1Z0-807 - Java Enterprise Edition 6 Enterprise Architect Certified Master Exam (Step 1 of 3) Exam
Go back to Oracle
Your company requires all its developers to use a well-specified set of exception classes to model several common error conditions, many of the which are specific to its business. These exception classes are centrally maintained and come packaged in a library (a JAR file). The application you are developing needs to report a number of error conditions covered by this library to remote clients. Which paring of component type and remote access technology enables client applications to use the predefined exceptions as part of their natural programming model?
Stateless session bean accessed using Remote Method Invocation (RMI)
Your CMC wants to move several web based search applications to an AJAX model, hoping to improve user engagement with a browser experience that feels smaller and more responsive. Which identifies a drawback to consider when adopting an AJAX model to improve user experience?
Maintaining security within the page could be more difficult.
A company manufactures widgets for sale to distribution. Distributors call this company when they want to order more widgets. The company wants the distributors to send orders using XML documents over the Internet to reduce the number of data entry personnel needed. It has no control over the distributors technologies. The company does not want the Orders to impact the performance of other users. You have been assigned the task of designing a new API. Which method do you use?
Design the API as an asynchronous web service.
You are the architect of a JEE-based product that customers can configure to meet their own security requirements. You want to enforce basic without sacrificing customers ability to customize the product. Which is the best method to support both requirements?
Build a custom security service to handle authorization
A company has been soiling a desktop based billing application that has Character User Interface (CUI) application developed by using Java. The company would like to release the next version of this application with the following features: a GUI with a pluggable look- and-feel capability and the flexibility to support multiple database vendors. Which two technologies would you use in the new version?
MedLabML is a startup firm that moves patient data between different care providers to provide a "single patient view". They use a B2B system to exchange electronic business document with their key suppliers. They are seeking your advice about standards to review for improving their message-level security. Which standard or API would you recommend they read?
Web Service Interoperability Technology
ABC Travel offers a night reservation service, exposed as a web service. XYZ Stays offers a hotel reservation service, also exposed as a web service. ABC and XYZ will not change their web service. A startup company has contacted you for advice about designing a new service that combines flight and hotel reservations, which they will offer as a web service. The startup company plans to provide their service by implementing a portable Java EE solution that aggregates the two services offered by ABC Travel and XYZ Stays, a combined reservation succeeded. Only if both the flight reservation and the hotel reservation succeed Which is the most effective way to meet the business requirement?
The startup company should implement their new service as a web service by calling the two existing services, and implementing their own compensating transaction.
You are implementing an online music that will store and play a user's collection of songs. You want users to rate their songs and view the top songs from friends. All queries must complete in four seconds or less. Which approach would meet the response time requirement with minimal overhead?
Java class that uses an optimized stored procedure
Which two measures are most effective in protecting websites from cross site scripting (XSS) attacks?
Ensure that the session cookie is sent only on UTTPS connections.
Execute all user-supplied scripts in a server-side sandbox.
Which statement is true about the use of security-related annotations in an enterprise bean?
They can be used to specify permissions on a class or its business methods.
Blue Berry Corporation, one of the biggest fruit traders in Canada, has the biggest competitor, Red Cherry Corporation. Blue Berry uses a web application that is developed by using java technologies, whereas Red Cherry's web application uses non-Java technologies. Blue Berry plans to share business sensitive, transactional data between the two systems by integrating them in a loosely coupled manner. Which technology should be used to this?
Which two security threats are negated by encrypting network transactions with Transport Layer Security (TLS)?
Man in the middle
Which two statements describe the contact between an Enterprise JavaBeans (EJB) container and the EJBs that it hosts?
The container provides a transparent scaling mechanism to handle spikes in demand.
The container has a well defined lifecycle model for each EJB type.
Your consulting company has been asked to enhance an existing application. The current application is a two-tier system in which all the business logic is located in thick clients. You are considering a solution that would involve moving the business logic into the server's database In the form of stored procedures. Which statement is an expected outcome of your proposed solution?
It will improve the manageability of the system.
Which two features are supported by the Java Authentication and Authorization Service (JAAS) API?
Single sign on
Configurable access control policies
Which three actions represent best practices when implementing an exception handling strategy for an application?
Create a custom checked exception if an alternative action can be taken to resolve the exception.
Create a custom unchecked exception if the action to resolve the exception cannot be defined.
