Offering Free access to GIAC Certification GSSP-Java Exam Questions Pool Bank

GIAC Secure Software Programmer – Java Questions and Answers

Testing Engine

Product Type: Testing Engine

$43.75 ~~$124.99~~

Add to Cart

PDF + Testing Engine

Product Type: PDF + Testing Engine

$61.25 ~~$174.99~~

Add to Cart

PDF Study Guide

Product Type: PDF Study Guide

$38.5 ~~$109.99~~

Add to Cart

Question 1

Which of the following statements about a JAR file are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

It cannot be accessed through a class path, nor they can be used by java and javac.

It is used to compress and archive data.

It can be moved from one computer to another.

It is created by using the jar command.

Question 2

Identify whether the given statement is true or false.

"When an exception occurs in a try block, each catch statement following the try block is inspected in sequential order, and the last one whose type matches that type of exception is executed."

Options:

False

True

Question 3

Which of the following fields must be present in the login page when using the form-based authentication?

Each correct answer represents a part of the solution. Choose two.

Options:

get_pw

user_pw

j_login

j_password

j_pw

j_username

Question 4

Which of the following will be returned by the expression "string" instanceof String?

Options:

1.0

null

false

0.0

true

Question 5

Which of the following is the valid permission for a BasicPermission?

Options:

a*b

*.com

*java

Question 6

Which of the following statements are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

StringBuffer is thread safe, but StringBuilder is not.

The String class is final.

StringBuilder offers faster performance than StringBuffer.

The size of the String can be obtained using the length property.

Question 7

Which of the following exceptions will be thrown if the name parameter is null in the constructor of AuthPermission?

Options:

IllegalArgumentException

NullPointerException

ClassNotFoundException

IllegalStateException

Question 8

Consider the given lines of codE.

package ucert

class memberaccess

{

public int mem = 10;

}

Which of the following can directly access the variable mem?

Options:

Any class

Any class that extends the memberaccess class

Only the memberaccess class

Any class in the package ucert

Question 9

Identify whether the given statement is true or false.

"An object becomes eligible for garbage collection when it becomes unreachable by any code."

Options:

False

True

Question 10

Which of the following JAR file options creates and includes a manifest file?

Options:

-M

-v

-0

-m

Question 11

Which of the following statements are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

An inner class cannot be defined as private.

An inner class cannot be defined as protected.

An inner class can be defined as private.

An inner class can extend another class.

Question 12

The following JSP scriptlet is given.

<% response.setContentType("text/html; charset=ISO-8859-1"); %>

Which of the following directives is the equivalent directive for the scriptlet given above?

Options:

<%@ include contentType="text/html; pageEncoding=ISO-8859-1" %>

<%@ include contentType="text/html; charset=ISO-8859-1" %>

<%@ page contentType="text/html; charset=ISO-8859-1" %>

<%@ taglib contentType="text/html; pageEncoding=ISO-8859-1" %>

Question 13

You work as a Software Developer for UcTech Inc. You create a session using the HttpSession interface. You want the attributes to be informed when the session is moved from one JVM to another and also when an attribute is added or removed from the session. Which of the following interfaces can you use to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

Options:

HttpSessionBindingListener

HttpSessionListener

HttpSessionActivationListener

HttpSessionAttributeListener

Question 14

Which of the following CLDC connector modes is used only for data input over a connection?

Options:

READ_WRITE

READ

WRITE

Question 15

Which of the following mechanisms is closely related to authorization?

Options:

Sending data so that no one can alter it on the way.

Allowing access to a particular resource.

Verifying username and password.

Sending secret data such as credit card information.

Question 16

Which of the following statements are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

StringBuffer is thread safe, but StringBuilder is not.

The String class is final.

StringBuilder offers faster performance than StringBuffer.

The size of the String can be obtained using the length property.

