOP over HTTP
then the answer would be yes (most firewalls are configured to only let HTTP / HTTPS requests through).
169       You are working for an investment bank. You have written an applet to display the current price of the shares
that traders have selected for monitoring. For the applet to work, it needs to authenticate who the client is. It does this
by reading a file held locally on the client's machine. You know that applets can't read files stored on a local machine
by default. So you have placed the applet in a jar file and that is code signed by a trusted certificate authority. Is signing
the code enough for the applet to be able to read the local file?Note: This is based on JDK 1.3 and 1.4

A        Yes it would work fine without limitation as the code is signed.
B        No the security manager of the browser would prohibit this.
C        The applet would have been able to read the file already under JDK 1.3 and 1.4.
D        As long as the code is signed is doesn't matter which certificate authority signed it.
E        It may or may not work depending on the browser's security policy.

Choice E is correct.

Even if the code is signed, the browser's policy file may refuse it permission to perform certain tasks. The policy file
will need to grant necessary permissions such as:grant signedBy"signingKey" { Permission
java.io.FilePermission"local_file","read";}to allow the applet to read local files.Choice A is incorrect because it
depends on the browsers security policy file. Choice B is incorrect because the security manager might not prohibit
this. The applet wouldn't automatically be able to read the file. So choice C is incorrect. It would matter which
certificate authority signed it, if you have not chosen to trust a particular certificate authority the code might as well not
be signed at all! So choice D is also incorrect.




170      You are developing an application to be used at a major bank. Security is a crucial element and you have
decided to use JAAS. The GUI will be based on the MVC framework and it uses swing. The application will connect
people in the same office so that they can all securely review the same financial data. What protocol should you use to
do this?

A        IIOP
B        JRMP
C        HTTP
D        HTTPS

Choice B is correct.

As there is no reference to this being a web based solution and all of the staff are in the same office there is no need to
use HTTPS. JRMP is the most appropriate answer.There is no mention of the need for Entity Beans or interfacing with
a CORBA system so choice A is incorrect. Choices C and D are incorrect because this is not being used over the web.



171      What are the benefits of using the Service Locator pattern?

A        It is used primary by Servlets to locate other services such as JMS. A good example of this pattern would be a
web based login facility. If a client enters an incorrect password their need to be redirected to a different but their
session needs to be maintained across the application.
B        It is used to catalog Enterprise Beans so that other beans can find them quickly and efficiently. For example if
you need to forward request from a Session Bean to an Entity Bean then the Session Bean requests the location of the
Entity Bean from the Service Locator object. The Service Locator looks in a table (like a HashMap) and returns the
Entity Beans location.
C        The Service Locator pattern can improve performance by introducing a caching facility.
D         There is a slight loss of performance when using the Service Locator pattern but this is out weighed by the
improved maintainability of the code.
E         None of the definitions of the Service Locator pattern are accurate.
F         The Service Locator pattern is used to hide the complexities of initial object creation, EJB lookups and object
re-creation.
G         Multiple clients can reuse the same Service Locator pattern.

Choices C, F and G are correct.

The following is taken from Core J2EE Patterns: Best Practices and Design Strategies page 369 "Use a Service Locator
object to abstract all JNDI usage and to hide the complexities of initial context creation, EJB home object lookup, and
EJB object re-creation. Multiple clients can reuse the Service Locator object to reduce code complexity, provide a
single point of control, and improve performance by providing a caching facility."Choice A is describing a standard
web based login but this has nothing to do with the Service Locator pattern. Choice B sounds plausible but this is not
how the Service Locator pattern is used. Choice D is incorrect as there is an increase not a loss of performance when
using this pattern. Choice E is incorrect as there are accurate descriptions of the Service Locator pattern amongst the
answers.Some useful links: http://developer.java.sun.com/developer/technicalArticles/J2EE/patterns/
http://java.sun.com/blueprints/

Useful book:

Core J2EE Patterns: Best Practices and Design Strategies - ISBN: 0130648841A sample chapter is available here:
http://www.sun.com/books/catalog/crupi/index_Table+of+Contents.html
Note: This type of question will probably feature in the new EJB 2.0 specification version of the SCEA certification.




172      When would you use Tunnelling?

A        When you don't have access to any spare ports of the Firewall and need to tunnel your application through an
existing port.
B        To break out of prison.
C        When you do have access to spare ports of the Firewall and are able to use them. So you tunnel your
application out of one of these new ports that was created just for your application.
D        When you are using IIOP with RMI.

Choice A is correct.

Tunnelling is used to pass one protocol through a port that it does not, by default run on. For example if the only free
port on the firewall was port 80 and you needed to pass JRMP through the firewall you would "tunnel" JRMP through
the firewall. (JRMP by standard runs on port 1099). Basically JRMP would run on top of HTTP. However Tunnelling
should generally be avoided and should only be used as a last resort. You use tunnelling when you don't have access to
a particular port. So choice C is incorrect. RMI-IIOP is unrelated to tunnelling. Choice B is incorrect because stealing
the key from the guard would be easier!




173       You are working for a small to medium sized business that has just started to use servers to host J2EE
Applications (its own and clients'.) However since its launch into this new area there have been three separate instances
of hacks involving access of sensitive sales information. A security consultant has been brought in to assess the
situation and he recommends that your company use a DMZ. What is a DMZ?
A          The network behind a firewall that's protected from the Internet.
B          The region inside the inner firewall (we are assuming that there are two firewalls). This network is called the
DMZ.
C          The network outside of the outer firewall. This could be the Internet or other client networks. (We are
assuming that there are two firewalls).
D          A region between two firewalls. The Internet would come in through the first firewall but only systems within
the first firewall in the DMZ can go through the second firewall.

Choice D is correct.

DMZ stands for Demilitarized zone. To set up a DMZ you need two firewalls with which you create 3 separate regions.
The different regions are the internet, DMZ (in the middle) and your network. You would have a server in the DMZ
that would be accessible to both the public and employees in your local network. The internet connections will not have
access your network though they will be able to access the server in the DMZ. Your network will access the internet
through the server in the DMZ.Choice A is just describing the process of using a firewall. The region described in
choice B is your network the DMZ is the area between the two firewalls. Choice C describes the internet not a DMZ.A
Useful link: http://www.saintrochtree.com/network-advices/000004.htm




174       You are designing a web-based application for an online recipe site. Although this may not seem that popular,
the estimated number of unique visitors to the site is 100000 per day. The site is purely informational, you can't buy
recipes or upload your own (if you wish to add your own recipes they have to be emailed to the webmaster). Despite
that fact that there no transaction and persistence requirement it is still recommended that you use an Application server
and Enterprise beans. The main reason for using the Application server and Enterprise Beans is that it allows you to
remove some of the processing from the web servers and this increases the performance of the site. True/False?

A        TRUE
B        FALSE

The above statement is False.

The key to this question is that there are no transactions and there is no data to persist. All you are sending to the client
are HTML web pages; even if you were to use JSPs/Servlets you still wouldn't use an Application server. In a situation
like this you have to think of what the Application server should actually do? In this case there is nothing for it to do.




175      You are an enterprise consultant for one of the Fortune 500 companies. You have been discussing a possible
design for a 3-tier application with a prospective client. They know very little about Java and are asking you if Java is
always the best solution. Your response is that although normally for each project many factors have to be considered
before selecting the programming language and framework, because this is a 3-tier architecture Java is definitely the
best solution. Is this true? True/False?

A        TRUE
B        FALSE

The above statement is False.

It is impossible to make sweeping statements such as Java is always the best solution for 3-tier architectures. A project
needs to be looked at individually and then assessed. You may think that one project naturally suits a full Java
implementation only to find out that a company has already heavily invested in a different technology or that you don't
have the resources (employees with skills in Java based technologies) to implement a solution.
176      You are designing a 3-tier architecture for a new application your company intends to deploy as part of it's
marketing strategy. This application will allow users to book rental cars over the web and is estimated to save the
company millions over the next few years. Due to the sheer number of users, you have decided to use the Front
Controller pattern. Which of the following statements describe the Front Controller pattern?

A         The Front Controller pattern is primarily used as a cheap alternative to a CISCO router. It is used as a software
alternative to a hardware load balancer.
B         Provides a central point of entry
C         Provides a central point of entry for load balancing
D         The controller manages client requests, security, delegation of business processing, error handling, view
selection and content creation strategies.
E         The controller manages the client's request including delegating business processing, error handling, view
selection and content creation strategies. But is does not have anything to do with security.
F         The Front Controller is just another way of describing the Controller out of the Model View Controller
architecture.
G         The Front Controller is just using the Controller out of the Model View Controller architecture for load
balancing.

Choices B and D are correct.

The following is taken from Core J2EE Patterns: Best Practices and Design Strategies page 369"Use a controller as the
initial point of contact for handling a request. The controller manages the handling of the request, including invoking
security services such as authentication and authorization, delegating business processing, managing the choice of an
appropriate view, handling errors, and managing the selection of content creation strategies. The main aim of the Front
Controller pattern is to centralize view management. For example if a web page is moved all the links to it would need
to be updated by using this pattern you can pass all requests through the Front Controller only needing to make changes
in one place. The Front Controller is classified by Sun as a Presentation Tier pattern. Choices A and B are incorrect
because the Front Controller has nothing to do with load balancing. Choice E is incorrect as the Front Controller can
invoke security services and choices F and G are incorrect because the Front Controller does not represent the
Controller out of the MVC architecture.

Some useful links:
http://developer.java.sun.com/developer/technicalArticles/J2EE/patterns/
http://java.sun.com/blueprints/patterns/j2ee_patterns/front_controller/index.html
http://java.sun.com/blueprints/

Useful book:
Core J2EE Patterns: Best Practices and Design Strategies - ISBN: 0130648841A sample chapter is available here:
http://www.sun.com/books/catalog/crupi/index_Table+of+Contents.html

Note: This type of question will probably feature in the new EJB 2.0 specification version of the SCEA certification.




177     You are designing a complex set of classes that provides a secure framework for other programmers to use.
The idea behind this framework is that it will allow other programmers to write secure programs without getting
bogged down with the complexities of writing secure applications. What sort of design pattern is being used here?

A        Composite
B        Faade
C        Decorator
D        Adapter
         Mediator

Choice B is correct.

Facade - (GOF 185): "Provide a unified interface to a set of interfaces in a subsystem. Facade defines a higher-level
interface that makes the subsystem easier to use. "The other patterns are described below:

Adapter - (GOF 139):"Convert the interface of a class into another interface clients expect. Adapter lets classes work
together that couldn't otherwise because of incompatible interfaces. "Composite - (GOF 163):"Compose objects into
tree structures to represent part-whole hierarchies. Composite lets clients treat individual objects and compositions of
objects uniformly. "Decorator - (GOF 175):"Attach additional responsibilities to an object dynamically. Decorators
provide a flexible alternative to sub classing for extending functionality. "Mediator - (GOF 273):"Define an object that
encapsulates how a set of objects interact. Mediator promotes loose coupling by keeping objects from referring to each
other explicitly, and it lets you vary their interaction independently."




178      What is the difference between the abstract factory pattern and the factory method pattern?

A         The factory method makes objects that should be used together. This is not the case for the abstract factory.
B         The abstract factory pattern provides an interface for creating a family of objects whereas factory method
provides an interface for creating one object
C         In the abstract factory pattern the objects that the factory makes are to be used together. This is not necessarily
true in the factory method pattern.
D         The factory method pattern is used when the class does not know the class of the object it must create. But in
the abstract factory this is known in advance.
E         The factory method and abstract factory are essentially the same pattern but two different names are used to
describe them depending on the circumstances when they are implemented.

Choice B is correct.

Both the Abstract Factory and Factory Method are Creational patterns. Abstract Factory - (GOF 87):              "Provide an
interface for creating families of related or dependent objects without specifying their concrete classes. "Factory
Method - (GOF 107):         "Define an interface for creating an object, but let subclasses decide, which class to
instantiate. Factory Method lets a class defer instantiation to subclasses. "Choice A offers a description of the abstract
factory pattern not the factory method. The descriptions in choices C and D are the wrong way round. Choice E is
incorrect as the two patterns are different.




179       You're designing a paint application and as part of the user interface you have a toolbar along the left hand
side of the screen. Each of the icons on the toolbar has different actions when you are using different tools. The way
you've structured it, the application is required to pass commands from one object to another. When the appropriate
object receives the command, it handles the request. This is an example of which pattern?

A        Command
B        Chain of Responsibility
C        Adapter
D        Interpreter
E        Strategy

Choice B is correct.
Chain of Responsibility - (GOF 223):"Avoid coupling the sender of a request to its receiver by giving more than one
object a chance to handle the request. Chain the receiving objects and pass the request along the chain until an object
handles it. "Below are descriptions of the other patterns: Command - (GOF 233):"Encapsulate a request as an object,
thereby letting you parameterize clients with different requests, queue or log requests, and support undoable operations
"Interpreter - (GOF 243):"Given a language, define a representation for its grammar along with an interpreter that uses
the representation to interpret sentences in the language. "Adapter - (GOF 139):"Convert the interface of a class into
another interface clients expect. Adapter lets classes work together that couldn't otherwise because of incompatible
interfaces. "Strategy - (GOF 315):"Define a family of algorithms, encapsulate each one, and make them
interchangeable. Strategy lets the algorithm vary independently from clients that use it."




180       You've had enough of you existing IDE (Integrated Development Environment) and have started work on
designing your own. At the moment you're working on the undo part of the application, basically you need to be able to
roll an object back so its previous state. What pattern would you use to do this?

A       Memento
B       State
C       Mediator
D       Rollback
E       Transaction
F       ACID
Choice A is correct.

Memento - (GOF 283):"Without violating encapsulation, capture and externalise an object's internal state so that the
object can be restored to this state later. "Choices D, E and F are not names of patterns. Rollback is something you
would do if a transaction were terminated halfway through. Transaction is self-explanatory. ACID stands for Atomic,
Consistent, Isolatable and Durable. All transactions must adhere to this. Below are descriptions of the other patterns:
State - (GOF 305):"Allow an object to alter its behavior when its internal state changes. The object will appear to
change its class. "Mediator - (GOF 273):"Define an object that encapsulates how a set of objects interact. Mediator
promotes loose coupling by keeping objects from referring to each other explicitly, and it lets you vary their interaction
independently."


181      What is true about this diagram?
A       Object 1 calls the method call1() on Object 2
B       Object 2 executes its own method call3(). This method in turn creates Object 3.
C       Object 1 executes its own method call1(). This method in turn creates Object 2.
D       Object 2 calls the method call3() on Object 3

Choices A and D are correct.

