1.Once the credit card transaction is complete, what code do you add to "add code here" in the sample code above in order to remove the user's session information?
a. session.close(); b. request.getSession().invalidate(); (Answer)
c. request.getSession().remove();
d.request.getSession().destroy(); e. getSession().delete();

2. Which method is called on a session attribute that implements HttpSessionBindingListener when the session is invalidated?
1 attributeRemoved 2 sessionInvalidated 3 listenerInvalidated
4 sessionDestroyed 5 valueUnbound (Answer)

3. Which class or interface do you use to retrieve the HttpSession object associated with the current user?
1 HttpServletResponse 2 ServletConfig 3 HttpServlet 4 ServletContext 5 HttpServletRequest (Answer)

4.J2EE applications (including JSP/Servlet web applications) are made up of components that can be deployed into different containers. JSP and Servlets are deployed within web containers.
Within the context of the background information in the above scenario, what type or types of security are provided by J2EE containers?
1 Reliance on the security built into the J2EE application server
2 Declarative and authorization security
3 Reliance on the underlying operating system's security features
4 Programmatic and authentication security
5 Declarative and programmatic security (Answer)

Can anybody crosscheck the ansers I have marked.

Thanks in advance
Infyniti.

hi ,
I am sure about ur answer for Q 1,2,3 .They are perfectly correct .
Since i have not gone through the security part ,i can not say anyting abt that

regards
-santosh

Hi,

I think all the answers marked are correct.

Thanks

For 1,2 and 3 answers are correct.

In real exam you don't get questions that talk about J2EE containers. It refers to application servers like weblogic and websphere. Thats out of scope for SCWCD exam.

Declarative and programmatic security (Answer)

This is correct with respect to servlet security.