Question 17

Mark works as a Programmer for InfoTech Inc. He develops a class named Data that imports all the required packages. The class Data uses a method named PrintData(), which uses a method that checks whether the caller has a BeanUser security role. Which of the following code of the method PrintData() will satisfy the requirement?

Options:

public void PrintData()

{

@DeclareRoles("BeanUser")

@Resource SessionContext ctx;

@RolesAllowed("BeanUser")

Principal caller = ctx.getCallerPrincipal();

if (ctx.getCallerIdentity("BeanUser")) {

System.out.println("It is the correct user");}

else{System.out.println("It is the incorrect user");}//more code}

public void PrintData()

{@DeclareRoles("BeanUser")

@Resource SessionContext ctx;

@RolesAllowed("BeanUser")

Principal caller = ctx.getEJBHome();

if (!isCallerInRole(ctx)) {System.out.println("It is the correct user");}

else{System.out.println("It is the incorrect user");}//more code}

public void PrintData()

{@DeclareRoles("BeanUser")

@Resource SessionContext ctx;

@RolesAllowed("BeanUser")

Principal caller = ctx.getCallerPrincipal();

if (ctx.isCallerInRole("BeanUser")) {

System.out.println("It is the correct user");}

else{System.out.println("It is the incorrect user");}//more code}

public void PrintData()

{@DeclareRoles("BeanUser")

@Resource SessionContext ctx;

@RolesAllowed("BeanUser")

Principal caller = ctx.getCallerPrincipal();

if (ctx.getStatus("BeanUser")) {System.out.println("It is the correct user");}

else{System.out.println("It is the incorrect user");}//more code}

Question 18

Which of the following classes is an engine class that provides an opaque representation of cryptographic parameters?

Options:

DSAPublicKeySpec

AlgorithmParameterGenerator

DSAParameterSpec

AlgorithmParameters

Question 19

You work as a Software Developer for NewTech Inc. You write a bean class using Enterprise

JavaBeans 3.0. The class uses the @DeclareRoles ("ADMIN, HR, DBA, USER") annotation to declare the security roles. The class contains a method named showResult(). You want to ensure that the ADMIN role is granted privilege to the showResult() method. Moreover, if a role that is not allowed to access the method tries to call the method, an error message must be shown. Assuming that there is no security-related element in the deployment descriptor, which of the following will you use to accomplish the task?

Each correct answer represents a part of the solution. Choose two.

Options:

The isCallerInRole() method

The getCallerPrincipal() method

The @RolesAllowed("ADMIN") annotation

The @PermitAll annotation

Question 20

Given a code of a class named PrintString that prints a string.

1. public class PrintString{

2. public static void main(String args[]){

3. /*insert code here */

4. /* insert code here */

5. System.out.println(str);

6. }

7. }

Which of the following code fragments can be inserted in the class PrintString to print the output "4247"?

Each correct answer represents a complete solution. Choose all that apply.

Options:

StringBuilder str= new StringBuilder("123456789");

str.delete(0,3).replace(1,3,"24").delete(4,6);

StringBuffer str= new StringBuffer("123456789");

str.delete(0,3).replace(1,3,"24").delete(4,6);

StringBuffer str=new StringBuffer("123456789");

str.substring(3,6).delete(1,2).insert(1,"24");

StringBuilder str= new StringBuilder("123456789");

str.deleteCharAt(6).replace(1,3,"24").delete(0,3);

String str="123456789";

str=(str-"123").replace(1,3,"24")-"89";

Question 21

Which of the following are advantages of client-side JavaScript?

Each correct answer represents a complete solution. Choose two.

Options:

It is fast.

It provides graphical components.

It is secure.

It provides form-validation at client side.

Question 22

Which of the following methods is used to authenticate the users, and if the user has not been authenticated, the method returns false?

Options:

getCallerPrincipal()

getRemoteUser()

isUserInRole()

getCallerIdentity()

Question 23

You work as a Programmer for InfoTech Inc and develop the following two

declarations.

