MedLabML is a startup firm that moves patient data between different care providers to provide a "single patient view". They use a B2B system to exchange electronic business document with their key suppliers. They are seeking your advice about standards to review for improving their message-level security.

Which standard or API would you recommend they read?

A. SAML 1.1

B. Web Service Interoperability Technology

C. XML Signature

D. SSL

Which three web applications work best when they are designed to be server-push enabled?

A. A news feed used for providing users with frequently updated news content

B. A web chat that allows users to communicate using easily accessible web interfaces

C. A live sporting event application, used to deliver current results during matches

D. An auction system that provides users with live online bidding

E. A graphics rendering application that generates visuals in an orderly fashion

A company must honor a service-level agreement (SLA) for its application, which states all database requests must execute within three seconds.

100% Real QandAs | 100% Real Pass

Users complain that some requests take longer than five seconds to complete. You have been contracted to fix the problem.

Which course of action do you recommend?

A. Modify the program to implement multi threading and an event-driven design.

B. Add servers to distribute the load.

C. Upgrade the application server and the operating system.

D. Define a plan for isolating the bottleneck, and define indicators that will measure performance under a test load.

Which three actions restrict the ability of a web application to scale in response to load as additional computing resources are made available to it?

A. Implementing the Singleton pattern in the web tier

B. Implementing core business logic in the web tier 100% Real QandAs | 100% Real Pass

C. Implementing core business logic using stateless session beans

D. Storing users' session state in a database

E. Maintaining users' session state by using stateful session beans

You are conducting a security audit for a web application that uses URL rewriting. The application does not allow for user-generated content and is accessible only via secured VPN.

Which two security threats would you prioritize in your audit?

A. SQL injection

B. Cross-site scripting

C. Parameter-site manipulating

D. Session hijacking

E. Denial-of-service attacks

Your application produces messages by client applications. The number of clients interested in the messages varies continuously at run time. Any client can process any message, but a message must be processed exactly once.

How should the messages be delivered to the clients?

A. Using a Java Message Service (JMS) topic

B. Using a Java Message Service (JMS) queue

C. Using XML over HTTP

D. Using a Simple Object Access Protocol (SOAP) web service

Oasis Corporation has decided to develop a single Instance multi-tiered application with its existing EIS resources. You are the technical lead for the Integration team responsible for providing the following: A common Interface that can easily access the heterogeneous EIS resources

Generic transaction mechanism support for EIS resource managers

A connection pool to legacy EIS resources

Which two technologies would you use to meet these requirements?

A. JMS

B. JDBC

C. JCA

D. JAX-WS

E. JAX-RS

Which three actions represent best practices when implementing an exception handling strategy for an application?

A. Create a custom checked exception if an alternative action can be taken to resolve the exception.

B. Create a custom unchecked exception if the action to resolve the exception cannot be defined.

C. Always log the specific exception before re-throwing a wrapped exception.

D. Always throw exceptions in methods that are designed for exception handling.

E. Always include information specific to the error when logging an exception.

While analyzing an application, you observe that it contains numerous Interfaces for complex domain logic. Completing a business Function currently requires calling several of these interfaces in an order that is understood by system experts.

Which design pattern would you suggest to refactor the code?

A. MVC

B. DAO

C. Adapter

D. Decorator

Your company is creating a Java EE corporate wide workflow system in winch significant internal business events are consumed by multiple applications. Due to multi-year development plans, many of these applications do not exist yet, even at the design stage. IT has defined standard data formats for these events in the form of small XML documents. Also, the rules for how an application filters and processes events are not fixed In advance and can change over the life or the application.

Which combination of technologies is best for distributing and consuming these events throughout the company?

A. Relational database and JDBC

B. HTTP client library and servlets

C. Remote Method Invocation (RMI) and stateless session beans

D. Java Message Service (JMS) topics and message-driven beans

E. JMS queues and message-driven beans