Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp

Vinod Subramaniam

Greenhorn
+ Follow
since Aug 17, 2003
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by Vinod Subramaniam

Iam porting J2EE application from Tomcat to OC4J 10.1.3. Its using HSQL as database. All the data are in files. One of the file has insert script which inserts Portal User Id and PortalUser Object(its blob) into in memory HSQL. When i read the PortalUser details and do getObject on ResultSet iam getting the following error. The Same is working on Tomcat which Uses JDK 1.3. The Record is written using Tomcat Server. Iam using the same HSQL driver on OC4J 10.1.3 which loads the Insert script created on Tomcat into in memory HSQL but still getting the following error. Is there any vendor specific Read and Write happening by the vendor even if we use same drivers(HSQL driver)? If yes is there a way to overcome it.

Code for which Iam getting Error
Object obj = theResult.getObject("PORTALUSEROBJECT");

Error
de.svi.svis4j.allgemein.portal.datenpflege.PortalDBConnect] Select-Statement auf Tabelle PortalUser fehlgeschlagen!
java.sql.SQLException: Serialization failure
at org.hsqldb.jdbc.jdbcUtil.sqlException(Unknown Source)
at org.hsqldb.jdbc.jdbcResultSet.getObject(Unknown Source)
at org.hsqldb.jdbc.jdbcResultSet.getObject(Unknown Source)
at de.svi.svis4j.allgemein.portal.datenpflege.PortalDBConnect.getPortalUserByID(PortalDBConnect.java:82)

Any hints, Pointers or Help would be apprecitaed in this regard.
Thanks in advance for your help.


Thanks,
Vinod S
Congradulation Vinay. Iam planning to take my Part 2. Iam preparing for it. In parallel i wanted to pay for SCEA part 2 and get the assignment, understand and start thinking about the Use Case. Can you please tell me the procedure for SCEA Part2.

Thanks and Regards,
Vinod S
Hi All,
Iam Working in J2EE Technology from past 4 yrs. Can someone give me an insight on J2ME and Will it be usefull for me to learn J2ME.


Thanks and Regards,
Vinod S
18 years ago
Sorry there was a mistake in my typing

Tips For the Exam.
1) Read materials to understand the concepts(All found in scea_j2ee and scea_prep yahoo groups).
2) If you get some partner for the Exam preparation it would be great for discussing(I lacked too much)
3) Solve 288 questions and understand each options given. If you dont understand discuss with your friends and post in javaranch as well. I found javaranch to be helpfull place for clarifying my doubts.
4) Thanks for all for clarifying my doubts.
18 years ago
I cleared SCEA Part 1 today with 91%. It was a long preparation.

Tips For the Exam.
1) Read materials to understand the concepts.
2) If you get some partner for the Exam it would be great for discussing(I lacked too much)
3) Solve 288 questions and understand each options given. If you dont discuss with your friend and post in javaranch as well. I found javaranch to be helpfull place for clarifying my doubts.
4) Thanks for all for clarifying my doubts.





Regards,
Vinod S
18 years ago
Congrads and Wish you all the best for PART II and III. Are the question similar to Mock Exams or is it different? Is there anything we have to cover in depth apart from the Materials and Notes used for SCEA?




Regards,
Vinod S
Hi All,
Iam Adding more Questions with my answers and few unanswered. Can someone please check whether the answers are correct and answer which unanswered.

1)Which of the following is NOT a strength of message digest functions?
Choice 1 There are no active patents.
Choice 2 Relative speed.
Choice 3 No export restrictions.
Choice 4 The digest will always be smaller than the original message.
Choice 5 High reliability for detecting tampering.

Answer : Choice 2


2)Which of the following can firewalls NOT protect against?
Choice 1 Unauthorized access to legacy systems.
Choice 2 Attackers with direct access to the protected side.
Choice 3 Viruses.
Choice 4 Inappropriate use of the Internet.
Choice 5 Unauthorized access to web servers.

Answer :Choice 2

3)In order to hide internal IP addresses from prying eyes on the Internet, what
would be the best option for an organization to employ?
Choice 1 A DNS server.
Choice 2 An E-mail server.
Choice 3 A proxy server.
Choice 4 A file server.
Choice 5 A web server.