Manager

/acme/Manager/*

GET

POST

Manager

/acme/Manager/*

GET

POST

Manager

Which of the following statements is true about the in the code given above?

Options:

Nobody is allowed to access the specified resources.

Only Manager is allowed to access the specified resources.

The first element declaration is incorrect.

It is not possible to define the multiple security constraint on a single resource.

Question 24

Which of the following is used to restore the objects that have been previously serialized by a stream?

Options:

FileInputStream

ObjectOutputStream

ObjectInputStream

FileOutputStream

Question 25

Which of the following statements about programmatic security are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

The bean provider is responsible for writing code for programmatic security.

It is also called as instance level security.

It is implemented using methods of the EJBContext interface.

It is implemented using the methods of the UserTransaction interface.

Question 26

Which of the following is the appropriate deployment descriptor elements entry for the code given below?

@RunAs("admin")

@Stateless public class StudentBean implements Student {

//more code ...

}

Options:

...

Student

...

admin

...

Student

...

admin

...

Student

...

< security-role-ref>admin

...

Student

...

admin

...

Question 27

Dennis works as a Programmer in Broadnet Inc. He writes the following program.

1. public class Ques0307{

2. public static void main(String[] argv){

3. int arr[] = {1, 2, 3, 4};

4. try{

5. int k = 0;

6. for(; k < 4; k++)

7. arr[k] = arr[k] + 1;

8. System.out.println("try");

9. }

10. catch(ArrayIndexOutOfBoundsException a){

11. System.out.println("index " +k +" not found");

12. }

13. catch(Exception e){

14. System.out.println("catch1");

15. }

16. finally{

17. System.out.println("finally");

18. }

19. }

20. }

What will happen when Dennis attempts to compile and execute the program?

Options:

A compile-time error will occur.

The program will display index 0 not found catch1 finally

The program will display index 4 not found finally

The program will display try finally

Question 28

Given below are top-level class declarations. Which of these class declarations would not produce a compile-time error?

abstract class P {} //1

private class Q {} //2

static class R {} //3

transient class S {} //4

Options:

Line 3

Line 1

Line 2

Line 4

Question 29

Which of the following init() method calls initializes a cipher object with a key in the SECRET_MODE?

Options:

cipher.init(2, key);

cipher.init(1, key);

cipher.init(3, key);

cipher.init(4, key);

Question 30

Which of the following permission classes is an abstract class ancestor of all permissions and defines the essential functionalities required for all permissions?

Options:

java.security.Permissions

java.security.PermissionCollection

java.security.UnresolvedPermission

java.security.Permission

Question 31

Mark works as a Programmer for InfoTech Inc. He creates a method named roomBooking() and this method throws IndexOutOfBoundsException. Which of the following roles will automatically handle the exception?

Options:

Bean Provider

Application Assembler

Bean Deployer

Container

Question 32

Which of the following statements about exceptions in message-driven beans are true?

Each correct answer represents a complete solution. Choose two.

Options:

Message-driven beans must not throw any application exception.

The message-listener interface of a message-driven bean cannot generate system exceptions.

The message-listener interface of a message-driven bean can throw the

java.rmi.RemoteException.

The isCallerInRole() method called on a message-driven bean will throw an exception.

Message-driven beans must not throw any checked exception.

Question 33

You work as a Software Developer for Developer Inc. You write the following code.

interface A {public boolean b = false;}

class C implements A {public static void main(String args[]) {b = true;System.out.println(b);}}

Which of the following will be the result, when you try to compile and execute the above code?

Options:

The code will compile and print false.

The code will compile, but it will not execute.

The code will compile and print true.

The code will not compile.

Question 34

Mark works as a Programmer for InfoTech Inc. He develops an application named AccountServlet. He wants to ensure that no body can access his application, i.e., he does not want any role to have access on his application. He defines the following security constraint for his application.