The diagram shows a UML sequence diagram. This type of diagram shows the interaction of different objects. Time is
shown from the top of the page descending. The white rectangles on the dotted lines show the objects life. Method calls
are made from one object to another. In this diagram Object 1 calls Object 2's method call1(). Where the arrow begins,
the object represents the caller, and where it ends, the object called. The text above the arrow is the name of the
method.For more information about UML:http://www.uml.org/




182     What are the benefits of asynchronous messaging?

A       Less coupling between the sender and receiver.
B       Provides an instant response.
C       Does not block the sender.
D       Good for transaction processing.
E       "You can't get an instant response.
F       Network doesn't have to be available.

Choices A, C and F are correct.

The main difference between asynchronous messaging and synchronous messaging is that synchronous provides an
instant response. This means that when using asynchronous messaging, clients do not have not wait for responses; they
send messages and then carry on with what they were doing. This reduces the coupling between the sender and receiver
and it also means that the network doesn't have to be available. Choices B and D are incorrect because they describe
synchronous messaging. Although choice E is correct it is not a benefit of synchronous messaging.
183      You are designing an online shopping application to make it easier for customers to order products from your
company. The aim is that the majority of customers buying over the phone will start using the web instead. When
customers purchases goods online they will use credit cards and will require an instant response as to whether the sale
has been approved or not. (Note the credit card validation is carried out by another very powerful system.) What type of
messaging should be used?

A       Synchronous messaging
B       Asynchronous messaging
C       You shouldn't be using messaging at all as it's not transactional.
D       You could use messaging because it is transactional however it's not advised, as the system would never
perform well enough for an instant response.


Choice A is correct.

Synchronous messaging provides an instant response and is therefore the right answer. It is always arguable as to
whether messaging should be used if you require an instant response but if you do decide to use messaging then you
should always use synchronous messaging when needing an instant response. Choice B is incorrect because
asynchronous messaging does not provide an instant response. You can make messaging transactional by creating your
own transactions in your code. Hence choice C is incorrect. Choice D is arguable too, but it is not the most appropriate
answer because the question suggests that the system the messages will be sent to is very powerful and will be able to
cope with the volume of traffic. So choice D would be incorrect as it suggests that the system will not perform well
enough for an instant response.



184      What should be used if you don't need an instant response from a message?

A        Synchronous messaging
B        Asynchronous messaging

Choice B is correct.

Synchronous messaging provides an instant response therefore asynchronous messaging is correct. Synchronous,
tightly coupled communication between distributed components: This is the model of CORBA, RMI, EJB and so on.
The programming model is called Remote Procedure Call (RPC).Asynchronous, loosely coupled communication
between components: This is the Message Oriented Middleware or MOM model. The programming model is called
Messaging.




185      You overheard two colleagues arguing about the difference between Localization and Internationalization.
They turn to you to ask you to settle the argument. What is the difference between Localization and
Internationalization?

A        Internationalization is the process of preparing a program to be used in a country other than England.
B        Internationalization is the process of preparing a program to be used in any country.
C        Localization is the process of preparing a program to be used in a country other than England.
D        Localization is the process of preparing a program to be used in any country.

Choice B is correct.
Internationalization: Adapting a program for use in any country is called Internationalization. Localization: The process
of adapting a program for use in a particular country is referred to as Localization. During Localization the language of
the text, message icons, colors used, dialogs, number formats, time representation and even sorting algorithms are
subject to change. Choice A is incorrect because it is the other way around. Choices C and D are not accurate
descriptions of Localization.




186      You have an existing mail order application that runs as an applet on the customer's browser. The applet
connects to your server to retrieve product information. (Note all data is sent securely over SSL) What would you
expect to change to meet the needs of users in different countries?

A        GUI text, e.g. Message box text etc.
B        Security login procedures
C        Dates
D        Numbers, e.g. Currency
E        The way the program writes to binary files.
F        Icons, Images
G        The way the program writes to text files.

Choices A, C, D, F and G are correct.

List of items that may be subject to Internationalization:
Language for Messages
Formats - Numeric, Date and so on
Dictionary sort order
Currency symbol and position
Tax and other legal rules
Cultural preferences
You would not need to change the way you wrote to binary files but you may need to change the way you write to text
files because of the Unicode to 8 bit differences.




187       Your company has a custom operating system that it developed for some robotics hardware to be used in their
research departments. One of the researchers has written a cut down Virtual Machine to run on this OS. You have
started to develop some software to run on this VM however you need to convert the Unicode to 8 bit characters. In
order to do this you will need to use:

A        FileWriter
B        OutputStreamWriter
C        BufferedWriter
D        StreamWriter

Choice B is correct.

The OutputStreamWriter can be used to convert Unicode into 8 bit characters. Normally this is used in
Internationalization to convert Unicode into local character encoding but it would work well in this situation. Choices
A, C and D serve different purposes in the java.io package. Java support for Internationalization Properties
         Locale Resource Bundle Unicode Java.text Package InputStreamReader                OutputStreamWriter
188      You need to convert 8bit text to Unicode. To do this you use:

A        FileReader
B        InputStreamReader
C        BufferedReader
D        StreamReader

Choice B is correct.

The InputStreamReader can be used to convert 8 bit characters to Unicode. Choices A, C and D serve different
purposes in the java.io package.Java support for Internationalization:· Properties·      Locale· Resource Bundle·
        Unicode·           Java.text Package·          InputStreamReader·        OutputStreamWriter



189      What is the difference between composite aggregation and normal aggregation?

A        Aggregation defines a part of relationship but both objects can exist independently. But with composite
aggregation if one part is removed then the other part will be removed. Think of a plane the wings have a composite
aggregation relationship with the body of the plane.
B        Composite Aggregation defines a part of relationship but both objects can exist independently. But with
aggregation if one part is removed then the other part will be removed. Think of a plane, the wings have an aggregation
relationship with the body of the plane.

Choice A is correct.

As the answer states aggregation defines a part of relationship but both objects can exist independently. But with
composite aggregation if one part is removed then the other part will be removed. The following is taken from:
http://www.moskalyuk.com/edu/uml/interview_questions.htm Composition is a stronger form of aggregation. The
object which is "contained" in another object is expected to live and die with the object which "contains" it.
Composition is represented in the UML by a darkened diamond. An example of a composite relation is a Book and
Chapter. A Book "has a" Chapter, and the Chapter cannot exist without the Book. For more information about UML
please go to: http://www.uml.org/




190       You are looking at a class diagram that another developer has drawn. You notice a solid black diamond and a
line linking two classes together. What does the black diamond imply in UML?

A        Aggregation
B        Association
C        Composite Aggregation / Composition
D        Dependency
E        Inheritance/Generalization

Choice D is correct.

Composite Aggregation / Composition is shown by a solid black diamond. Aggregation defines a part of relationship
but both objects can exist independently. But with composite aggregation if one part is removed then the other part will
be removed. Think of a plane the wings have a composite aggregation relationship with the body of the plane. Note:
Inheritance and Generalization are used to describe the same thing. The same is also true about Composite Aggregation
and Composition. Aggregation is shown as a white diamond (the diamond shape is a black outline with the centre
white). Association is just a single line linking classes/objects; this can have multiplicity and direction. The following is
taken from:http://www.moskalyuk.com/edu/uml/interview_questions.htm Composition is a stronger form of
aggregation. The object which is "contained" in another object is expected to live and die with the object which
"contains" it. Composition is represented in the UML by a darkened diamond. An example of a composite relation is a
Book and Chapter. A Book "has a" Chapter, and the Chapter cannot exist without the Book. For more information
about UML:http://www.uml.org/




191      What does a triangular arrow shape with a solid line mean in UML? (The triangle is an outline, and not solid)

A        Aggregation
B        Association
C        Composite Aggregation / Composition
D        Dependency
E        Inheritance/Generalization

Choice E is correct.

In UML Inheritance/Generalization is shown with a triangular arrow shape. So whenever you extend a class, you are
inheriting from the class you are extending. Note: Inheritance and Generalization are used to describe the same thing.
The same is also true about Composite Aggregation and Composition. Aggregation is shown a white diamond (the
diamond shape is a black outline with the centre white). Association is just a single line linking classes/objects; this can
have multiplicity and direction. Composite Aggregation / Composition is shown by a solid black diamond. For more
information about UML:http://www.uml.org/




192      You are studying a class diagram of an exiting system so that the new functionality you are adding uses the
existing class attributes wherever possible. What do the following symbols mean in UML with regards to visibility?

A        # public, + protected, - private
B        + public, - protected, # private
C        + public, # protected, - private
D        # public, - protected, + private

Choice C is correct.

As the answer states the + # - symbols represent the following levels of visibility.+ Public# Protected- Private For more
information about UML please go to:http://www.uml.org/




193      Which of the following are true about Vertical Scalability?

A        (Achieved by adding servers to the system
B        Achieved by adding capacity (memory, CPU and so on)
C        It is generally more expensive than Horizontal scaling
D        Decreases manageability
E        Requires few or no changes to the system architecture
F        Not supported by J2EE
G        Has little or no impact on the reliability and availability of the system
Choices B, E and G are correct.

Vertical Scalability, by definition means increasing a system's capacity by adding memory, processors and so on. Of
the two types of Scalability (Vertical and Horizontal), Vertical Scalability is the easier to achieve because it involves
few changes to the existing system's architecture. Also adding more CPU or memory to an existing system does not
have any impact on reliability or availability because if the system or component fails, in the absence of redundant
systems, availability and reliability would suffer. Hence choices B, E and G are correct.

Choice A is incorrect because it actually describes Horizontal Scalability, which is achieved by adding more servers to
a system. Horizontal Scalability is tougher to achieve because the architecture should inherently support a multi-server
environment. However once implemented, it has a positive impact on the system's reliability and availability because it
provides fault tolerance capabilities.
Choice C is incorrect because generally it is cheaper to add capacity than to add entire new systems. Choice D is
incorrect because adding capacity should have no impact on the manageability of a system. Choice F is incorrect
because Vertical Scalability is easy to achieve. Most J2EE vendors also provide support for the more difficult
Horizontal Scalability.




194      Which of the following are not true about 2-tier architecture models?

A        Clients may be validation intensive, consequently requiring powerful hardware.
B        Any change to one tier typically affects both tiers.
C        Represents a single point of failure.
D        Each client makes a direct connection with the server
E        They are not very maintainable
F        They are quite manageable

Choices B, C and F are correct.

The question asks for points about 2-tier client/server systems that are not true. Choice B is untrue because a change to
one tier need not necessarily affect the other tier. For example consider an Order Entry system where the users need to
see transaction history for individual customers. A new screen can be developed to take data from the transaction tables
and display it on the client. In this example, no changes are required on the server. Consider an alternate example
where a stored procedure accessing data spread in multiple tables now queries a materialized view. No changes would
be required to clients that call the stored procedure, as long as all input and output remains the same.
Although it may be true in many cases, Client/Server architectures do not always represent single points of failure.
With single database servers, of course if the server fails, clients may not be able to connect to the database. However
in multi-database applications, if parts of the client or server fail, other parts of the system may still be accessible.
Hence choice C is a right answer.
2-tier architectures are not very manageable. Although the servers can be managed centrally, client PCs are always
distributed at user locations and it is very difficult to troubleshoot them without local staff. Hence choice F is a right
answer.
Choice A correctly reflects what happens on a client in 2-tier applications. Choice D explains how clients interact with
the database and choice E clearly lists that 2-tier architectures are not easily maintainable because of constant software
updates required on the clients. Hence they are all incorrect answers.
195      Refer to the following diagram:




In the above diagram

A        Class A inherits from Class B
B        Class B inherits from Class A
C        Class B has a dependency to Class A
D        Class A has an aggregation to Class B

Choice B is correct.

From the diagram it can be inferred that A and B are concrete classes and B extends A. This is shown by the
generalization relationship between B and A. Hence choice B is correct.
Choice A is incorrect because class A does not inherit from class B. Choice C is incorrect because the relationship
between the classes A and B is generalization, not dependency. Finally choice D is incorrect because A has an
aggregation relationship with Interface C, not class B.




196      In a UML class diagram Private, Protected and Public attributes are shown by

A        -, +,#
B        +, -,hash
C        #, -, +
D        -,#, +
E        +,#, -
F        #, +, -

Choice D is correct.

In UML notation, access modifiers are shown by the signs -, # and + to represent Private, Protected and Public. Hence
choice D is correct. All other choices show incorrect combinations.




197      Which of the following may be used for synchronously communicating with legacy systems?
A        IIOP
B        HTTP
C        SHTML
D        JRMP with JNI
E        SMTP
F        RMI / IIOP
G        MOM

Choices A, D and F are correct.

IIOP (Internet Inter Operable Protocol) is the protocol used by CORBA. JRMP (Java Remote Method Protocol) is the
protocol used by Java-RMI. RMI / IIOP is EJB1.1's protocol. All three of these methods are examples of RPC (Remote
Procedure calls) based communication, which is inherently synchronous in nature. Note that there are exceptions (event
handling in CORBA and Message Driven Beans in EJB2.0), but generally speaking RPC is used for synchronous
communication. Hence A, D and F are correct.
HTTP, SHTML and SMTP are unrelated jargons, used for confusing the reader. Message Oriented Middleware (MOM)
is used for asynchronous messaging. Hence choices B, C, E and G are incorrect.




198      What is an off-board server used for?

A        Providing Single-Sign on to a Java based application
B        Delegating complex processing to a separate server
C        Enable secure remote access to a mainframe by forwarding SSL requests to serial connections
D        As a database for storing the public keys of valid Certification Authorities (CA)
E        For performing symmetric key cryptography

Choice C is correct.

An off-board server is used enable secure remote access to mainframes. This is done typically done by forwarding SSL
requests to the mainframes via serial connections, as indicated by choice C.
An off-board server does not provide single sign on capabilities to a J2EE application. It is also not an application
server that can take up complex business logic processing. An Off board server does not store public keys of trusted
Certification Authorities (CA) or perform symmetric key encryption. Hence choices A, B, D and E are all incorrect.




199     Company ABC has a predominantly EJB based J2EE application that has be accessed by CORBA clients.
Which connectivity option would you recommend?

A        RMI-JRMP
B        RMI with JNI
C        Java IDL
D        RMI-IIOP
E        HTTP tunneling

Choice D is correct.

RMI-IIOP stands for Remote Method Invocation (using IIOP as the transport.) This is the protocol supported by
EJB1.1 Hence choice D is correct.
RMI-JRMP is used only when dealing with native Java clients. The question talks about CORBA clients but does not
say anything about pure Java clients. Hence choice A is incorrect. There is also no mention of JNI support. Hence
choice B is incorrect. Java IDL is useful when you have a predominantly CORBA based application. Hence choice C is
incorrect. HTTP tunneling is a way to allow protocols to masquerading as other protocols and bypass firewall
restrictions. Hence choice E is incorrect.




200      Which of the Classes and Interfaces need to be created by a bean developer?

A        Home Interface
B        Distributed Interface
C        Remote Interface
D        Bean Class
E        Bean Interface

Choices A, C and D are correct.