Always include information specific to the error when logging an exception.
YourDocs is an application that retrieves PDF documents of selected topics from both trusted and untrusted websites. It has been developed using a non-Java technology. You are designing your Mlearn, a mobile-based e-learning application, which will be implemented in Java. You plan to integrate YourDocs with your application. Which web service technology would you choose to Integrate YourDocs into the YourMLearn application?
You are the architect of an existing project. Making changes to one component frequently requires making changes to many other components. Which action would reduce future maintenance costs?
Add an abstraction layer between the servlets and the EJB components.
Which two statements are true about java Cryptography Architecture (JCA)?
Implementations of cryptographic algorithms can be plugged in to a JVM after it has been installed and at run time.
Categories of algorithms supported by JCA include message digests, signatures encryption, management, and random number generation.
You are the architect of an application that reads from and writes to multiple systems. The application must participate in an existing transaction to update a database using JDBC, and also invoke a transactional method on a remote system as part of the same transaction. Which two technologies would you suggest, to access remote system, for this application?
Java Connector Architecture (JCA)
Remote Method Invocation (RMI)
StockTeller is a Java-based application designed to retrieve the current market for a portfolio of publicly listed stocks. You have been tasked to design a bolt on module for StockTeller called EBroker, a Java E-based online application that needs to asynchronously communicate with StockTeller to retrieve market prices for securities in a secure manner. Which web service technology would you choose to integrate StockTeller into the EBroker application?
JAX-WS using HTTPS
A manufacturing company has a large investment in a legacy Inventory Management System (IMS) developed with third-party technologies. You have been asked to design a Java EE application that interacts with it. You would like to ensure the following: Which two technologies combined would meet these requirements?
You are the architect for a patient management system with an HTMLUI. Currently, it is used by ward nurses who access the system using dockable tablet computers. The application uses the HttpSession object to store information. In phase two of the implementation, nurses will also have access through smart phones. These phones will use a native client rather than HTML, and will access the same business logic using a Web service. Which two are optimal methods to manage conversational state in the new version of the system?
The HTML UI and native clients both use stateful session beans.
The HTML UI uses an HttpSession object, native clients create a session management object.
A travel company re-architects its application from a two-tier to a three-tier architecture. To see what impact the new architecture has on its non-functional requirements (NFR), the company intends to build a prototype based on the new architecture. The company compares the NFR metrics associated with the new prototype against the metrics from their original two-tier solution. Which option is an advantage of the original two-tier solution?
It has better availability because it has fewer single points of failure.
You are integrating with a single legacy Enterprise Information System. You are interested in the transaction management capabilities of Java Connector Architecture. This new system needs the capability to invoke multiple operations against this single legacy system. these operations succeeded together or fail together as a group. To which minimum level of transaction management do you set your resource adapter?
You are the architect at ACME, a large a large global retailer of festival and holiday accessories. ACME wants to launch a new shopping portal for the holiday shopping session, allowing two months from project inception to going live. The portal must contain in-house and third-party stock to attack customers. Fast response times are also critical so users remain engaged and sticky to the portal. What would you recommend to the ACME project team to deliver this project?
Access all third party content using JSONP to dynamically load it from the browser.
A company must honor a service-level agreement (SLA) for its application, which states all database requests must execute within three seconds. Users complain that some requests take longer than five seconds to complete. You have been contracted to fix the problem. Which course of action do you recommend?
Define a plan for isolating the bottleneck, and define indicators that will measure performance under a test load.
Oasis Corporation has decided to develop a single Instance multi-tiered application with its existing EIS resources. You are the technical lead for the Integration team responsible for providing the following: Which two technologies would you use to meet these requirements?
You are consulting with a team that has maintained several legacy database for years. They have reviewed the JPA spec and are wondering if the technology would offer benefits over this current SQL base. Which statement identifies a risk of adopting JPA?
JPA only works with well-known data models.
Which statements are true about Java integration technologies?
JMS helps to broadcast messages to multiple Java-based receivers.
While analyzing an existing web application, you observe the following issues in the source code: - Duplicate control code is scattered throughout various view. - Business and presentation logic are mixed within these view. The next phase of the project involves refactoring the existing code to address these two issues. Which design pattern, if employed in the refactoring exercise, would most directly address the two issues?