AccountServlet

/acme/Account

GET

PUT

//code

Which of the following options will be used to secure his application?

Options:

Skip the element in the security constraint code.

NONE

Question 35

Mark works as a Programmer for InfoTech Inc. He develops the following code for a Web application named JavaSecurity Application.

A JavaSecurity Application

...

Manager

Admin

Programmer

Admin

Employee

Which of the following will be the action of the container if the request is HttpServletRequest, and request.isUserInRole("Admin"); has been called in a servlet code?

Options:

The container will throw a system exception.

The container will return true.

The container will throw an application exception.

The container will return false.

Question 36

Mark works as a Programmer for InfoTech Inc. He develops a code snippet for a class named

servletClassA that extends the HttpServlet class. Which of the following HttpServlet class methods are not required to be overridden by the servletClassA?

Each correct answer represents a complete solution. Choose all that apply.

Options:

doDelete()

doPost()

doGet()

doOptions()

service()

Question 37

Mark works as a Programmer for InfoNet Inc. He writes the following programs.

1. package book;

2. public class read

3. {

4. (access modifier) int r1=10;

5. }

1. package book1;

2. import book.read;

3. class Doread extends read

4. {

5. public void test()

6. {

7. System.out.println("The value of r1 is." +r1);

8. }

9. }

Which of the following access modifiers will be put in the place of the word, (access modifier), to compile the program successfully?

Options:

default

public

protected

private

volatile

Question 38

Which of the following conditions must be satisfied before the HTTP client authentication mechanism is used?

Each correct answer represents a complete solution. Choose all that apply.

Options:

The client must have a valid public key certificate.

The SSL support must be configured for the server.

It must create the error and login form pages.

The Base64 encoding must be used for sending user names and passwords over the Internet.

Question 39

Which of the following statements about ServletContext attributes is true?

Options:

They are not thread-safe but can be made thread-safe by synchronizing the service() method.

They are not thread-safe but can be made thread-safe by applying a lock on the context.

They are thread-safe.

They are not thread-safe but can be made thread-safe by applying a lock on the servlet.

Question 40

Rachel works as a Software Developer for Vivanet Inc. She writes the following code using Java.

class catchexcp

{public static void metha()

{int x=4/0;System.out.print("Caught exception");}

public static void main(String args[])

{try{metha();}catch(ArithmeticException ae){System.out.print("Caught ArithmeticException");}finally{try{metha();}catch(ArithmeticException ae){System.out.print("ReCaught ArithmeticException");}}}}

What will happen when she tries to compile and execute the code?

Options:

It will compile and execute and will display ReCaught ArithmeticException.

It will not compile.

It will compile but will throw an exception at runtime.

It will compile and execute and will display Caught exception Caught ArithmeticException

ReCaught ArithmeticException.

It will compile and execute and will display Caught exception ReCaught ArithmeticException.

It will compile and execute and will display Caught ArithmeticException ReCaught

ArithmeticException.

Question 41

You have the following code of a PreparedStatement.

PreparedStatement stm = con.prepareStatement("UPDATE EMPLOYEES SET SALARY = ? WHERE ID = ?");

Which of the following statements are true about a PreparedStatement?

Each correct answer represents a complete solution. Choose all that apply.

Options:

The executeUpdate() method executes the SQL query in the PreparedStatement object and returns the ResultSet object generated by the query.

A PreparedStatement reduces execution time if it is required to execute the SQL statementmultiple times.

When the executeQuery() method is used to execute a DDL statement, such as in creating a table, it returns the int 0.

It is illegal for an instance of a PreparedStatement to contain a SQL statement that has already been compiled.

Load More GSSP-Java Questions

Summer Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

GIAC GSSP-Java GIAC Secure Software Programmer – Java Exam Practice Test

GIAC Secure Software Programmer – Java Questions and Answers

Testing Engine

PDF + Testing Engine

PDF Study Guide

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: