Amit Jnagals SCEA Resources
Google
 

 
My Resume
SCEA Mock Exam

Some Useful Concepts

These are some concepts picked from various resources on the web. 

How has the sandbox changed with Java 2? 

Java 2 provides the capability to specify a security policy that determines the accesses that an applet or application is allowed based on its source and the identities of those who have signed the code.

What are the advantages of thin clients? 

Thin clients separate the client tier from the business logic and data storage tiers. This enables applications to be distributed, scaled, upgraded, managed, and maintained more easily. 

What are the advantages of encapsulation in object-oriented software development. 

Encapsulation hides the private details of a class's implementation. This provides protection from accidental misuse. It also allows a class's design to be separated from its implementation. Changes to a class's implementation can be made with minimal impact on classes that depend on the class. 

In what cases are synchronous architectures more appropriate than asynchronous architectures?

Synchronous architectures are more appropriate than asynchronous architectures in applications where the sender and receiver must participate in a message exchange, and the sender must respond to the receiver in a limited time frame. An example of this is credit card authorization. The sender needs a response within a short time to complete a electronic commerce transaction and to notify a user that his purchase has been completed. 

What is the purpose of JNDI?

JNDI provides a platform-independent Java interface to naming and directory services, such as LDAP, NDS, and Active Directory.

What is the difference between public-key encryption (asymmetric) and private-key (symmetric) encryption?

Public-key encryption makes use of a pair of public and private keys. The public key is used to encrypt data and the private key is used to decrypt it. In private-key encryption the encryption and decryption keys are usually the same. Both keys must be kept secret to maintain the security of encrypted information.

What advantages do servlets have over CGI programs? 

Servlets are written in Java and are platform-independent. Servlets run under the JVM and may be secured using the Java sandbox. Servlets run as threads and may be preloaded to improve their performance. 

What is a virtual private network?

A virtual private network is a network between geographically-dispersed sites that takes place over an untrusted network. Encryption and authentication mechanisms are used to secure data that is transmitted over the untrusted network. 

What is the connection keep-alive feature of HTTP 1.1? 

HTTP 1.1's connection keep-alive feature allows the TCP connection between a browser and a Web server to remain open throughout multiple HTTP requests and responses. This significantly improves the overall performance of browser-server communication. 

What are extranet applications?

Extranet applications are applications that are designed for use by external organizations (such as buyers, vendors, suppliers, and financial institutions) and that take place securely over the Internet. 

What is a screen scraper? 

A screen scraper is a software application that translates an existing client interface into a set of objects that can be used to build new client software. 

What is the purpose of a transaction monitor? 

Transaction monitors are programs that monitor transactions to ensure that they are completed in a successful manner. They ensure that successful transactions are committed and that unsuccessful transactions are aborted. 

What is a message digest? 

A message digest is a value that is computed from a message, file or other byte stream that serves as a digital fingerprint for the byte stream. Message digests are computed using one-way functions. 

In which application lifecycle phases is an application architecture produced?

Application architectures may be produced during requirements analysis. However, an application's architecture is not formalized until design. An architecture may be updated based on problems or opportunities that are encountered in subsequent lifecycle phases. 

How does legacy object mapping work?

Legacy object mapping builds object wrappers around legacy system interfaces in order to access elements of legacy system business logic and database tiers directly. Legacy object mapping tools are used to create proxy objects that access legacy system functions and make them available in an object-oriented manner. 

What is the content of the Java 2 security policy file? 

The security policy file contains a series of grant entries that identify the permissions granted to an applet or application based on its source and signatures. 

What is the purpose of a firewall? 

Firewalls are used to mediate and control all information that is communicated between an external (untrusted) network and an internal (trusted) network. Firewalls make use of IP filtering and application proxies to implement firewall security policies. 

What is the keystore? 

The keystore is a database of identities and their aliases, public keys, and certificates. 

What are the advantages of asynchronous architectures? 

Asynchronous architectures decouple senders and receivers. This brings about performance advantages for both the sender and the receiver. The sender is able to even out his communication traffic over the course of a day. This is helpful in cases where sender and receiver communicate over low-bandwidth lengths. The receiver can even out its processing load by processing the sender's message as time permits. 

What is IPSec?

IPSec is a set of IP extensions that provide security services, such as encryption, authentication, and data integrity. IPSec is typically used with a VPN. 

What is Secure Sockets Layer (SSL)?

SSL is a protocol that sits between the transmission control protocol and application layer protocols. It provides authentication and encryption services to the application layer protocols. 

What is the purpose of a use case diagram? 

A use case diagram describes the users of a system and the functions and services that are provided to the users. 

What is the applet sandbox?

The applet sandbox is a mechanism by which all applets that are loaded over a network are prevented from accessing security-sensitive resources, such as the local file system and networking resources.

What are the phases of the object-oriented development lifecycle? 

The phases of the object-oriented development lifecycle are problem statement, object-oriented analysis, Java architecture design, object-oriented design, and object generation. 

How is database middleware used to access legacy databases? 

Database middleware enables legacy databases to be accessed from Java by translating between JDBC and the drivers that are supported by the legacy databases. 

What is the publish/subscribe model? 

The publish/subscribe model is an approach to distributed system communication in which publishers publish information to a subject address and subscribers subscribe to information at a subject address. The publish/subscribe model has the benefit of making publishers independent of location. This enables subscribers to subscribe to information without having to know the location of a publisher.

How is JNI used to access legacy system software? 

JNI is used to write custom code to interface Java objects with legacy software that does not support standard communication interfaces.

What does a deployment diagram specify? 

A deployment diagram identifies the physical elements (processing nodes) of a system, communication links between nodes, and the mapping of software components to these elements. 

What is a digital signature? 

A digital signature consists of text that is encrypted using the private key of a public key[md]private key pair. The public key is used to decrypt the signature to verify its authenticity. 

What is a digital certificate? 

A digital certificate is a message that is signed by a certification authority that certifies the value of a person or organization's public key. 

What is the difference between a stub and a skeleton? 

A stub is a proxy for a remote object that runs on the client computer. A skeleton is a proxy for a remote object that runs on the server. Stubs forward a client's remote method invocations (and their associated arguments) to skeletons, which forward them on to the appropriate server objects. Skeletons return the results of server method invocations to clients via stubs. 

What is a certification authority? 

A certification authority is an organization that is trusted to verify the public keys of other organizations and individuals. Certification authorities issue digital certificates that verify the public keys of these entities. 

What is the relationship between an EJB component, EJB container, and an application server?

An EJB component is an enterprise bean that runs in a container. The container provides a platform-independent execution environment for the bean. Containers are hosted on EJB-compliant application servers. The vendor-specific application servers provide a common set of services to the containers via the EJB framework. 

Amit Jnagal

Email your feedback 
Amit Jnagal