Free Oracle 1Z0-899 Exam Dumps Questions & Answers

A web application wants to expose to its clients an operation that results in a transaction being performed across several systems, for example the transfer of money from one bank account to another Which HTTP method should it use?

• A.  HEAD
• B.  OPT IONS
• C.  GET
• D.  POST

Given the java code snippet in contextInitialized method of a ServletContextListner:
ServletRegistration.Dynamic sr = (ServletRegistration.Dynamic)sc.addServlet ("myServlet", myServletClass); sr.addMapping("/abc"); sr.setServletSecurityElement(servletSecurityElement); sr.addMapping("/def"); Which statement is true?

• A.  Both "/abc" and "/def" are mapped to "myservlet". The servletSecurityElementy applies to "/abc", but the behavior for "/def" is not specified.
• B.  "/abc" is mapped to "myservlet". The servletSecurityElementy applies to both "/abc" and "/def".
• C.  Both "/abc" and "/def" are mapped to "myservlet". The servletSecurityElementy applies to "/def".
• D.  Both "/abc" and "/def" are mapped to "myservlet". The servletSecurityElementy applies to "/abc".
• E.  Both "/abc" and "/def" are mapped to "myservlet". The servletSecurityElementy applies to both "/abc" and "/def".

Given that a web application consists of two HttpServlet classes, ServletA and ServletB, and the ServerletA.service method:
20. String key = "com.example.data";
21. session.setAttribute(key, "Hello");
22. object value = session.getAttribute(key);
23.
Assume session is an HttpSession, and is not referenced anywhere else in ServletA.
Which two changes, taken together, ensure that value is equal to "Hello" on line 23? (Choose two)

• A.  enclose lines 21-22 in synchronized block:synchronized(this) (session.setAttribute(key, "Hello");value = session.getAttribute(key);)
• B.  enclose lines 21-22 in synchronized block:synchronized(session) (session.setAttribute(key,
  "Hello");value = session.getAttribute(key);)
• C.  ensure that ServletB synchronizes on the session object when setting session attributes
• D.  ensure that the ServletB.service method is synchronized
• E.  ensure that the ServletA.service method is synchronized

Which of following annotations can be used in a servlet class?
(i) @javax.annotation.Resource
(ii) @javax.annotation.PreDestroy
(iii) @javax.annotation.security.RunAs
(iv) @javax.annotation.security.RolesAllowed
(v) @javax.servlet.annotation.WebServlet

• A.  (i), (ii), (iv) and (v)
• B.  (v) only
• C.  (i), (ii), (iii), (iv) and (v)
• D.  (i) and (v)
• E.  (i), (ii), (iii) and (v)

A web application uses a cookies to track a client as it navigates through the pages that constitutes the application. Which code snippet can be used by the web application to reduce the chance of a cross-site scripting attack by setting some property of the cookie before returning it to the client?

• A.  cookie.setPath("/")
• B.  cookie.setSecure(true)
• C.  cookie.setHttpOnly(true)
• D.  cookie.setMaxAge(3600)