When developing EJB applications, developers need to create the Home Interface, the Remote Interface and the Bean
Class. Hence choices A, C and D are correct.
There is no such thing as the Distributed Interface or the Bean Interface. Hence choices B and E are incorrect.




201      The Remote Interface of an Enterprise Bean extends from:

A        java.ejb.EJBRemote
B        javax.ejb.RemoteInterface
C        javax.ejb.EJBObject
D        javax.rmi.RemoteReference

Choice C is correct.

Remote Interfaces of EJBs extend from javax.ejb.EJBObject. Hence choice C is correct.
Though it sounds likely, A, B and D are incorrect because there is no interface called EJBRemote, RemoteInterface or
RemoteReference.




202      Which of the following are not applicable to the Primary Key Class?

A        It must implement the java.io.Serializable interface
B        It must provide a default constructor
C        It must override hashCode() and equals()
D        Cannot be undefined if the PK is a Compound Primary Key
E        Primitive wrappers cannot be used when dealing with Single field keys

Choices D and E are correct.

The question says 'not applicable' and only choices D and E are not true. Compound Primary Keys can remain
undefined until deployment time and primitive wrappers can be used with dingle field keys. Hence choices D and E are
correct.
Choices A, B and C are true about Primary Keys and therefore incorrect choices.
203      Which of the following statements is true about Session Beans?

A        All attributes of a Stateless Session bean have to be set to null prior to passivation.
B        All non-transient and non-serializable fields of a Stateful Session Bean have to be set to null in the
ejbPassivate() method.
C        The container uses Passivation on Stateful and Stateless Session Beans to allow pooling and swapping which
are good techniques for resource management.
D        Passivation only applies to Entity Beans and not to Session Beans.

Choice B is correct.

When a bean is about to be passivated, the container calls the ejbPassivate() method. At this time, the bean instance can
close all open resources and set all non-transient non-serializable fields to null. Hence choice B is correct.
Stateless Session Beans are not passivated. Hence choice A is incorrect. While Stateful Session Beans are pooled and
swapped, Stateless Session Beans are not. Hence choice C is incorrect. In addition to Entity Beans, Stateful Session
Beans are passivated as well. Hence choice D is incorrect.




204      When a call is made to a single-entity find method in an entity bean, the ObjectNotFoundException is thrown
indicating that the requested entity was not found. What happens to the transaction?

A       It is automatically rolled back since it is an application exception.
B       It is not automatically rolled back since it is a system exception.
C       It is not automatically rolled back since it is an application exception.
D       It is automatically rolled back since it is a system exception.
E       It may or may not automatically rollback based on container specific implementation.
Choice C is correct.

The question deals with the ability to differentiate between system exceptions and application exceptions, and their
impact on transactions. The container throws the ObjectNotFoundException to indicate that the entity requested by the
single entity find method was not found. When this happens, the transaction is not typically rolled back. Hence choice
C is correct.
Application exceptions are thrown in response to errors encountered in the processing of business logic. Application
exceptions do not cause transactions to roll back. Hence choice A is incorrect.
The ObjectNotFoundException is not a system exception. Hence choice B is incorrect. Again choice D indicates that
the ObjectNotFoundException is a system exception and is therefore incorrect. Choice E indicates that it is up to the
container to either roll back the transaction or not, which is incorrect.




205      Which of the following services does the EJB Container provide?

A        Object Distribution
B        Life Cycle Management
C        Integrated Web Server and Servlet Engine
D        Just in Time management Java Runtime Engine
E        Transaction Management

Choices A, B and E are correct.
The EJB developer is only responsible to developing the core service that the component provides. All other services
are decorations provided by the container. For example, the container provides object distribution via the Home
Interface and Remote Interface implementations and manages the life cycle of Beans. It also provides transaction
management capabilities. Hence choices A, B and E are correct.
Many popular EJB vendors provide a web server and a Servlet engine as well. But that is not a responsibility of the
EJB Container. Hence choice C is incorrect.
Choice D, mentions something about just in time management JRE, irrelevant jargon meant to throw off the reader.
Hence choice D is incorrect.




206      When a client calls the create() on a Stateless Session Bean's Remote Interface,

A        The newInstance() method is invoked by the container
B        The ejbCreate() method is called by the container
C        Passivated instance is activated and attached to the EJB Object
D        The Container takes an instance from the Method Ready Pool and attaches it to the EJB Object.

Choice D is correct.

With Stateless Session Beans, a new instance is not created each time a client request comes in. Instead, the container
manages a pool of bean instances, and when a client requests the service (via a create method), an instance from the
pool is assigned to service the request. Hence choice D is correct.
The newInstance() method and the ejbCreate() method are invoked by the container to set up the instances in the bean
pool and are not called with each create() method called by the client. Hence choices A and B are incorrect.
Choice C is incorrect because Stateless Session Beans are not passivated or activated.




207      The container will synchronize an Entity Bean's state with the database,

A        After every setXxx() method
B        When a client calls the ejbLoad() or ejbStore() method
C        When the container thinks its appropriate based on various factors including the Transactional Context.
D        When the connection.flush() method is called.

Choice C is correct.

In CMP, the container automatically handles synchronization between the bean and the database. With BMP the
developer is responsible for providing the logic for database synchronization. In both cases however, the container
decides when the synchronization should occur, based on various activities such as transactions, concurrency and
resource management. Hence choice C is correct.

It is not guaranteed that data will be synchronized after each set method. Again this is because the container decides
when to synchronize data. Hence choice A is incorrect.
The methods ejbLoad() and and ejbStore() are considered callback methods - the container uses them to communicate
with the entity when it is about to or just has synchronized database state. Hence clients do not make calls to these
methods. Choice B is therefore incorrect.
There is no method called connectionFlush(). Hence choice D is incorrect.
208      The standard ports for HTTPS and HTTP are

A        21 / 110
B        80 / 443
C        443 / 80
D        21 / 119

Choice C is correct.

Although port numbers are configurable, the default ports for HTTPS and HTTP are 443 and 80. Hence choice C is
correct.
Port 21 is used with FTP, port 110 is used with POP3 and port 119 is used with NNTP. Hence choices A and D are
incorrect. Choice B has the port numbers in the reverse order. Hence choice B is incorrect.




209     A browser client C1 opens an SSL session with Server S1 on port 443. C1 then opens a new browser window
and opens an SSL session with Server S2 (while the SSL session with S1 is active in the other browser window.) At the
same time client C2 opens an SSL session with S1 on 443 as well. Which of the following statements are false?

A        Client C1 cannot be engaged in two SSL connections as the same time.
B        S1 cannot be engaged in two SSL connections on the same port at the same time.
C        C1 can have multiple SSL connections open at the same time.
D        S1 can have multiple SSL connections open at the same time.

Choices A and B are correct.

Note that the question asks you which choices are false. Since clients can simultaneously engage in multiple SSL
connections (through different browser instances) and servers can support multiple concurrent SSL connections, only
choices A and B are false and therefore the right answers.

Choices C and D are true and therefore incorrect.




210      Messaging is achieved by:

A        Synchronous tightly coupled communication between distributed components
B        Asynchronous loosely coupled communication between components
C        Using Stubs and Skeletons
D        Marshalling and unmarshalling of data

Choice B is correct.

Messaging is a middleware architecture that is used for asynchronous communication. This is generally achieved
through a store-and-forward mechanism. All message producers and message consumers communicate to each other
via a Message Oriented Middleware. Message consumers receive messages via a polling mechanism or a server-push
mechanism. Hence choice B is correct.
Synchronous tightly coupled communication is a feature of RPC middleware applications. Hence choice A is incorrect.
Stubs and Skeletons are used to Marshall and unmarshall data in distributed RPC environments. Hence choices C and
D are incorrect.
211      Messaging supports which of the following two models:

A        Point to Point
B        Envelope/Letter
C        Publish/Subscribe
D        Send to List

Choices A and C are correct.

There are two models available in Messaging. Point-to-Point is typically used for a one to one communication and
Publish Subscribe is used when messages need to be broadcast to a group of subscribers. Hence choices A and C are
correct.
The envelope-content is not a messaging paradigm. It is an example used to illustrate how messages are constructed
when using Simple Object Access Protocol (SOAP.) Hence choice B is incorrect.
There is no paradigm called Send to List. Publish Subscribe is used for one to many communication. Hence choice D is
incorrect.




212      Which of the following is not true about RPC?

A        RPC attempts to mimic the behavior of a system that runs in one process
B        When a remote procedure is invoked, the caller is blocked until the procedure completes and returns control
C        RPC is asynchronous in nature
D        RPC is tightly coupled

Choice C is correct.

The question is asking what is false about RPC. Only choice C, which says that RPC is asynchronous in nature, is false.
Therefore choice C is correct.
Choices A, B and D are true statements about RPC based communication and hence incorrect.




213      What is the difference between Maintainability and Manageability in Software Engineering?

A        Manageability is the ability to correct flaws in the system whereas maintainability is the ability to ensure the
continued health of the system.
B        Maintainability is the ability to correct flaws in the system whereas manageability is the ability to ensure the
continued health of the system.
C        Maintainability deals with ensuring that the system is always reliable and accessible whereas manageability
deals with the ability to add functionality to the system.
D        They are both the same.

Choice B is correct.

Maintainability (Cade 8),"is the ability to correct flaws in the existing system without impacting other components of
the system" and manageability (Cade 9)"is the ability to manage the system to ensure the continued health of a system
with respect to scalability, reliability, availability, performance and security." Hence choice B is correct.
The definitions in choice A are in the reverse order and incorrect in choice C. Choice D is trying to say that the two
non-functional requirements refer to the same thing. Hence they are all incorrect.




214      Which of the following are not considered tiers in a J2EE based n-tier model?

A        Client Tier
B        Web Tier
C        EJB Integration Tier
D        EIS Tier
E        EIS Integration Tier
F        Legacy Connectivity Tier
G        JCA Tier

Choices C, F and G are correct.

The question is asking what choices are not considered as J2EE tiers. There are no tiers called 'EJB Integration Tier',
'Legacy Connectivity Tier' or 'JCA Tier.' Hence choices C, F and G are correct.
J2EE applications have the following tiers: Client (Browsers, Applications, Applets, Mobile clients and so on), Web
(presentation tier consisting of JSP as view and Servlets as controllers), EJB (Business Tier, consisting of EJB and
supporting classes), EIS Integration (Java classes that integrate to the Enterprise Information System tier) and finally
the EIS tier (relational databases, XML databases, ERP systems and so on.) Hence choices A, B, D and E are all valid
J2EE application tiers and therefore incorrect.




215      Which of the following are true about client/server based applications?

A        Clients are typically used for data presentation, validation and for processing business logic.
B        Most client/server applications follow the Model2 architecture as opposed to n-tier applications that follow
Model3.
C        In client/server applications, the client normally consists of the view, controller and parts of the model.
D        In typical client/server applications, the presentation tier (windows) generally talks to controller (a data
dispatcher), which then talks to objects that represent the enterprise data.
E        Client/server applications generally have fat clients and sometimes, fat servers as well. Hence both the client
and the server could offer portability problems.

Choices A, C and E are correct.

In 2-tier applications, clients are typically used for data presentation, validation of user inputs and processing of
business logic. Hence choice A is correct.
If you compare the functions performed by the client with the MVC pattern, the client performs the duties of the view,
the controller and parts of the model. The client interacts with the database and retrieves data. This data is then
assembled into the required view. For example, a window that shows all orders taken in 1 day sorted by the customer
number. The client thus acts as the view in MVC.
When some search criteria is entered and the user presses a button to retrieve necessary data, the client appropriately
dispatches the request to the database interaction object that retrieves the necessary data. Here the client acts as the
controller.
Most database interaction is encapsulated in a set of database access objects. These objects perform business rules
processing. Here the client performs the job of the MVC model. Some logic is also encapsulated on the server side via
triggers and stored procedures. Hence it is possible that the database also performs some model tasks in 2-tier
applications. Hence choice C is correct.
Client/server applications frequently suffer from fat clients or fat servers or a combination of both. This is because
either all the logic is coded in the client (4GL scripting language) or all the logic is coded on the server (through stored
procedures and triggers) or a combination of both. This results in poor portability of such applications. Hence choice E
is correct.
Choice B indicates that 2-tier applications follow Model2 architecture whereas n-tier applications follow Model3
architecture. This is untrue, because it is n-tier applications that normally follow the Model2 architecture. Hence choice
B is incorrect.
Although object oriented client/server platforms may offer the tools to decouple windows and database interaction
objects that is not a normal feature in 2-tier applications. Hence choice D is incorrect.




216      In n-tier models, which tier is best suited for implementing the view, and controller components of an MVC
application?

A        Client Tier
B        Web Tier
C        MVC Tier
D        Business Tier
E        EIS Integration Tier
F        EIS Tier

Choice B is correct.

n-tier models typically follow a Model2 architecture where each tier has specific responsibilities. The view and most of
the controller components are generally placed in the Web Tier (note: in some Model2 architectures, some controller
components are also placed in the business logic tier.) Hence choice B is correct.
Choice A is incorrect because the client tier is not responsible for the view and controller objects. Choice C is incorrect
because there no such tier as MVC tier. Choices D, E and F are incorrect because none of them hold the view
components (although some controller components may be present in the Business logic tier.)




217      Which of the following are not service level requirements that affect software architecture?

A        Detailed Design
B        Performance
C        Reliability
D        Training
E        Availability
F        Security
G        Design Patterns

Choices A, D and G are correct.

Service level requirements (Cade 6) or Quality of Service (QoS) requirements are those that are needed by an
application to satisfy the business requirements of a system. Performance, Scalability, Reliability, Availability,
Extensibility, Maintainability, Manageability and Security are Non-functional service level requirements. While
choices A and D illustrate important aspects of a software project, they are not considered QoS requirements. Although
choice D describes a best practice that is frequently used by good designers, it too is not a Service level requirement.
Hence choices A, D and G are correct.
Performance, Reliability, Availability and Security are service level requirements and therefore choices B, C, E and F
are incorrect.
218      Which of the following UML diagrams may be best suited for a Business Analyst?

A        Deployment
B        Class
C        Use Case
D        Activity
E        Collaboration
F        Sequence

Choice C is correct.

Use Case diagrams (Cade 43)"show a set of use cases and actors and their relationships. Use Case diagrams show the
static view of a system. These diagrams are especially important in organizing and modeling the behaviors of a
system." Use case diagrams are frequently used by Business Analysts to capture business requirements of a system.
Choice C is therefore correct.
Deployment diagrams (Cade 50)"show the configuration of run time processing nodes and the components that live
within these nodes. Deployment diagrams address the static view of the architecture." Architects frequently use
deployment diagrams. Choice A is therefore incorrect.
A class diagram (Cade 44)"shows a set of classes, interfaces and collaborations and their relationships…Class diagrams
address the static design view of a system." Software designers frequently use class diagrams. Choice B is therefore
incorrect.
Activity diagrams (Cade 48)"are a special kind of state chart diagram that show the flow from activity to activity within
the system. This type of diagram is important in modeling the function of a system and emphasizing the flow of control
among objects." Designers and Developers frequently use Activity diagrams. Hence choice D is incorrect.
A Collaboration diagram (Cade 46)"is an interaction diagram that emphasizes the structural organization of objects that
send and receive messages." Designers and developers frequently use Interaction diagrams. Choice E is therefore
incorrect.
Sequence Diagrams (Cade 46) are"interaction diagrams that emphasize the time ordering of messages." Interaction
diagrams address the dynamic view of a system and are frequency used by designers and developers. Hence choice F is
incorrect.




