[Free] 2017(Sep) CollectDumps Testking GIAC GSSP-Java Dumps with VCE and PDF 161-170

CollectDumps 2017 Sep GIAC Official New Released GSSP-Java
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GSSP-Java.html

GIAC Secure Software Programmer – Java

Question No: 161 – (Topic 2)

You work as an Application Deployer for UcTech Inc. You want to configure a filter for a Web application using the deployment descriptor. Which of the following attributes are mandatory for you to implement in order to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

  1. lt;filter-classgt;

  2. lt;init-paramgt;

  3. lt;filter-namegt;

  4. lt;display-namegt;

Answer: A,C

Question No: 162 – (Topic 2)

Which of the following statements are true about the doAs() and doAsPrivileged() methods?

Each correct answer represents a complete solution. Choose all that apply.

  1. The doAsPrivileged() method invokes AccessController.doPrivileged by passing it the provided PrivilegedAction.

  2. The doAs() and doAsPrivileged() methods perform privileged work as a particular Subject.

  3. The doAs() method retrieves the current Thread#39;s AccessControlContext via AccessController.getContext.

  4. The doAsPrivileged() method, instead of retrieving the current Thread#39;s AccessControlContext, uses the provided AccessControlContext.

Answer: A,C,D

Question No: 163 – (Topic 2)

Mark works as a Programmer for InfoTech Inc. He develops the following deployment descriptor code.

lt;web-appgt;

lt;error-pagegt;

lt;exception-typegt;java.lang.Throwablelt;/exception-typegt;

lt;locationgt; Error.jsp lt;/locationgt;

lt;/error-pagegt;

lt;error-pagegt;

lt;exception-typegt; javax.security.auth.RefreshFailedExceptionlt;/exception-typegt;

lt;locationgt; RefreshFailed.jsp lt;/locationgt;

lt;/error-pagegt;

lt;/web-appgt;

Which of the following statements is true about the deployment descriptor code given above?

  1. It is not possible to declare two error-page code in the web-app element.

  2. The error-page element does not belong to the web-app element.

  3. Any exception other than RefreshFailedException will display the Error.jsp page.

  4. All exceptions will display the Error.jsp page.

Answer: C

Question No: 164 – (Topic 2)

Which of the following statements about data integrity of a container are true? Each correct answer represents a complete solution. Choose two.

  1. It ensures that an eavesdropper cannot read an HTTP message being sent from a client to a container.

  2. Data integrity ensures that information has not been modified by a third party while it is in transit.

  3. It ensures that a hacker cannot alter the contents of an HTTP message while it is in transit from a container to a client.

  4. Data integrity ensures that information is made available to users who are authorized to access it.

Answer: B,C

Question No: 165 – (Topic 2)

Mark works as a Programmer for InfoTech Inc. He develops a RefreshFailed.jsp page for a servlet. He wants that the RefreshFailed.jsp page will be displayed when the

javax.security.auth.RefreshFailedException is thrown. Which of the following error-page deployment descriptor element declarations will be used?

  1. lt;error-pagegt;

    lt;exception-codegt; javax.security.auth.RefreshFailedException lt;/exception-codegt;

    lt;locationgt;RefreshFailed.jsplt;/locationgt;

    lt;/error-pagegt;

  2. lt;error-pagegt;

    lt;exception-typegt; javax.security.auth.RefreshFailedException lt;/exception-typegt;

    lt;locationgt;RefreshFailed.jsplt;/locationgt;

    lt;error-codegt;408lt;/error-codegt;

    lt;/error-pagegt;

  3. lt;error-pagegt;

    lt;exception-typegt; javax.security.auth.RefreshFailedException lt;/exception-typegt;

    lt;locationgt;RefreshFailed.jsplt;/locationgt;

    lt;/error-pagegt;

  4. lt;error-pagegt;

lt;exception-typegt; javax.security.auth.RefreshFailedException lt;/exception-typegt;

lt;targetgt;RefreshFailed.jsplt;/targetgt;

lt;/error-pagegt;

Answer: C

Question No: 166 – (Topic 2)

Which of the following statements about the isUserInRole() method are true? Each correct answer represents a complete solution. Choose all that apply.

  1. It accepts a boolean argument.

  2. It is mapped in the deployment descriptor using the lt;security-role-refgt; element.

  3. It belongs to the HttpServletResponse interface.

  4. The lt;role-linkgt; sub-element of the lt;security-role-refgt; element must match the lt;role- namegt; sub-element of the lt;security-rolegt; element.

Answer: B,D

Question No: 167 – (Topic 2)

You work as a Web Deployer for UcTech Inc. You write the lt;security constraintgt; element for an application in which you write the lt;auth-constraintgt; sub-element as follows.

lt;auth-constraintgt;

lt;role-namegt;*lt;/role-namegt;

lt;/auth-constraintgt;

Who will have access to the application?

  1. No user

  2. It depends on the application.

  3. Only the administrator

  4. All users

Answer: D

Question No: 168 – (Topic 2)

You work as a Software Developer for UcNet Inc. You write the following code using Java. class StringTest

{

public static void main(String args[])

{

String s = quot;Hiquot;; s.concat(quot;Therequot;); System.out.println(s);

}

}

What will happen when you try to compile and execute the code?

  1. It will not compile.

  2. It will compile and execute successfully and will display Hi as the output.

  3. It will compile but will throw an exception at runtime.

  4. It will compile and execute successfully and will display HiThere as the output.

Answer: B

Question No: 169 – (Topic 2)

Which of the following statements about ServletContext attributes is true?

  1. They are not thread-safe but can be made thread-safe by synchronizing the service() method.

  2. They are not thread-safe but can be made thread-safe by applying a lock on the context.

  3. They are thread-safe.

  4. They are not thread-safe but can be made thread-safe by applying a lock on the servlet.

Answer: B

Question No: 170 – (Topic 2)

You work as a Software Developer for UcTech Inc. You want the deployment descriptor to contain entries for the authentication type and the security realm. In order to accomplish this, you have to use the sub-elements of the lt;login-configgt; element. Which of the following will you use?

Each correct answer represents a complete solution. Choose all that apply.

  1. lt;auth-namegt;

  2. lt;realm-typegt;

  3. lt;auth-typegt;

  4. lt;form-login-configgt;

  5. lt;realm-namegt;

  6. lt;login-form-typegt;

  7. lt;auth-methodgt;

Answer: D,E,G

100% Free Download!
Download Free Demo:GSSP-Java Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GSSP-Java Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE