Friday, April 29, 2011

Self Test: Chapters 47 to 50

Questions:

Question 1:

Which two statements apply to the following code snippet? (Choose two.)
< servlet >
< servlet-name >
testServlet
< /servlet-name >
< servlet-class >
myPackage.MyTestServlet
< /servlet-class >
< /servlet >

A. It is a mapping between a servlet name and the fully-qualified name of the servlet class.
B. It is a map between a URL and a servlet.
C. This code belongs in the WebApp deployment descriptor.
D. It tells the container where to install the servlet.

Question 2:

Which two of the following statements most closely relate to HTTPS Client Authentication?
A. It uses a Status-Code element (three-digit integer).
B. It uses predefined form fields.
C. It is the most secure form of authentication.
D. It uses SSL.

Question 3:

Which directory is the location for myApp.jar?
A. /WEB-INF/
B. /WEB-INF/classes/
C. /WEB-INF/lib/D. /

Question 4:

In which two elements can you define initialization parameters?
A. servlet
B. context-param
C. welcome-file
D. login-config

Question 5:

Which three of the following are elements of the Web Application Descriptor?
A. servlet
B. context-param
C. listener
D. error

Question 6:

What is the configuration that the deployment descriptor uses to handle each exception?
A. error-page
B. exception
C. error
D. exception-page

Question 7:

What is the deployment descriptor file named?
A. server.conf
B. server.xml
C. web.xml
D. web.conf

Question 8:

Which directory is the location for Web application class files?
A. /WEB-INF/
B. /WEB-INF/classes/
C. /WEB-INF/classpath/
D. /META-INF/classes

Question 9:

What does the security-role element do?
A. It configures the authentication method that should be used by the form login mechanism.
B. It defines the status codes for security breaches.
C. It contains a mapping between an error code or exception type to the path of a resource in the Web application.
D. It describes and names the security role.

Question 10:

Which directory is the location for the deployment descriptor?
A. /WEB-INF/
B. /WEB-INF/classes/
C. /WEB-INF/lib/D. /

Question 11:

Which of the following best defines authentication?
A. The means used to prove that information has not been modified by a third party while in transit.
B. This is access control where interactions with resources are limited to collections of users or programs for the purpose of enforcing integrity, confidentiality, or availability constraints.
C. You have permission to use a given page.
D. The means by which communicating entities prove to one another that they are acting on behalf of specific identities.

Question 12:

What is the best definition for auditing?
A. This is access control where it defines who can interact with what resources.
B. Maintaining a record of Web application activity.
C. This is a check of the Web application when it is used for commercial transactions.
D. This prevents Web site attacks.

Answers:

Question 1:

A and C. The servlet element establishes a mapping between a servlet name and the fully-qualified name of the servlet class. You would place this code in the WebApp deployment descriptor.

Question 2:
C and D. This is end user authentication using HTTPS (HTTP over SSL). This mechanism uses public key encryption that requires the user to possess a Public Key Certificate (PKC). This is the highest level security of the four here.

Question 3:

C. The jar files go in the /WEB-INF/lib/ directory.

Question 4:

A and B. The initialization parameters are defined in both the context-param and the servlet elements of the Web deployment descriptor.

Question 5:

A, B, and C. All of these are elements except there is no error element. It should have been error-page.

Question 6:

A. The error-page element, which defines what resource the container should use for a given exception.
< web-app >
< error-page >
< error-code >404< / error-code >
< location > /404.html < /location >
< /error-page >
< /web-app >


Question 7:

C. web.xml is the deployment descriptor file.

Question 8:

B. You place your servlets and utility classes in /WEB-INF/classes/.

Question 9:

D. The security-role element contains the definition of a security role. The definition consists of an optional description of the security role, and the security role name.

Question 10:

A. web.xml is the deployment descriptor file in /WEB-INF/web.xml.

Question 11:

D. Authentication is the means by which communicating entities prove to one another that they are acting on behalf of specific identities. In other words, it is the attempt to prove that you are really you.

Question 12:

B. Maintain a record of Web application activity. For example, you can log resource accesses including times and requester IP and ID. This usually involves a log somewhere.

Previous Chapter: Quick Recap - Chapters 47 to 50

Next Chapter: Chapter 51 - Introduction to Design Patterns

No comments:

Post a Comment

© 2013 by www.inheritingjava.blogspot.com. All rights reserved. No part of this blog or its contents may be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the Author.

ShareThis

Google+ Followers

Followers