219     Since a dependency exists between two packages if a dependency exists between any two classes in the
packages, it can be deduced that all package dependencies are transitive in nature. True/False?

A        True
B        False

Choice B is correct.

Package Diagrams (Fowler 108)"show packages of classes and the dependencies among them A dependency exists
between two elements if changes to the definition of one element may cause changes to the other…A dependency
between two packages exists if any dependency exists between any two classes in the packages…With packages
dependencies are non-transitive." The question makes an argument that all package dependencies are transitive in
nature, which is false. Hence choice B is correct.
    220       Refer to the exhibit for the following question.



In the diagram, the initialization call 1.1.1 is made by:




A         The Session Facade Object
B         The Acct Object
C         The AcctWebImpl Object

Choice C is correct.

The diagram shows a Collaboration Diagram (Collaboration diagrams are Interaction diagrams and they address the
dynamic view of a system. They emphasize on the structural organization of objects. Read the SCEA for J2EE Study
Guide for more information.)
1.1.1   Represents an initialization method called by the value object AcctWebImpl on itself upon construction.




221      Megasoft Corporation has a old application that uses a legacy database. Recently Megasoft made a decision to
develop the front-end code for the application using the Java Applet technology. At this time however, Megasoft is not
interested migrating its data to a relational database. In the order of importance, which of the following may be the best
approach to connect to the legacy database.

A       JDBC-Bridge, Database Middleware, JDBC
B       Database Middleware, JDBC-ODBC bridge, JDBC
C       JDBC, Database Middleware, JDBC-ODBC bridge
D       JDBC, JDBC-ODBC Bridge, Database Middleware
Choice D is correct.

Updating the data storage tier (Jaworski 532.) "If the data storage tier of a legacy system utilizes a relational database
system, JDBC may be used to provide connectivity to legacy databases. In most cases, legacy databases will not
support a pure JDBC driver. If the existing system provides ODBC support, the JDBC-ODBC Bridge can be used. If
the database uses custom drivers, it might be possible to find database middleware that supports the custom driver and
either an ODBC or JDBC interface." It is therefore preferable to try for pure JDBC driver support, failing which one
may opt for a JDBC-ODBC Bridge. If that too is not possible, then a database middleware may be used. Choice D is
therefore correct.
Although choices A, B and C give the same three alternatives, they are in incorrect orders of preference. Hence choices
A, B and C are incorrect.




222      Michael Fell runs a computer assembly company. He purchases parts from a wholesale parts distributor. Fell
has a legacy application to track purchases of parts and sale of computers. Although the current system is very
inflexible, the GUI is not very tightly coupled to the business layer. As an architect, what medium to long-term solution
would you offer, given that Fell does not want to do away with his entire application yet?

A        Use Screen Scraping and Off-board server to provide information to a Java based application.
B        Refactor the legacy code to make it flexible.
C        Rewrite the inflexible parts of the application alone using Servlets
D        Decouple the existing front-end and replace it with a J2EE based solution
E        Replace the inflexible parts with a flexible ERP solution

Choice D is correct.

The key in this question is that the GUI is not very tightly coupled to the business layer. This means that the GUI can
be decoupled form the system fairly easily. Further, the question asks for a medium to long-term solution. Thus in this
case, using a J2EE based front-end may be preferable. Hence choice D is correct.
The use of screen scrapers may have been the best short-term solution. However it is certainly not the best medium to
long-term approach. Hence choice A is incorrect.
Code re-factoring is not an alternative here. The question does not say anything about what the legacy system is written
in and whether is easy to modularize its code. Hence choice B is incorrect.
The question only mentions about changing the GUI. They are not looking to rewrite all inflexible parts of the system.
Hence choice C is incorrect.
Choice E is incorrect because it refers to replacing all inflexible parts of the system. Further there is no indication
anywhere in the question that an ERP solution might make it more flexible.

223      Which design pattern can be used to create a family of dependent objects?

A        Factory Method
B        Prototype
C        Builder
D        Abstract Factory
E        Singleton

Choice D is correct.

Abstract Factory (GOF 87)"Provide an interface for creating families of related or dependent objects without specifying
their concrete classes." Hence choice D is correct.
Factory Method (GOF 107)" Define an interface for creating an object, but let subclasses decide which class to
instantiate. Factory method lets a class defer instantiation to subclasses." Hence choice A is incorrect.
Prototype (GOF 117)" Specify the kinds of objects to create using a prototypical instance, and create new objects by
copying this prototype." Hence choice B is incorrect.
Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction
process can create different representations." Hence choice C is incorrect.
Singleton (GOF 127)" Ensure a class only has one instance, and provide a global point of access to it." Hence choice E
is incorrect.
224       Pensacola, a Florida based soda company has just started operations in Dallas, TX to counter competition from
Dr. Pepper. Pensacola believes that using a J2EE based application will put them ahead of the competition. Their new
architect is suggesting that Session Beans be used to provide a unified interface to the Entity Beans in the system. The
use of session beans here illustrates the use of what design pattern?

A        Flyweight
B        Proxy
C        Faade
D        Decorator
E        Adapter
F        Bridge

Choice C is correct.

Fa ade (GOF 185)"Provide a unified interface to a set of interfaces in a subsystem."
The following is taken from:
http://java.sun.com/blueprints/corej2eepatterns/Patterns/SessionFacade.html
"Use a session bean as a facade to encapsulate the complexity of interactions between the business objects participating
in a workflow. The Session Facade manages the business objects, and provides a uniform coarse-grained service access
layer to clients." Hence choice C is correct.
Flyweight (GOF 195)"Use sharing to support large numbers of fine-grained object efficiently." Hence choice A is
incorrect.
Proxy (GOF 207)"Provide a surrogate or placeholder for another object to control access to it." Hence choice B is
incorrect.
Decorator (GOF 175)"Attach additional responsibilities to an object dynamically. Decorators provide a flexible
alternative to subclassing for extending functionality." Hence choice D is incorrect.
Adapter (GOF 139)"Convert the interface of a class into another interface clients expect. Adapter lets classes work
together that couldn't otherwise because of incompatible interfaces." Hence choice E is incorrect.
Bridge (GOF 151)"Decouple an abstraction from its implementation so that the two can vary independently." Hence
choice F is incorrect.




225       One of the advantages of using Stateless Session Beans is that they are lightweight objects and do not have
conversational state overheads. Further, the container swaps these bean instances in and out of the bean pool to
appropriately manage resources. This allows the container to use fewer instances of the bean to service a larger number
of clients. What design pattern is being illustrated here?

A        Decorator
B        Factory
C        Faade
D        Flyweight
E        Visitor

Choice D is correct.

Flyweight (GOF 195)"Use sharing to support large numbers of fine-grained object efficiently." Here the container uses
fewer instances of Stateless Session Beans to service a larger number of clients. Hence choice D is correct.
Decorator (GOF 175)"Attach additional responsibilities to an object dynamically. Decorators provide a flexible
alternative to subclassing for extending functionality." Hence choice A is incorrect.
Factory Method (GOF 107)" Define an interface for creating an object, but let subclasses decide which class to
instantiate. Factory method lets a class defer instantiation to subclasses." Hence choice B is incorrect.
Facade (GOF 185)"Provide a unified interface to a set of interfaces in a subsystem." Hence choice C is incorrect.
Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you
define a new operation without changing the classes of the elements on which it operates." Hence choice E is incorrect.




226      You can traverse through the elements of many Java Collection objects because they provide a way to access
their elements sequentially. What design pattern is used here?

A        Visitor
B        Observer
C        Builder
D        Iterator
E        Proxy
F        Decorator

Choice D is correct.

Iterator (GOF 257)"Provide a way to access the elements of an aggregate object sequentially without exposing its
underlying representation." Hence choice D is correct.

Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you
define a new operation without changing the classes of the elements on which it operates." Hence choice A is incorrect.
Observer (GOF 293)"Define a one-to-many dependency between objects so that when one object changes state, all its
dependents are notified and updated automatically." Hence choice B is incorrect.
Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction
process can create different representations." Hence choice C is incorrect.
Proxy (GOF 207)"Provide a surrogate or placeholder for another object to control access to it." Hence choice E is
incorrect.
Decorator (GOF 175)"Attach additional responsibilities to an object dynamically. Decorators provide a flexible
alternative to subclassing for extending functionality." Hence choice F is incorrect.




227      Compact Computers is a small computer assembly company. Any customer currently has the following
choices for a PC:

(i)      800 MHz processor, 40 GB HDD, 128 MB RAM
(ii)     1 GHz processor, 60 GB HDD, 256 MB RAM
(iii)    1.2 GHz processor, 80 GB HDD, 512 MB RAM

The use of what design pattern would ensure that only the legal combinations could be sold?

A        Factory Method
B        Builder
C        Prototype
D        Abstract Factory
E        Singleton

Choice D is correct.

This question needs you to apply your knowledge of design patterns. We are dealing with families of related objects.
Abstract Factory (GOF 87)"Provide an interface for creating families of related or dependent objects without specifying
their concrete classes."
The applicability section of Abstract Factory (GOF 88) indicates that this pattern is to be used when:
          A system should be configured with one of multiple families of products
          A family of related product objects is to be used together and the constraint needs to be enforced.
Hence Abstract Factory is the right pattern for this problem. Choice D is therefore correct.
Factory Method (GOF 107)" Define an interface for creating an object, but let subclasses decide which class to
instantiate. Factory method lets a class defer instantiation to subclasses." Hence choice A is incorrect.
Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction
process can create different representations." Hence choice B is incorrect.
Prototype (GOF 117)" Specify the kinds of objects to create using a prototypical instance, and create new objects by
copying this prototype." Hence choice C is incorrect.
Singleton (GOF 127)" Ensure a class only has one instance, and provide a global point of access to it." Hence choice E
is incorrect.




228      Inaccu Weather has a web site where people can check the weather forecast of a city for up to five days in
advance. The data comes to Inaccu Weather through a specialized custom feed that directly updates a relational
database. If the company can expect between fifty to hundred concurrent hits in to their site, which of the following
Java based technologies may be best suited for their needs?

A        Servlets and JSP for presentation and Session Beans with DAO for retrieval.
B        Servlets and JSP for presentation and CMP Beans for retrieval
C        Servlets and JSP for presentation and BMP Beans for retrieval
D        Applets for presentation and either Entity or Session Beans for retrieval
E        Servlets and JSP for presentation with Java classes encapsulating all database access.

Choice E is correct.

The key points are:
Low traffic that this site will be encountering
The fact that the data is not modified through the site. All database access is going to be for simple read-only data.
From these points we can summarize that the use of EJBs will be overkill for such a simple application. However you
still do not want to embed data access logic directly into Servlets, as that would not be a very modular approach. Hence
use Servlets and JSP for presentation and Java classes to encapsulate interactions with the database. Choice E is
therefore correct.
While choice A is a straightforward Model2 technique for this system, the use of EJB is not required here. Hence
choice A is incorrect. Note that if the traffic becomes much higher and they wish to migrate to an EJB solution, choice
A would become the best candidate.
We have discussed that the use of EJB is not necessary for this application. Further there is no concurrent use of shared
data. Hence Entity beans are definitely not the ideal choice. Choice B and C are therefore incorrect.
Choice D indicates the use of Applets and EJB. Applets are best used when better GUI capability is required. In this
example, JSP is a perfectly good solution. In any case, this choice refers to the use of EJB (already discussed as extra
baggage for this problem.) Hence choice D is incorrect.




229      Toysrfuss, a national toy store is creating a new e-front for Order processing. Customers have to create an
account to transact with them, although an account is not required for browsing the catalog. Customers can browse
items and add them to a shopping cart. They can then proceed to checkout. At this time, they can update quantities and
submit the order. What technologies may be best suited for this application?
A        JSP for presentation and Servlets as controllers.
B        Servlets for presentation and JSP as controller.
C        Stateless Session Bean for Shopping cart
D        Stateless session bean for catalog retrieval.
E        Stateful Session bean for shopping cart.
F        Stateful session bean for Order update.
G        Entity bean for Catalog retrieval
H        Entity bean for Order update.

Choices A, D, E and H are correct.

The use of JSP for presentation and Servlets for controllers is consistent with the Model 2 approach. Hence A is a right
choice.
Choice B is the opposite of choice A and therefore incorrect.
Choice C is incorrect because it is suggesting the use of a Stateless Session bean for the management of the shopping
cart. Since stateless beans do not maintain any conversational state, they cannot be used for this purpose.
The use of a stateless session bean for catalog retrieval is consistent with the Model 2 architecture and a recommended
best practice. Choice D is therefore correct.
Stateful Session Beans hold conversational state. Hence the management of a shopping cart is a good example of their
use. E is therefore correct.
Stateful Session beans are not very useful for updating order information. F is therefore incorrect.
Entity beans for catalog retrieval are overkill because Entity beans are best used when shared data is being concurrently
accessed or heavy transactional DML statements are required. G is therefore incorrect.
Entity beans represent the enterprise data of a system and perform specialized DML operations like inserts, deletes and
updates. They would be perfect for updating order information. H is therefore a correct choice.




230      Of the following scenarios, which one may be best suited for the use of Entity Enterprise Beans?

A        Calculation of tax information, based on data retrieved by two other Entity Beans
B        To maintain shopping cart state for an online application
C        To retrieve product catalogs based on a search criteria
D        To allow concurrent access to shared data, as in the case of on an online auction house's application.

Choice D is correct.

While Entity beans model business concepts, usually persisted as records in some kind of database, it is not necessary
to use Entity beans every time you interact with the database. In fact from a performance point of view, simple selects
and retrieval can be just as easily done using Session Beans with Data Access Objects (DAO.) Entity Beans are best
used when you are dealing with concurrent access to shared data, where transactions, concurrency and integrity play a
vital role. Hence choice D is correct.
Choice A refers to using existing data and performing some calculation on it. This can be best achieved through a
Stateless Session Bean. Hence choice A is incorrect.
Choice B talks about maintaining conversational state. This is best dome with Stateful Session Beans. Hence choice B
is incorrect.
Retrieval of product catalogs is a simple query. Again this can be done through Stateless Session Beans and DAO.
Hence choice C is incorrect.
231      Most EJB servers show high degree of availability. Server clusters are an example of how this is functionality
is achieved. What key advantages might server clusters offer in an EJB environment?

