A posting from Bert bates(Co-author of scwcd 1.4 exam) details the security concepts tested in the exam.
- As stated in the objectives, four fundamental security concepts (the Big 4), are important for the exam:
- authentication - authorization - data integrity - confidentiality
Note: As these terms are in wide spread use, refer to chapter 12 of the Servlet 2.4 specification for the definitions that will be used in the exam.
- You should understand the Big 4 from a conceptual level and be able to recognize which concept is appropriate for a given situation.
- You should understand how the Big 4 relate to programmatic versus declarative security in the context of Servlets and JSPs. For instance, you should understand how the Big 4 CAN and CANNOT be represented in the deployment descriptor. You should also understand how the HttpServletRequest interface applies to security.
- Of the three security oriented objectives, the objective that focuses on the deployment descriptor is by far the most detail oriented.
- You should understand in detail the structure and use of the following elements of the deployment descriptor:
*** Pay special attention to the following elements, and the combining rules related to these elements:
- <url-pattern> - <http method>
- You should understand how the "transport guarantee" concept is applied to servlets.
- You should understand how to use programmatic and declarative security-related code fragments together.
Objective 5.3 is focused on authentication, which is not that complex a subject from the Servlets perspective. Because this objective is not so heavy-duty, the related questions tend to be a bit more detail oriented (some might even say "trivia oriented".)
- If you understand the following sections from the Servlet 2.4 spec, you'll be in good shape for this objective:
Originally posted by Frankie Cha: Is that Italian? Please translate.
Yes it is.
"Buon lavoro, e grazie di nuovo"
So, after beeing reviewed, the Big 4 objectives have been provided an indication of the importance with respect to other objectives? And based on these results, the sections are weighted to determine how many items need to be written in each section; furthermore, each objective within a section is also weighted to determine how many items per objective need to be written. Am I right?
juuust kidding , it means "Have a nice working day, and thanks again"
Gian Franco [ June 10, 2004: Message edited by: Gian Franco Casula ]
"Eppur si muove!"
Every snowflake is perfect and unique. And every snowflake contains a very tiny ad.