Service to Worker
You are contracted to improve the performance of an application. While analyzing the application, you observe the following issues: - Tight coupling between client and business objects - Too many remote method Invocations between client and server Which design pattern is best suited to improving performance?
Which three statements are true about inheritance?
Inheritance helps to reuse existing code implementations.
It should be possible to substitute the derived class for its base class.
Inheritance allows you to modify the behavior of objects.
The web pages cannot be previewed accurately with a generic WYSIWYG HIML editor.
The integration team has reported a problem in testing a few deployed MDBs. By design, each MDB listens to one of four named queues. Two producers write messages to each queue. The test issues messages of the same payload type that each producer will send, but varies the number or size of these messages to measure the messaging server's performance. The team has noticed that the utilization remains at the same high rate any time the test writes messages destined for the third MDB. The message server log does not reveal any failure in sending messages to this MDB. Which anticipation expresses cause for this condition?
Your company is creating a Java EE corporate wide workflow system in winch significant internal business events are consumed by multiple applications. Due to multi-year development plans, many of these applications do not exist yet, even at the design stage. IT has defined standard data formats for these events in the form of small XML documents. Also, the rules for how an application filters and processes events are not fixed In advance and can change over the life or the application. Which combination of technologies is best for distributing and consuming these events throughout the company?
Java Message Service (JMS) topics and message-driven beans
A business application that runs in an Enterprise JavaBeans (EJB) container must communicate with a transactional third-party service. The communication technology must allow changing service providers without changing the application's business model. Which technology would meet these requirements?
Java Message Service
Which two statements are true about security strategies at the message level?
Messages are secured during transport and after arrival at their destination
Message attachments are secured without the need for a dedicated API.
A successful web application is used by over two hundred thousand users. Due to this substantial load, the database is over bridged and fails frequently. All data, included critical user records and temporary session data, is stored in the database. Because of resource constraints, a new database system cannot be installed. Which change will reduce the load on the database?
Refactoring the web application to store temporary session data on the web servers
Which two types of applications benefit from using JavaServer Faces (JSF)?
An application in which type conversion of the values of UI components is implemented only in Java classes.
An application that sets specific database validation listeners on a UI component
Which two functions are essential parts of a service oriented architecture (SOA) infrastructure?
The service provider, which executes business logic in a stateless fashion
The service repository, which stores software component metadata
You are designing a bank application in which automated email reminders are sent to customers every 24 hours, starting from five days prior to a payment due date until the payment is made? Which type of beans most closely match the implementation needs for this requirement?
Which two kinds of applications benefit from the adoption of service oriented architecture (SOA) inspired patterns and practices?
An application that retains legacy systems while evolving to accommodate future business demands
An application in which the communication between services and the business process are platform independent.
You are asked to propose a software deployment strategy that will reduce a client will also make deploying and testing their software stack more efficient. Which element would you include in your proposal?
Oasis Corporation has decided to develop a single Instance multi-tiered application with its existing EIS resources. You are the technical lead for the Integration team responsible for providing the following: - A common Interface that can easily access the heterogeneous EIS resources - Generic transaction mechanism support for EIS resource managers - A connection pool to legacy EIS resources Which two technologies would you use to meet these requirements?
Which two statements are true about delegation as an Object-Oriented Design technique?
It allows you to replace Inheritance with composition.
It always requires that at least two objects are involved in handling a request.
Your company provides a marketplace for industrial chemicals. You are required to offer accurate pricing and quantities to all marketplace users. Marketplace users are globally distributed. What is the most appropriate technology to use to satisfy this requirement?
Web services using REST
You are the architect of a web application that uses javaServer Faces (JSF) as a presentation tier for business processes coded as stateless session beans. When you add new code to the stateless session beans to address new accounting requirements, without changing the interface, you discover that the new business processes are being ignored by some of the JSF components. What might be the cause of this problem?
The business processes are not rigorously encapsulated in the session beans.
A manufacturing company has a large investment in a legacy Inventory Management System (IMS) developed with third-party technologies. You have been asked to design a Java EE application that interacts with it. You would like to ensure the following: - Minimal application code is required to parse the communication messages. - Communication is asynchronous and stateless. - Performance import of the existing system is minimal. Which two technologies combined would meet these requirements?
Which two actions limit the consequences of a network based attack?
Implementing the principle of least privilege
Allowing application servers privileged access to all databases