A        Load distribution
B        Location transparency
C        Caching capability

D        Load balancing capability
E        2PC (Two phase commit) capability

Choices A and D are correct.

Server clusters increase availability and redundancy in a system. They also provide fault tolerance. With clusters,
requests can be distributed so that multiple servers share the load. Some servers may also offer the sophistication to
determine which servers are under utilized so that load can be balanced. Hence choices A and D are correct.
Location Transparency is achieved through Object Distribution. This is a feature of all distributed systems. Hence
choice B is incorrect.
Various vendors may offer a variety of tools for better resource management. Caching may be one such capability. It
has nothing to do with a multi-server environment though. Hence choice C is incorrect.
Two phase commit (2PC) may be a feature offered by many J2EE vendors for addressing distributed transactions.
Again this is not a feature of server clustering. Hence choice E is incorrect.




232      Status Quo is an emerging B2C company that has a portal through which customers can purchase clay jewelry.
Since the order process involves a shopping cart, session management and secure access are required. How would you
manage this?

A        Use HTTP since it is a stateful protocol
B        Use HTTPS since it is a stateful protocol
C        Use SOAP for state and security management.
D        Use CGI with cookies for state management.

Choice B is correct. HTTPS is a secure and stateful protocol.

Choice A is incorrect because HTTP is inherently stateless.
Choice C is incorrect because SOAP is an RPC mechanism, not a state management mechanism.
Choice D is incorrect because CGI programs are server side processes (comparable to Java Servlets.) They do not
manage session state.




233      Chocolat, an exotic chocolate maker in France is planning to provide an e-front for chocolate sales. FedEx
would ship the packages to various national and international locations. In order to customize the customer's interaction
with the system and to make his / her overall shopping experience more pleasant, Chocolat has decided to support
Internationalization.

What are some of the common things they would need to consider?

A        Language for messages.
B        Formats (numeric, date and so on.)
C        DMZ requirements
D        Taxes and legal rules.
E        RSA
F        MD5

Choices A, B and D are correct.

This question deals with Internationalization. Language for messages, formats (numbers, date and so on), taxes and
legal rules are all subject to Internationalization. Hence A, B and D are correct.
Choice C refers to a security mechanism where a demilitarized zone is created between two firewalls and is irrelevant
to I18N. RSA and MD5 are security terminology used with cryptography. Therefore choices E and F are incorrect.




234      A sample program ships with 2 properties files - Base.properties, Base_fr.properties. If the current Locale,
Locale.ENGLISH has no matching properties file, what will happen when the ResourceBundle.getBundle method is
called with 'Base' and Locale. English as parameters?

A         Since a matching properties file is not found, an exception is thrown
B         This would not pose a problem because when a matching properties file is not found, the default properties file
is used instead.

Choice B is correct.

When the getBundle() method is called on ResourceBundle, it checks to see if a class or property file is available for
the base parameter's current locale. If neither is available, it uses the default. In this case Base.Properties will be used.
Hence choice B is correct.



235      What is a Demilitarized Zone (DMZ)?

A        The logical separation of tiers in a J2EE application. Example: the separation between the Web Tier and the
EJB Tier
B        The logical separation of layers in a J2EE application. Example: The separation between the Operating System
and the EJB Container.
C        A type of protection offered by proxy firewalls, currently only available to the U.S armed forces under
National Security laws.
D        The region between two firewalls

Choice D is correct.

Demilitarized Zone (DMZ) is an area between two firewalls. The outer firewall lets requests to publicly accessible
services in. It will reject all other requests. The inner firewall will protect the company's internal network and prevent
requests coming into the DMZ from passing through it. Choice D is therefore correct.
Choices A, B and C are all incorrect.



236        ScreamWorks, a cinema multiplex, has a website from which you may download signed applets with the latest
trailers, show timings and so on. The Applet works on Java 1.3 or higher. The applet needs to write user preferences to
a temp file in the host machine (where it is being executed). Is that possible? Note that the client has defined a
usePolicy and the java.policy has granted no persmissions for the applet
A       Applets cannot be used here because even signed applets are untrusted if the necessary permissions are not
granted
B       The sandbox model does not apply to signed applets. Hence this will pose no problem.

Choice A is correct.

This question expects you to be familiar with the changes in the Java 2 Security model. In JDK1.2 and higher, all code
local and remote can be subjected to a security policy. By default, remote code will be constrained to the old Sandbox
model. However if a policy file is created with grant privileges, an applet will be restricted to the grants whether or not
it is signed. Hence choice A is correct.




237      Which of the following are valid methods in Entity EJBs?

A        ejbActivate()
B        observe()
C        ejbRetrieve()
D        ejbStore()
E        ejbDestroy()
F        ejbRemove()

Choices A, D and F are correct. Entity Beans are subject to activation and Passivation. The container informs the bean
that the bean is about to be passivated or activated through the two callback methods - ejbPassivate() and ejbActivate().
EjbStore() is a callback method used during database synchronization. EjbRemove() is called when the client wishes to
remove the data the bean represents, from the database. Hence choices A, D and F are correct.
EjbSave(), ejbRetrieve() and ejbDestroy() are not valid methods for EJBs. Hence choices B, C and E are incorrect.




238    What does the term Atomicity mean in the context of ACID transactional properties and Enterprise Java
Beans?



A        Integrity of underlying data
B        Non Interference from other processes or systems
C        Complete execution or no execution at all
D        Maintenance of all data changes in physical storage

Choice C is correct.

Atomicity (Monson-Haefel 2nd edition 275)"To be atomic, a transaction must execute completely or not at all." Hence
choice C is correct.
Choice A refers to 'Consistency.' Hence it is incorrect.
Choice B refers to 'Isolation.' Hence it is incorrect.
Choice D refers to 'Durability.' Hence it is incorrect.



239      Which of the following statements about 'Not Supported' and 'Never' transactional attributes are true?
A      Not Supported' suspends any transaction until the method is completed whereas 'Never' throws a
RemoteException when called with a transaction.
B      Never' suspends any transaction until the method is completed whereas 'Not Supported' throws a
RemoteException.
C      If the method is called without any transactional scope, both attributes will work identically.
D      If the method is called with a transactional scope, both attributes will work identically.

Choices A and C are correct.

Choice A describes how the transactional attributes 'Not Supported' and 'Never' work. A is therefore correct.
B is the inverse of A and therefore incorrect.
C describes a situation where a method with transactional attribute 'Not Supported' or 'Never' is called without a
transactional scope. In this case they both behave identically. Choice C is therefore correct.
Choice D indicates that under both circumstances the method will execute identically. This is incorrect because a
'Never' method will throw a 'RemoteException' if called with a transaction. D is therefore incorrect.




240       EJB1.1 has support for undefined Primary Keys. This means that the Primary Key can be undefined until
deployment time. When we use defined Primary Keys, the Bean class and the Interfaces use the BeanPK type to
identify the key.

What do the Bean class and the Interfaces refer to in the case of undefined Primary Keys?


A        Though the Primary Key itself can be undefined, its name must be predetermined. The Bean class and the
Interfaces use this name.
B        An instance of java.util.Enumeration
C        An instance of java.lang.Class
D        An instance of java.lang.Object

Choice D is correct.

EJB 1.1 has support for undefined Primary Keys, which means that they can be deferred until deployment time. When
undefined Primary Keys are used, the Bean class and its interfaces can refer to the undefined key using
java.lang.Object.
Choice A gives some incorrect information to throw you off.
Choices B and C are incorrect because you cannot use java.lang.Enumeration or java.lang.Class for referring to
undefined Primary Keys.




241      Which of the following statements is true about DNS Round Robin?

A        It considers actual load on machines before routing requests.
B        It uses a random generator to decide which server to route a request to.
C        It routs requests to one server until a configured threshold is reached and then sends subsequent requests to the
next server.
D        Each Request is sent to subsequent server in the list, after the end is reached it starts with the first server again.

Choice D is correct.
DNS Round Robin is a method is load distribution by which a set of servers is allowed to process incoming requests in
sequence. The first request goes to the first server, the second to the second server and so on. When the end is reached,
the next request starts from the first server again. Hence choice D is correct.

Note that DNS Round Robin is a good load distribution technique, not a load balancing technique. Since requests get
processed sequentially in DNS Round Robin, the current load on a server is not taken into account before a new request
is delegated to a server. In load balancing techniques however, the load on individual servers is monitored before
additional requests are sent to them. Hence choice A is incorrect.

DNS Round Robin allows servers to process requests sequentially, not in a random fashion. Hence choice B is
incorrect.

With load balancing techniques, a load monitor may check for the current load on a primary server before deciding to
delegate subsequent requests to another server. This is not true of DNS Round Robin though. Hence choice C is
incorrect.




242      Generally speaking what is the relevance between Performance and Security?

A        They are not related to each other in any way t 4High Security generally results in high performance
B        High performance is a pre-requisite for secure systems
C        Security and Performance are inversely proportional
D        Low performance systems cannot be secure

Choice D is correct.

One of the key aspects of security is encryption and decryption of data. Data encryption ensures that sensitive data will
be protected against eavesdropping and tampering. A concept called 'cryptography' is used for accomplishing this. The
two popular types of cryptography are 'Public Key Cryptography' or 'Asymmetric Key Cryptography' and 'Symmetric
Key Cryptography.' In both forms, a combination of Cryptographic algorithms (ciphers) and hashing algorithms protect
the data from intruders. The data is decrypted at the receiver's end and becomes intelligible again. All this work results
in extra overheads. Hence generally increased security results in a lower performance. Choice D is therefore correct.

Higher security results in lower performance. Hence choices A and B are incorrect.

A high performance is not a technical pre-requisite for secure systems although it may be a good idea to increase
performance wherever possible to offset the performance loss due to higher security. Hence choice C is incorrect.

Many poorly engineered secure systems exhibit poor performance. Hence choice E is incorrect.




243      Refer to the following diagram:
In the above diagram:

A        A has an association relationship with C
B        C has an association relationship with A
C        A has a composition relationship with C
D        C has a composition relationship with A
E        A has an aggregation relationship with C
F        C has an aggregation relationship with A

Choice E is correct.

Aggregate relationship in UML is denoted with an open diamond on one side of an association relationship. In the
above diagram, class A has an aggregate relationship with Interface C. Generally this means that at runtime, class A
will hold a reference to an object that implements Interface C. Hence choice E is correct.

The interface C does not have an association, aggregation or composition relationship with class A. Choices B and D
and F are therefore incorrect.

If class A had a solid diamond instead of an open diamond, it would have represented a composition. Hence choice C is
incorrect.




244      Refer to the following exhibit:
The above diagram is an example of:


A        Object Interaction Diagram
B        Collaboration Diagram
C        State Diagram
D        Sequence Diagram
E        Activity Diagram

Choice D is correct.

The diagram shown above represents a Sequence diagram. A sequence diagram is an interaction diagram that shows the
time ordering of events. Choice D is therefore correct.




245      CORBA specification does not provide support for which of the following?

A        Naming Service
B        Container managed Persistence
C        Security
D        Transaction Service
E        Event (Asynchronous Messaging)
F        Concurrency Control

Choice B is correct.

CORBA does not provide support for 'Container Managed Persistence.' CMP is a concept only supported by the EJB
specification. Hence choice B is correct.

CORBA has support for Naming, Security, Transactions, Events and Concurrency control. Hence the other choices are
incorrect.
246      Company ABC has a legacy application that can be accessed via CORBA. The company wants to integrate
new Java based development with the existing legacy services. At this time no new services are planned. If the legacy
application were primarily to be used as a CORBA server, which connectivity option would you recommend?

A        RMI-JRMP
B        RMI with JNI
C        Java IDL
D        RMI-IIOP
E        HTTP tunneling

Choice C is correct.

The key here is that the existing legacy system supports a CORBA interface and no new services are being currently
planned. If Java code is primarily going to access CORBA services, the recommended connectivity tool is Java IDL.
Java IDL gives Java code CORBA capability. Hence choice C is the correct answer.

RMI-JRMP should be used when dealing with distributed applications, all written primarily in Java. Hence choice A is
incorrect.

The question does not specify anything about the legacy code's JNI capability. However it specifically mentions about
CORBA compatibility. Hence choice B is incorrect.

RMI-IIOP is the protocol used with EJB. The legacy system is coded with a CORBA interface and the question
mentions that no new coding is anticipated. So EJBs are not a good choice for this problem. Hence choice D is
incorrect.

When you wish to communicate with a system whose firewall does not permit requests of a certain protocol, the
requests are sometimes masqueraded as HTTP requests. This concept is called HTTP tunneling. Hence choice E is
incorrect.




247      Which of the following defines a standard architecture for connecting the J2EE platform to heterogeneous EIS
applications?

A        J2SE
B        Java Web Start
C        JDBC
D        JMS
E        JCA

Choice E is correct.

The following is taken from:
http://java.sun.com/j2ee/connector/

"The J2EE Connector architecture provides a Java solution to the problem of connectivity between the many
application servers and EISs already in existence. By using the J2EE Connector architecture, EIS vendors no longer
need to customize their product for each application server. Application server vendors who conform to the J2EE
Connector architecture do not need to add custom code whenever they want to add connectivity to a new EIS." Hence
choice E is correct.

J2SE is a platform that provides"the compiler, tools, runtimes and APIs for developing, deploying and running applets
and applications in the Java programming language." Hence choice A is incorrect.
The following is taken from:
http://java.sun.com/products/javawebstart/

"Java TM Web Start -- a technology for simplifying deployment of Java applications-- gives you the power to launch
full-featured applications with a single click from your Web browser. You can now download and launch applications,
such as a complete spreadsheet program or an Internet chat client, without going through complicated installation
procedures." Hence choice B is incorrect.

The following is taken from:
http://java.sun.com/products/jdbc/

"JDBCTM technology is an API that lets you access virtually any tabular data source from the Java TM programming
language. It provides cross-DBMS connectivity to a wide range of SQL databases, and now, with the new JDBC API, it
also provides access to other tabular data sources, such as spreadsheets or flat files.

The JDBC API allows developers to take advantage of the Java platform's "Write Once, Run Anywhere TM"
capabilities for industrial strength, cross-platform applications that require access to enterprise data. With a JDBC
technology-enabled driver, a developer can easily connect all corporate data even in a heterogeneous environment."
Hence choice C is incorrect.

The following is taken from:
http://java.sun.com/products/jms/

"The JMS API improves programmer productivity by defining a common set of messaging concepts and programming
strategies that will be supported by all JMS technology-compliant messaging systems." While you may be able to
communicate with EIS systems using JMS (if the EIS supports JMS), it is not a standardized architecture for
connecting to heterogeneous EIS applications. Hence choice D is incorrect.




248      Which of the following methods is optional in the Home Interface of an Entity Bean?

A        Create()
B        FindByPrimaryKey()
C        Remove()
D        None of the above

Choice A is correct.

Sometimes when you do not want the clients of an EJB application to add data to your system, you may choose not to
provide a create method in the Home Interface of the Enterprise bean. The create method is therefore optional. Hence
choice A is correct.




249      The Bean class provides implementations for which of the following methods?

A        Methods in the Bean's Home Interface
B        Methods in the Bean's Remote Interface
C        EJB Callback methods
D        A, B and C
E        A and B
F        A and C
G        B and C

Choices A, B and C are correct.

The Bean class has implementations for the methods corresponding to the methods in the Home and Remote Interfaces,
and the bean's callback methods. Hence choice D is correct.




250      Which of the following statements is true about Stateful Session Beans?

A        They leave Method Ready Pool state to enter Does not Exist State.
B        They leave Method Ready state to enter Stateful State.
C        They leave Method Ready state to enter Passivated or Does not Exist state.
D        They never leave the Method Ready state.

Choice C is correct.

The valid lifecycle states of a Stateful Session Bean are Does Not Exist, Method Ready, Method Ready (in TX) and
Passive. The Bean instance leaves the Method Ready state to enter the Passive State (through Passivation) or the Does
Not Exist State (through removal). Hence choice C is correct.

Method Ready Pool is not a valid state for Stateful Session Beans because the specifications do not mandate the
container to maintain a bean pool for Stateful Session Beans. Note that some containers may internally use some kind
of pooling mechanism for achieving higher performance. Hence choice A is incorrect.

There is no Stateful State in the lifecycle of a Stateful Session Bean. Choice B is therefore incorrect.

Stateful Beans leave the Method Ready State to enter Does not Exist or Passive State. Hence choice D is incorrect.




251      A session bean called SomeBean has a method called someMethod(), which calls someOtherMethod (same
bean) followed by someOtherBeanMethod() of SomeOtherBean. If SomeMethod() starts a BMT transaction, which of
the following are true?

A      SomeOtherMethod also has to be use BMT since it's part of the same bean.
B      SomeOtherMethod can use BMT or CMT, because transactions are defined at the method level in the
deployment descriptor.
C      If SomeOtherBean is a Session Bean, it has to necessarily use BMT since the caller is a BMT method.
D      If SomeOtherBean is a Session Bean, it may use either BMT or CMT.
E      If SomeOtherBean is an Entity Bean, it may use either BMT or CMT.
F      If SomeOtherBean is an Entity Bean, it must necessarily use only CMT.

Choices A, D and F are correct.
A Bean may be defined as either a BMT bean or a CMT bean. One cannot have some methods of a bean participating
in Container Managed Transactions and other methods participating in Bean Managed Transactions. Hence choice A is
correct.

Session Beans may either be defined as CMT beans or BMT beans whereas Entity beans can only be CMT beans.
Hence choices D and F are correct.

The same bean cannot have both BMT and CMT transaction management. Hence choice B is incorrect.

SomeOtherBean is a different Bean. It may either be defined as a BMT bean or a CMT bean. Just because the calling
bean is in a BMT transaction, all the other beans do not have to be BMT beans as well. Hence choice C is incorrect.

Entity Beans can only be CMT beans. Hence choice E is incorrect.




252       In EJB 1.1 the EJB timeout property may be added to the Bean's deployment descriptor for easier declarative
life cycle management. True/False?

A       True
B       False

The above statement is False.

In EJB 1.0, the timeout period was specified in the deployment descriptor and defined as number of seconds. Between
two business method invocations, the timer was reset. In EJB 1.1 however, the deployer is allowed to set the timeout in
a vendor dependent manner. Hence the above statement is false.




253      A B2C company uses J2EE based technologies for its e-commerce storefront. In order to increase scalability
and availability they plan to add capacity to their existing server and also add a new server. Which of the following
statements are true?

A        Adding capacity will improve scalability, as more memory would allow better bean pooling.
B        Adding a server would be difficult, as EJB servers cannot span multiple physical machines.
C        The proposal not does address horizontal scalability.
D        The proposal addresses both vertical and horizontal scalability.
E        Adding a server to the system would be easy as EJB vendors generally support fault tolerant mechanisms via
server clustering.

Choices A, D and E are correct.
The proposal to add capacity and an additional server address the issue of scalability. Adding capacity is an example of
Vertical Scalability and adding a new server is an example of Horizontal Scalability. Additional servers also improve
availability because of redundancy and fault tolerance. Hence choices A, D and E are correct.

Most J2EE vendors provide multi-server support. Hence choice B is incorrect.

Adding a new server is an example of Horizontal scalability. Hence choice C is incorrect.




254    Company ABC Inc. has an existing J2EE application that provides an EJB interface. ABC Inc. is writing a
new J2EE based application for enhanced MIS reporting. Which of the technologies listed below would be ideal for
this?

A        RMI/JRMP with JNI
B        Java IDL
C        RMI / IIOP
D        JMS

Choice C is correct.

The key here is that ABC Inc. is using a primarily EJB based application. The protocol used in EJB is RMI-IIOP.
Hence choice C is correct.

The question clearly says that the existing application is in EJB. There is no legacy connectivity involved here. Hence
choice A is inappropriate and therefore incorrect.

Java IDL is primarily used when a majority of the code needs a CORBA interface. Since the existing code is already in
EJB, there is no need for Java IDL here. Hence choice B is incorrect.

JMS is useful when you want to send messages to other applications asynchronously via a Message Oriented
Middleware. Hence option D is incorrect as well.




255      A firewall blocks all requests except those on ports 80 and 443. IIOP requests

A        Can be processed because IIOP always works on port 80
B        Cannot be processed because port 80 belongs to a different protocol
C        Can be processed by SSL
D        Can be processed via HTTP blocking
E        Can be processed via HTTP tunneling

Choice E is correct.

Tunneling is a concept that allows requests of one protocol to masquerade as requests of another protocol, so that they
may bypass the firewall. In the case of HTTP tunneling, requests try to pass of as HTTP requests. Hence choice E is
correct.
Port 80 is the standard port for HTTP requests, not CORBA requests. Hence choice A is incorrect.

Although port 80 may be used for HTTP, that does not mean that CORBA requests cannot be processed. As it happens,
HTTP tunneling will allow CORBA requests looking like HTTP requests to pass through port 80. Hence choice B is
incorrect.

SSL stands for Secure Sockets Layer. SSL is a protocol that exists above TCP/IP and below application level protocols.
SSL does not process CORBA requests. Hence choice C is incorrect.

While firewalls may block requests of certain protocols, there is no concept called HTTP blocking. Hence choice D is
incorrect.




256      Applications exchange messages through:

A        Active channels called Networks
B        Active Channels called Message Brokers
C        Virtual Channels called Digests
D        Virtual Channels called Destinations

Choice D is correct.




257      Which of the following are true about Publish/Subscribe?

A        Subscribers receive a copy of every message.
B        It is a Pull (Polling) based model.
C        It is a push-based model.
D        It is generally used when one publisher wishes to send a message to one subscriber.

Choices A and C are correct.

In the Publish/Subscribe messaging paradigm the publisher broadcasts a message to the Message Oriented Middleware
(MOM.) The MOM then typically uses a server-push mechanism to try to push a copy of the message to every
subscriber who showed interest in the topic. Optionally a subscriber may also register as a durable subscriber, in which
case the message will have guaranteed delivery. Hence choices A and C are correct.

The Point-to-Point (P2P) model is a queue-based model where the message consumer typically polls the queue for
incoming messages. Publish/Subscribe, on the other hand is a push-based model. Hence choice B is incorrect.

Publish/Subscribe is generally used for a one to many type of communication while P2P is typically used for a one to
one communication. Hence choice D is incorrect.
258      In the Publish/Subscribe messaging architecture, publishers send messages to:

A        A specified node, which is then re-distributed to all subscribers. B  Directly to all subscribers in the Topic
subscription list.
C        A designated queue.
D        A component transaction monitor such as an EJB Server for further processing by a message driven bean.

Choice A is correct.

The Publish subscribe model of messaging is a one to many messaging paradigm where the publisher typically sends a
message to a centralized node. The node then broadcasts the message to all the topic subscribers, who have registered
their interest in the topic. This allows the publisher and the subscribers to be decoupled. Further if the subscriber is
registered as a durable subscriber, he will receive the message ultimately even if he is currently inactive. The MOM
provider can thus guarantee delivery and any Quality of Service requirements pertaining to the message delivery.

Although possible, choice B is not the ideal implementation method, because it couples publishers and subscribers.
Most MOM providers use a server process that communicates with client processes for establishing heartbeats and for
communicating messages.

Choice C is incorrect because it refers to the Point-to-Point messaging model, which is typically a one to one
communication between two parties.

Choice D is incorrect because the Message Driven Bean is a message listener. So the best use of a message driven bean
would be as a subscriber.




259      1-tier applications represent a single point of failure, although typically, changes to one part of the system do
not generally affect the whole system. True/False?

A        True
B
False

Choice B is correct.

1-tier systems represent a single point of failure. Further if any changes are made to one part of the system, typically
the whole system may be affected because of a high degree of tight coupling. Hence choice B is correct.




260      Which of the following are not true about N-Tier Systems?

A        N-Tier systems are distributed over many systems and hence always present a maintenance problem.
B        N-Tier systems are generally component based and are therefore quite easy to maintain.
C        Since N-Tier systems do not use database stored procedures or triggers for business logic processing, they are
generally very slow.
D        Since N-Tier systems are container based, many N-Tier systems can be easily scaled (both vertically and
horizontally).
E        N-Tier systems suffer from only one drawback over client/server systems - N-Tier systems do not take
advantage of resource sharing techniques such as connection pooling.
F        N-Tier systems can use various techniques for Identification, Authentication and Authorization and are
therefore considered quite secure.

Choices A, C and E are correct.

This is a discussion about the benefits vs. drawbacks of N-Tier applications. Note that the question says 'not true.'

Though N-Tier systems are distributed over many systems, when architected and designed well, they do not present
any maintenance problems. This is because they are highly modular (component-container based) and it is relatively
easy to correct problems in one tier without impacting other tiers. Therefore A is a correct choice.

N-Tier systems can also yield high performance. They can be highly optimized at each tier. Server clusters can be used
where bottlenecks are encountered, connection pools can be used by applications to acquire and release connections (a
process more effective that creation and destruction of connections) and so on. Hence choice C is a correct choice.

Though not relevant to the discussion it should be noted that putting all business rules in the database tier reduces
database portability and also violates tier encapsulation. Hence it is not considered a J2EE best practice to use stored
procedures and triggers extensively for business logic processing.

As opposed to client/server systems, N-Tier systems generally make extensive use of resource sharing capabilities.
Bean Pools and Connection pools are good examples. Hence E is a right answer.

B, D and F are good examples of other capabilities of N-Tier systems.




261      In general, 1-tier applications are less horizontally scalable than 3-tier applications, although from a scalability
point of view, client/server applications are the most scalable. True/False?

A        True
B
False

The above statement is False.

This is a trick question. It starts out by making a true statement although that is not the main stem of the question. The
main stem seems to indicate that Client/Server applications are the most scalable types of applications. That is incorrect
because N-Tier applications are modular and therefore individual components can be targeted for scaling.



262      Which of the following do not aid a system's extensibility?

A        Modularizing Code
B        Using well defined software design patterns
C        Using Servlets to manage distributed database access
D        Using JSP Scriptlets to locate Enterprise beans
E        Using Data Access Objects when Session Beans or BMP Entity beans have to communicate to the database.
Choices C and D are correct.

Extensibility refers to a systems ability to incorporate new functionality with ease. Writing Database access code within
Servlets or using JSP for locating Enterprise Java Beans make the code very difficult to maintain. These are poor
programming practices and adversely affect the extensibility of a system. Hence choices C and D are correct.

Modularized code, good design practices using patterns, and encapsulating database access with a DAO all make the
code easy to maintain, thus rendering the system easily extensible.




263      Refer to the following exhibit




In the UML diagram,


A        ‘A' has an association relationship with 'B'
B        'B' has an association relationship with 'A'
C        'A' extends 'B'
D        'A' has a composition relation with 'B'
E        'B' has a composition relationship with 'A'
F        'A' has an aggregation relationship with 'B'
G        'B' has an aggregation relationship with 'A'

Choice D is correct.

The relationship between class A and class B represents the strongest form of association - composition. A solid
diamond near the object that will instantiate the other object in the association, denotes a composition relationship.

Class A does not have an association or aggregation (open diamond near A) relationship with class B. Class A also
does not extend B (open triangle near B.) Hence all other choices are incorrect.



264      Refer to the following exhibit




What UML diagram is shown in the exhibit?
A        Class
B
Object
C        Component
D        Collaboration
E        Sequence
F        Package
G        Node

Choice F is correct.

The diagram denotes a package diagram. A package diagram (Fowler 108) shows packages of classes and the
dependencies among them. Choice F is correct.




265      Which of the following statements about Interaction diagrams are true?

A      Interaction diagrams represent the dynamic view of a system.
B      Interaction diagrams may represent static or dynamic views of the system. C      Interaction diagrams are
polymorphic.
D      Interaction diagrams are isomorphic.
E      Interaction diagrams only show time ordering of messages.
F      Interaction diagrams may show the structural organization of the objects that send or receive messages.

Choices A, D and F are correct.

Interaction diagrams (Fowler 67) are models that describe how groups of objects collaborate in some behavior. There
are two kinds of Interaction diagrams - Sequence diagrams and Collaboration diagrams.

(Cade 46) Interaction diagrams address the dynamic view of a system. A sequence diagram emphasizes on the time
ordering of messages whereas a collaboration diagram emphasizes the structural organization of the objects that send or
receive messages. Sequence diagrams and Collaboration diagrams are also isomorphic (you can take one and transform
it to the other.) Hence choices A, D and F are correct.

Interaction diagrams do not describe the static view of a system. Hence choice B is incorrect.

Interaction diagrams are isomorphic, nor polymorphic. Hence choice C is incorrect.

Interaction diagrams show either the time ordering of messages (sequence diagrams) or the structural organization of
objects (collaboration diagrams.) Hence choice E is incorrect.


266      Refer to the following diagram
From the diagram, it can be inferred that:

A        A can only have 2 or 4 Bs associated with it
B        A can have 2 to 4 (4 not inclusive) Bs associated with it
C        A can have 2 to 4 (2 not inclusive) Bs associated with it
D        A can have either 2 or 4 Bs associated with it but not 3
E        A can have 3 Bs associated with it

Choice E is correct.

The multiplicity shown above translates into (A can have 2 to 4 Bs associated with it.) Choice E says that A can have 3
Bs associated with it and is therefore correct.




267      Nopester Inc., a CD manufacturer uses Metallic Corporation for making jewel cases. When the inventory of
jewel cases falls under the reorder level, Nopester communicates with Metallic via faxes. Nopester now wants to build
a solution for its supply chain management. Metallic uses a legacy system that supports CORBA interfaces for other
companies to interface to them with. Metallic's servers are protected by firewalls and will only let HTTP or HTTPS
requests through.

What is Nopester's best option here?

A        Since Metallic will not let CORBA requests through, Nopester should continue sending faxes.
B        Nopester should take its business away to Metallic's competitors.
C        Nopester should use the popular SOAP protocol since SOAP requests communicate over HTTP.
D        Nopester should use a concept called HTTP tunneling to communicate with Metallic.

Choice D is correct.

One of the most common interconnection problems that arise in third party integrations is that of security. Most
companies have strict security policies and only allow access to the ports that support HTTP and HTTPS. Therefore
CORBA requests generally have to masquerade as HTTP requests to get through the firewall. While this beats the very
purpose of the firewall, such implementations are quite common. This concept is called HTTP tunneling. Hence choice
D is correct.

Choice A is incorrect for obvious reasons. What is the point of automation if we still want to use a paper based
solution?

Choice B is incorrect because businesses do not change partners due to minor software issues.

Choice C is incorrect because there is no mention of whether Metallic supports SOAP in the discussion.
268      Syracuse Sobers is a National Hockey League team in upstate New York. They currently use a mainframe-
based application for talent procurement and management. Their team currently visits various schools and universities
across the country. When they find an interesting candidate, they enter his profile details in hand held devices. Later the
information is faxed to Syracuse, where another set of users enters the data into the mainframe.

Given that the Sobers do not want to incur too much capital and operational expense in rewriting the application, what
would be the quickest way of giving them an Internet based profile management system?

A        Rewrite the system using Applets.
B        Rewrite the system using Model2 Architecture based solution.
C        Use screen scraper for obtaining an object interface and off-board server for forwarding requests.
D        Use RMI with JNI. t +Enable HTTP tunneling and use CORBA calls.

Choice C is correct.

The key here is 'less expensive' and 'quickest.' Hence the best method under the given circumstances is the combined
use of Screen Scrapers and an off-board server. Choice C is therefore correct.

Rewriting the system is time consuming and also cost intensive. Hence choices A and B are incorrect.

There is no mention of the legacy application supporting JNI. The question mentions that it is a mainframe-based
application, making screen scrapers the safest bet. Hence choice D is incorrect.

There is also no mention of CORBA support. Hence choice E is incorrect.


269     A Philadelphia based cable company is using J2EE for their Customer Management system. The system uses a
combination of HTML and JSP for presentation. Java Servlets are used as Controllers. All Servlets have access to a
ServletContext object, which functions as a Container to the shared resources of the Servlets. The ServletContext object
best exemplifies what design pattern?

A        Iterator
B        Mediator
C        Interpreter
D        State
E        Singleton

Choice E is correct.

Singleton (GOF 127)" Ensure a class only has one instance, and provide a global point of access to it." In the example
cited above, all Servlets use a common ServletContext object as a container for the shared resources. This is a perfect
example of the Singleton Design Pattern. Hence choice E is correct.

Iterator (GOF 257)"Provide a way to access the elements of an aggregate object sequentially without exposing its
underlying representation." Hence choice A is incorrect.

Mediator (GOF 273)"Define an object that encapsulates how a set of objects interact. Mediator promotes loose
coupling by keeping objects from referring to each other explicitly, and lets you vary their interaction independently."
Hence choice B is incorrect.

Interpreter (GOF 243)"Given a language, define a representation for its grammar along with an interpreter that uses the
representation to interpret sentences in the language." Hence choice C is incorrect.

State (GOF 305)"Allow an object to alter its behavior when its internal state changes. The object will appear to change
its class." Hence choice D is incorrect.
270      Since Stateful Session Beans are not pooled as their Stateless counterparts, the container uses Passivation and
activation techniques for better resource management. What design pattern is close to the concept of Passivation, as
described here?

A        Composite
B        Flyweight
C        Template Method
D        Command
E        Memento
F        Chain of Responsibility

Choice E is correct.

Memento (GOF 283)"Without violating encapsulation, capture and externalize an object's internal state so that the
object can be restored to this state later."

With Stateful Session Beans the container externalizes the state of the bean via Passivation for better memory
management. When required, a bean in the passive state can be brought back to the Method Ready state via activation.
Hence choice E is correct.

Composite (GOF 163)"Compose objects into tree structures to represent part-whole hierarchies. Composite lets clients
treat individual objects and composites of objects uniformly." Choice A is irrelevant here and therefore incorrect.

Flyweight (GOF 195)"Use sharing to support large numbers of fine-grained object efficiently." Hence choice B is
therefore incorrect.

Template Method (GOF 325)"Define a skeleton of an algorithm in an operation, deferring some steps to subclasses.
Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure."
Choice C is therefore incorrect.

Command (GOF 233)"Encapsulate a request as an object, thereby letting you parameterize clients with different
requests, queue or log requests, and support undoable operations." Choice D is therefore incorrect.

Chain of Responsibility (GOF 223)" Avoid coupling the sender of a request to its receiver by giving more than one
object a chance to handle the request." Chain the receiving objects and pass the request along the chain until an object
handles it." Choice F is therefore incorrect.




271       Heaven's Stairway, an e-auction house allows sellers to put up items for sale. Potential buyers can subscribe an
interest in these items. When somebody updates the cost with a higher price, the new price information is sent to a JMS
based middleware. The MOM then intimates all subscribers of the event. What design pattern is illustrated in the
discussion here?

A        Service to Worker
B        Fast Lane Reader
C        Observer
D        Visitor
E        Publish/Subscribe

Choice C is correct.

Observer (GOF 293)"Define a one-to-many dependency between objects so that when one object changes state, all its
dependents are notified and updated automatically." In the example above, when someone (message producer) updates
the bid price, the MOM has to send a message to all interested subscribers (message consumers.) This is a good
example of the Observer Design Pattern. Hence choice C is correct.

The following is taken from:
http://java.sun.com/blueprints/corej2eepatterns/Patterns/ServiceToWorker.html

Service to Worker:"Combine a controller and dispatcher with views and helpers (see Front Controller and View Helper
also) to handle client requests and prepare a dynamic presentation as the response. Controllers delegate content retrieval
to helpers, which manage the population of the intermediate model for the view. A dispatcher is responsible for view
management and navigation and can be encapsulated either within a controller or a separate component." Examples of
Service to Worker pattern can be seen in popular Model2 Frameworks such as Struts and Web Application Framework
(WAF.) This pattern is not relevant to this situation and choice A is therefore incorrect.

The following is taken from:

"The Fast Lane Reader design pattern provides a more efficient way to access tabular, read-only data. A fast lane reader
component directly accesses persistent data using JDBCTM components, instead of using entity beans. The result is
improved performance and less coding, because the component represents data in a form that is closer to how the data
are used." When EJBs are not required in an application (smaller applications) and JSP pages need to access the
database to retrieve information, they may use helper classes, which in turn instantiate DAOs to access data. A JSP
page retrieving catalog information through the CatalogHelper class and the CatalogDAO is a good example of the Fast
Lane Reader Pattern. Hence choice B is incorrect.


Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you
define a new operation without changing the classes of the elements on which it operates." Choice D is therefore
incorrect.

Publish/Subscribe is a messaging architecture, not a design pattern. Hence choice E is incorrect.




272     In JMS based applications components never interact with each other directly. The messages are always sent
to the MOM and the MOM stores and forwards them to the recipients. This concept helps avoid explicit references and
promotes loose coupling. The MOM is acting as a/an:

A        Interpreter
B        Visitor
C        Mediator
D        Service Locator
E        Service to Worker

Choice C is correct.
Mediator (GOF 273)"Define an object that encapsulates how a set of objects interact. Mediator promotes loose
coupling by keeping objects from referring to each other explicitly, and lets you vary their interaction independently."

In this example, the MOM decouples the message producers and consumers from referring to each other directly, thus
acting as a Mediator. Choice C is therefore correct.

Interpreter (GOF 243)"Given a language, define a representation for its grammar along with an interpreter that uses the
representation to interpret sentences in the language." Hence choice A is incorrect.

Visitor (GOF 331)"Represent an operation to be performed on the elements of an object structure. Visitor lets you
define a new operation without changing the classes of the elements on which it operates." Choice B is therefore
incorrect.

The following is taken from:
http://java.sun.com/blueprints/patterns/ServiceLocator.html

"The Service Locator pattern centralizes distributed service object lookups, provides a centralized point of control, and
may act as a cache that eliminates redundant lookups. It also encapsulates any vendor-specific features of the lookup
process." In Model2 architectures, Controllers may use Service Locators to delegate business events. Choice D is
therefore incorrect.

The following is taken from:
http://java.sun.com/blueprints/corej2eepatterns/Patterns/ServiceToWorker.html

Service to Worker:"Combine a controller and dispatcher with views and helpers (see Front Controller and View Helper
also) to handle client requests and prepare a dynamic presentation as the response. Controllers delegate content retrieval
to helpers, which manage the population of the intermediate model for the view. A dispatcher is responsible for view
management and navigation and can be encapsulated either within a controller or a separate component." Examples of
Service to Worker pattern can be seen in popular Model2 Frameworks such as Struts and Web Application Framework
(WAF.) This pattern is not relevant to this situation and choice E is therefore incorrect.




273     Compact Computers is a small computer assembly company. Its online application allows customers to pick
and choose accessories to build their own PCs. The accessories are:

i. Processor - 800Mhz, 1Ghz, 1.2Ghz
ii. HDD - 40 GB, 60 GB, 80 GB
iii. Memory - 128 MB, 256 MB, 512 MB

Customers choose parts and quantities during the order. For example, a customer could choose a second HDD as a
secondary hard drive or purchase additional RAM. What design pattern may be optimal for implementing a suitable
design here?


A        Factory Method
B        Prototype
C        Singleton
D        Template Method
E        Business Delegate
F        Builder
Choice B is correct.

Prototype (GOF 117)"Specify the kinds of objects to create using a prototypical instance, and create new objects by
copying this prototype." In this example, the key is that using prototypical instances (for Hard Drives and RAM), you
can create multiple instances of the required part. Hence choice B is correct.

Factory Method (GOF 107)" Define an interface for creating an object, but let subclasses decide which class to
instantiate. Factory method lets a class defer instantiation to subclasses." Factory Method pattern is used when concrete
factory classes are required for creating subclasses. Hence choice A is incorrect.

Singleton (GOF 127)" Ensure a class only has one instance, and provide a global point of access to it." Hence choice C
is incorrect.

Template Method (GOF 325)"Define a skeleton of an algorithm in an operation, deferring some steps to subclasses.
Template Method lets subclasses redefine certain steps of an algorithm without changing the algorithm's structure."
Choice D is therefore incorrect.

The following is taken from: http://java.sun.com/blueprints/patterns/BusinessDelegate.html

"In distributed applications, lookup and exception handling for remote business components can be complex. When
applications use business components directly, application code must change to reflect changes in business component
APIs.

These problems can be solved by introducing an intermediate class called a business delegate, which decouples
business components from the code that uses them. The Business Delegate pattern manages the complexity of
distributed component lookup and exception handling, and may adapt the business component interface to a simpler
interface for use by views." Hence choice E is incorrect.

Builder (GOF 97)"Separate the construction of a complex object from its representation so that the same construction
process can create different representations." Builder is used to create a complex object made up of specific types of
parts. Here we know the parts but not their quantities. Hence Builder is inappropriate here and therefore choice F is
incorrect.




274      Doomingdale's has an online application where customers may browse the latest season's catalogs. At this time
no e-commerce is planned. What J2EE technology is best suited for this application. Note that a study of Internet traffic
over the last two years in a similar company indicated that the site can expect up to five hundred thousand hits a day
although during Thanksgiving, when sales are at the highest, it could get ten to twenty times higher, perhaps even
more.

A        Java Servlets
B        JSP with Java classes
C        CMP Entity Beans
D        BMP Entity Beans
E        Stateless Session Beans with DAO
F        Stateful Session Beans with DAO

Choice E is correct.

The key here is the nature of the application. No e-commerce is planned at this time, so there may not be any order
transactions requiring Entity Beans. However the site can expect half a million hits each day, the number increasing
exponentially during holiday seasons, indicating that perhaps Session Beans should be considered for the application.
Catalog retrieval can be done with simple Session beans and DAO. Hence choice E is correct.

Choice A and B are not suitable because using just Java Servlets and JSP alone may not be the best solution in a system
involving heavy usage.

As stated earlier, Entity Beans are not necessary here because there is no transactional processing. Choices C and D are
therefore incorrect.

Stateless Session Beans are sufficient for performing simple database retrieval operations. Stateful Session Beans are
only required when conversational state needs to be maintained, as in the case of e-commerce applications with
shopping carts. Hence choice F is incorrect.




275      Hiatus Regency is a popular resort hotel. It has four regional headquarters in the U.S. There is also a national
headquarters in Gaithersburg, MD. All calls made to the toll-free 800 numbers are routed to the nearest call center. If
the requested city falls outside the region, the call gets rerouted from the call center appropriately. Hiatus requires a
nightly update of all transactions to the national headquarters for nationwide batch reporting. What J2EE technology
may be best suited for this?

A        Java-IDL
B        RMI-JRMP
C        EJB
D        JTA/JTS
E        JCA
F        JMS
G        JAF

Choice F is correct.

Whenever asynchronous communication is required, messaging is the best option. Most MOM implementations
provide guaranteed delivery and high QoS levels. Further, messaging decouples the producer and consumer and can be
used when bandwidth availability is limited, since no synchronous response is required. The key here is the nightly
update clearly indicating the asynchronous nature of the communication. Hence choice F is correct.

Java-IDL, RMI-JRMP and EJB are used for synchronous communication. Hence choices A, B and C are incorrect.

JTA/JTS is used to manage user-defined transactions and is irrelevant to this discussion. Hence choice D is incorrect.

The following is taken from:
http://java.sun.com/j2ee/connector/

"The J2EE Connector architecture provides a Java solution to the problem of connectivity between the many
application servers and EISs already in existence. By using the J2EE Connector architecture, EIS vendors no longer
need to customize their product for each application server. Application server vendors who conform to the J2EE
Connector architecture do not need to add custom code whenever they want to add connectivity to a new EIS." Hence
choice E is incorrect.

The following is taken from:
http://java.sun.com/products/javabeans/glasgow/jaf.html
"With the JavaBeans TM Activation Framework standard extension, developers who use Java TM technology can take
advantage of standard services to determine the type of an arbitrary piece of data, encapsulate access to it, discover the
operations available on it, and to instantiate the appropriate bean to perform said operation(s). For example, if a
browser obtained a JPEG image, this framework would enable the browser to identify that stream of data as an JPEG
image, and from that type, the browser could locate and instantiate an object that could manipulate, or view that
image." Hence choice G is incorrect.




276      Which of the following situations may be best suited for implementation using Servlets and JSP?

A        Need large scale deployment
B        Need heavy use of transactions
C        Need to process dynamic requests from HTTP clients
D        Need access to relational databases through a generic set of APIs
E        To function as Intercepting filters, request processors and request dispatcher
F        When static templates are combined with data to form dynamic HTML output

Choices C, E and F are correct.

Servlets and JSP are best suited for applications where there is a need for processing dynamic requests from HTTP
clients. In Model2 architectures, Servlets are used as Controllers and are responsible for processing incoming requests,
and dispatching them to appropriate handlers. JSP are used as views to combine static templates with dynamic data to
form HTML or XML output. Hence choices C, E and F are correct.

When an application involves large-scale deployment and heavy transactional requirements, EJBs are the best
technology. Hence choices A and B are incorrect.

JDBC is used to access relational databases through a generic set of APIs. Hence choice D is incorrect.




277      What are the benefits of Bean pooling?

A       Bean instances are created during startup, thus avoiding the expense of creation, each time a client requests it.
B       Bean pooling allows load distribution over several machines.
C       Bean pooling is the container's way of balancing load - moving future requests from client to a different
machine, if load increases are encountered. D         Allows a container to use beans as flyweights.

Choices A and D are correct.

One of the advantages of using stateless session beans are that they are light weight objects and can therefore be used in
situations that do not require any conversational state management. The container makes use of this capability to create
a pool of instances that can be used to service client requests. When a request is serviced, the bean instance is moved
back to the pool. Thus the expense of creation is avoided each time a client request comes in. Further the concept of
using a smaller number of instances to service a large number of clients is referred to as the Flyweight pattern (GOF
195), the case with bean pooling. Therefore choices A and D are correct.
Bean pooling is not responsible for load distribution (something accomplished by DNS Round Robin.) Some containers
working under a clustered environment achieve load balancing. Again this is not a benefit of bean pooling. Hence
choices B and C are incorrect.




278      What are the valid life-cycle states an Entity Bean can exist in?

A        Does Not Exist, Pooled, Method Ready
B        Does Not Exist Ready, Ready (in TX), Passivated
C        Does Not Exist, Method Ready Pool
D        Does Not Exist, Pooled, Ready

Choice D is correct.

The valid lifecycle states for an Entity Bean are Does Not Exist, Pooled and Ready. Hence choice D is correct.

Entity Beans do not have a Method Ready state. Hence choice A is incorrect.

When Entity Beans are passivated, they enter the pooled state. Also, there is no Method Ready (in TX) state for Entity
Beans. Hence choice B is incorrect.

The Method Ready Pool state is a lifecycle state for Stateless Session Beans, not Entity Beans. Hence choice C is
incorrect.




279       A company has a third party billing system that provides C++ API access. In the current architecture, a
daemon process listens on a specified port on the server for incoming payloads. The incoming payloads are then
decoded to the form command <tab> data. Once the command is known, the process calls the appropriate API with the
data. The company is trying to move to a Java based solution. However, until the billing system is upgraded, they will
still need to use the C++ bases APIs.

What Protocol may be best suited for achieving this?



A        RMI-JRMP with JNI wrappers for the API calls
B        RMI-IIOP (Stateless session beans making the API calls)
C        Custom socket programming to replace the C++ daemon process with a Java class
D        HTTP request making a CGI call for the Billing updates
E        JINI based program to interface to the APIs
F        JCA to make the API call

Choice A is correct.

The key here is that the billing system supports C++ based APIs. The new code is being written in the Java platform.
The best approach here is to write RMI-JRMP code to talk to the billing system and have JNI wrappers there to
communicate with the C++ APIs. Hence choice A is correct.

The question says that the billing system only supports C++ APIs. Hence choice B is incorrect.
While custom Java socket programming may be used on the server side to replace the C++ process, in order to call the
APIs, C++ wrappers will still be required. Hence choice C is incorrect.

HTTP, JINI and JCA do not satisfy the requirement of the C++ wrapper need. Hence choices D, E and F are also
incorrect.




280      Which of the following statements are true?

A        The java.text package contains classes and interfaces for handling text in a locale-sensitive way.
B        The java.text package contains the Locale class and classes for Date and Time.
C        The java.util package contains classes for importing and exporting non-Unicode character data.
D        The java.util package contains the Locale class and classes for Date and Time

Choices A and D are correct.

The java.text and java.util packages are used to support Java Internationalization. The java.text package has classes and
interfaces for handling locale specific text and the java.util package containes the Locale class and other classes for
Date and Time manipulation. Hence choices A and D are correct.

The java.util package contains the Locale class and Date and Time classes. Hence choice B is correct.

The InputStreamReader and OutputStreamWriter classes handle non-Unicode character data conversion. These classes
are found in the java.io package. Hence choice C is incorrect.




281      The representation of a set of cultural and language preferences is done using which class?

A      java.util.LanguagePreference
B      java.text.MessageFormat
C      ResourceBundle
D
Locale

Choice D is correct.

The following is taken from:
http://java.sun.com/products/jdk/1.1/docs/guide/intl/intl.doc.html#26726

"A Locale object represents a specific geographical, political, or cultural region. An operation that requires a locale to
perform its task is called locale-sensitive and uses the Locale object to tailor information for the user. For example,
displaying a number is a locale-sensitive operation- the number should be formatted according to the customs and
conventions of the user's native country, region, or culture." Hence choice D is correct.

There is no LanguagePreference class. Regional preferences are addressed through various I18N features such as
ResourceBundle, Locale and so on. Hence choice A is incorrect.

The following is taken from:
http://java.sun.com/products/jdk/1.1/docs/guide/intl/intl.doc.html#24167

"The class MessageFormat provides a means to produce concatenated messages in language-neutral way. The
MessageFormat object takes a set of objects, formats them, and then inserts the formatted strings into the pattern at the
appropriate places." Hence choice B is incorrect.

The following is taken from:
http://java.sun.com/products/jdk/1.1/docs/guide/intl/intl.doc.html#23039

"The class ResourceBundle is an abstract base class representing containers of resources. Programmers create
subclasses of ResourceBundle that contain resources for a particular locale. New resources can be added to an instance
of ResourceBundle, or new instances of ResourceBundle can be added to a system without affecting the code that uses
them. Packaging resources as classes allows developers to take advantage of Java's class loading mechanism to find
resources.
Resource bundles contain locale-specific objects. When a program needs a locale-specific resource, a String object for
example, the program can load it from the resource bundle that is appropriate for the current user's locale. In this way,
the programmer can write code that is largely independent of the user's locale isolating most, if not all, of the locale-
specific information in resource bundles." Hence choice C is incorrect.




282      What is the difference in the Java Security model between JDK 1.1 and JDK1.2 with regards to applets?

A        There is no difference between the two JDK versions in question. Applets are always confined to the sandbox.
B        In JDK 1.1, applets are never trusted and in JDK 1.2 they always are.
C        JDK 1.2 fixed a flaw in the JDK 1.1 security policy. There are no security holes in JDK 1.2 because Applets
are never trusted.
D        In JDK 1.1 only signed applets were trusted whereas in JDK 1.2, any applet with the right security permissions
can be trusted.

Choice D is correct.

The following is taken from:
http://java.sun.com/docs/books/tutorial/security1.2/overview/index.html

"JDK 1.1 introduced the concept of a "signed applet," as illustrated in the next figure. A digitally signed applet is
treated like local code, with full access to resources, if the public key used to verify the signature is trusted. Unsigned
applets are still run in the sandbox. Signed applets are delivered, with their respective signatures, in signed JAR (Java
Archive) files.

JDK 1.2 introduces a number of improvements over JDK 1.1. First, all code, regardless of whether it is local or remote,
can now be subject to a security policy. The security policy defines the set of permissions available for code from
various signers or locations and can be configured by a user or a system administrator. Each permission specifies a
permitted access to a particular resource, such as read and write access to a specified file or directory or connect access
to a given host and port.
The runtime system organizes code into individual domains, each of which encloses a set of classes whose instances
are granted the same set of permissions. A domain can be configured to be equivalent to the sandbox, so applets can
still be run in a restricted environment if the user or the administrator so chooses. Applications run unrestricted, as
before, by default but can optionally be subject to a security policy." As we can see, the Java 2 Security model is totally
flexible. Hence choice D is correct.

Choices A, B and C are incorrect because there are differences between the JDK 1.1 and JDK 1.2 security model and
signed applets were trusted in JDK 1.1 whereas all applets are subject to a security policy in JDK 1.2.




283      Which of the following are mandatory steps in the SSL handshake?


A        Validate Client to Server
B        Validate Server to Client
C        Allow client and server to choose cryptographic algorithm
D        Use symmetric key encryption to generate shared secrets

Choices B and C are correct.

When a client tries to establish an SSL connection with a server, the server identifies itself to the client. The client may
optionally identify itself to the server. The client and the server then choose the best cryptographic algorithm. Public
Key Cryptography is used to generate shared secrets and Symmetric Key Cryptography is then used for
communication. Hence choices B and C are correct.

The client's validation to the server is an optional step in the SSL handshake. Hence choice A is incorrect.

Public Key Cryptography is used to generate shared secrets. Hence choice D is incorrect.




284     When a Stateful Session Bean is passivated, what activities should the developer perform in the ejbPassivate()
method?




A        Close all open resources
B        Set transient fields to NULL
C        Set Non-transient fields to NULL
D        Set non-transient non-serializable fields to NULL

Choices A and D are correct.

During Passivation, it is the developer's responsibility to ensure that all open resources are closed and all non-transient
non-serializable fields are set to NULL. Therefore choices A and D are correct.

There is no need to set transient fields to NULL. They will not be serialized anyway. Therefore choice B is incorrect.
If Non-transient fields are set to NULL, there is no point in serializing the bean instance. Hence choice C is incorrect.




285     Session Bean SB1 calls a method in another Session Bean SB2. If the calling Bean has a transactional scope,
with which of the following attributes in SB2, will the transaction not be propagated?

A        Supports
B        Required
C        Not Supported
D        Requires New
E        Mandatory
F        Never

Choices C, D and F are correct.

The following is taken from:
http://java.sun.com/blueprints/guidelines/designing_enterprise_applications_2e/transactions/transactions7.html

"Transaction Attributes: A transaction attribute is a value associated with a method of an enterprise bean that uses
container-managed transaction demarcation. A transaction attribute is defined for an enterprise bean method in the
bean's deployment descriptor, usually by an application component provider or application assembler. The transaction
attribute controls how the EJB container demarcates transactions of enterprise bean methods. In most cases, all methods
of an enterprise bean will have the same transaction attribute. For optimization purposes, it is possible to have different
attributes for different methods. For example, an enterprise bean may have methods that do not need to be
transactional.

A transaction attribute must be specified for the methods in the component interface of a session bean and for the
methods in the component and home interfaces of an entity bean.

Required - If the transaction attribute is Required, the container ensures that the enterprise bean's method will always
be invoked with a JTA transaction. If the calling client is associated with a JTA transaction, the enterprise bean method
will be invoked in the same transaction context. However, if a client is not associated with a transaction, the container
will automatically begin a new transaction and try to commit the transaction when the method completes.

RequiresNew - If the transaction attribute is RequiresNew, the container always creates a new transaction before
invoking the enterprise bean method and commits the transaction when the method returns. If the calling client is
associated with a transaction context, the container suspends the association of the transaction context with the current
thread before starting the new transaction. When the method and the transaction complete, the container resumes the
suspended transaction.

NotSupported - If the transaction attribute is NotSupported, the transactional context of the calling client is not
propagated to the enterprise bean. If a client calls with a transaction context, the container suspends the client's
transaction association before invoking the enterprise bean's method. After the method completes, the container
resumes the suspended transaction association.

Supports - It the transaction attribute is Supports and the client is associated with a transaction context, the context is
propagated to the enterprise bean method, similar to the way the container treats the Required case. If the client call is
not associated with any transaction context, the container behaves similarly to the NotSupported case. The transaction
context is not propagated to the enterprise bean method.

Mandatory - The transaction attribute Mandatory requires the container to invoke a bean's method in a client's
transaction context. If the client is not associated with a transaction context when calling this method, the container
throws javax.transaction.TransactionRequiredException if the client is a remote client or
javax.ejb.TransactionRequiredLocalException if the client is a local client. If the calling client has a transaction
context, the case is treated as Required by the container.

Never - The transaction attribute Never requires that the enterprise bean method explicitly not be called within a
transaction context. If the client calls with a transaction context, the container throws java.rmi.RemoteException if the
client is a remote client or javax.ejb.EJBException if the client is a local client. If the client is not associated with any
transaction context, the container invokes the method without initiating a transaction."

With Not Supported, Requires New and Never, the existing transaction's scope will not be propagated. Therefore
choices C, D and F are correct and choices A, B and E are incorrect.




286      The findByXxx() method in the Home Interface of an entity bean returns

A        An Instance of java.lang.Object
B        An instance of the Remote Reference to the bean
C        An instance of java.util.Enumeration
D        An instance of the Bean class.

Choices B and C are correct.

The finder methods return either an instance of the Remote Reference to the bean or an instance of
java.lang.Enumeration (if multiple rows are found.) Therefore choices B and C are correct.

The finder methods never return an instance of java.lang.Object. Choice A is therefore incorrect.

The bean class is never explicitly returned to the client. The client always only works with the remote reference to the
bean class. Choice D is therefore incorrect.




287      With Bean Managed Persistence, what are the developer's responsibilities in terms of data synchronization?


A       The DML statements for inserting, deleting and updating data are coded in appropriate methods and the client
program is responsible for synchronizing data by calling the methods appropriately.
B       The DML statements for inserting, deleting and updating data are coded in appropriate methods but since
ejbLoad() and ejbStore() are callback methods, the container makes calls to them, as needed.

Choice B is correct.

With BMP, although the code necessary for inserting, deleting and updating data is provided by the developer, the
container still decides when to synchronize the Bean's state with the database. The container makes this decision based
on various activities including the current transactional context and so on. The client does not call the callback methods
explicitly. Hence choice B is correct.


Choice A is incorrect because it suggests that it is the client's responsibility to invoke the callback methods.
288      Under which of the following conditions should you use an Entity Bean?

i.       The bean represents a business entity, not a procedure.
ii.      The bean's state must be persistent. If the bean instance terminates or if
         the J2EE server is shut down, the bean's state still exists in persistent storage (a database).

A        Choice (i) only
B        Choice (ii) only
C        Choice (i) or (ii) depending on whether the Container is EJB 1.0 compliant or EJB 1.1 compliant
D        Both choice (i) and (ii)

Choice D is correct.

Entity Beans are best used when the bean represents a business entity and when the bean's state must be persistent.
Hence choice D is correct.

i. The bean represents a business entity, not a procedure.
ii. The bean's state must be persistent. If the bean instance terminates or if the J2EE server is shut down, the bean's state
still exists in persistent storage (a database).

                                 ############################################

								
To top