Answer : Choice 3

4)Secure E-mail means which of the following is encrypted?
Choice 1
"From:" Category
Choice 2
Contents
Choice 3
Checksum
Choice 4
"To:" Category
Choice 5
Header



5)Companies A and B exchange electronic invoices and orders using encrypted
communications as shown above. This is an example of what technology?
Choice 1 subnet
Choice 2 intranet
Choice 3 extranet or VPN
Choice 4 supranet
Choice 5 value-added network

Answer : Choice 3


6)
A)port number
B)destination IP address
C)source IP address
D)mime type
E)username / password

Modern firewalls can allow/deny access on the basis of which of the above?
Choice 1
A only
Choice 2
A and C only
Choice 3
A, B, and C only
Choice 4
A, D, and E only
Choice 5
A, B, C, D, and E

Answer : Choice 3


7)Which of the following is NOT a firewall incident handling response when beginning an investigation of a system comprise?
Choice 1 The firewall should be examined on a weekly basis to determine if attacks have been detected.
Choice 2 The firewall should reject all forms of probing or scanning tools.
Choice 3 The firewall should be restored in a different configuration than was used prior to the incident or break-in.
Choice 4 The firewall administrator should be notified at anytime of a security alarm in the event of suspicious activity detection.
Choice 5 The firewall should be configured to log all activity.

Answer : Choice



8)What are file system permissions called that are enforced when a user
attaches to a file system?
Choice 1 Cumulative
Choice 2 Shared
Choice 3 Closed
Choice 4 File
Choice 5 Open

Answer : Choice 4

9)Which of the following is NOT a risk when an organization is hacked?
Choice 1 Delivery service might be interrupted.
Choice 2 Financial damages might result due to illegal activity.
Choice 3 Damage to an organization's reputation might result in business loss.
Choice 4 Hackers could break into the cgi-bin directory, causing redirection of critical data.
Choice 5 Stolen data might be used against an organization.

Answer : Choice 1


10)What should the security practitioner do to ensure the control objectives of a system design?
Choice 1 Get senior management's approval on the impact analysis.
Choice 2 Complete the vulnerability assessment first.
Choice 3 Make sure the auditing procedures have been defined per instructions.
Choice 4 Ensure the system design has proper security administrator authorization.
Choice 5 Check that properly formatted objectives are on file with the auditor.

Answer : Choice 3, 4



11)When does a problem with using persistent cookies or client certificates for user authentication occur?
Choice 1 When a user changes computers.
Choice 2 When a user does not log on for more than 30 days.
Choice 3 When the IP address of the server changes.
Choice 4 When the IP address of the user changes.
Choice 5 When a user wishes to change preferences.
Answer : Choice 1


12)Which layer of the OSI reference model is typically used to perform
cryptography?
Choice 1 Data Link
Choice 2 Presentation
Choice 3 Session
Choice 4 Transport
Choice 5 Network
Answer : Choice 3

13)Which of the following could be characterized as a "denial-of-service" attack on a system?
Choice 1 A Java applet is loaded that creates multiple threads that consume 99% of a CPU for no useful purpose.
Choice 2 A JavaScript window mimics an operating system window to trick you into doing something malicious.
Choice 3 A person uses a password sniffer to learn usernames and passwords and then breaks in.
Choice 4 A virus captures and then transmits credit card numbers when they are entered by a user.
Choice 5 An Active/X control secretly sends a password or configuration file to an attacker

Answer : Choice 1




14)List
A)Creating symmetric keys
B)Message authentication
C)Sender identification
D)Double encryption
E)Generating digital signatures

Which of the above can message digests be used for?
Choice 1
A only
Choice 2
C only
Choice 3
E only
Choice 4
A and B only
Choice 5
A, C, and D

Answer : Choice 3

15)What is the current standard for certificate format?
Choice 1 LDAP
Choice 2 NDS
Choice 3 x.500
Choice 4 ASN.1
Choice 5 x.509
Answer : Choice 5

16)The packet filter above ensures all outbound requests must come from the proxy server. Which of the following is an important security advantage of this arrangement?
Choice 1 It processes all requests very efficiently.
Choice 2 The proxy can store all private keys assigned to internal users.
Choice 3 The outside network sees only one internal address.
Choice 4 The two networks can use different protocols.
Choice 5 The level of protection can be customized for each internal host.

Answer : Choice 3


17)An Internet application uses certificates issued by your company to identify users. What is the minimum information about each user that should be stored in the certificate?
Choice 1 Information necessary to uniquely identify each user.
Choice 2 All information submitted by the user applying for the certificate.
Choice 3 The user's passphrase and name.
Choice 4 The user's name.
Choice 5 Name, logon ID, and password, if appropriate.

Answer : Choice 2



18)Of the following, which one is NOT a potential weakness in firewalls using packet filtration?
Choice 1 Programming is often specialized.
Choice 2 Most internal networks change daily, requiring programming changes.
Choice 3 Only works for TCP packets, not UDP.
Choice 4 Extensive filter lists slow the routing process.
Choice 5 Can be easily compromised or defeated.

Answer : Choice


19)What is the part of an incoming IP packet that identifies the application that requests data?
Choice 1 source port number
Choice 2 sequence count
Choice 3 destination address
Choice 4 destination port number
Choice 5 source address
Answer : Choice 4


20)How would a person authenticate a digital certificate issued by a public certificate authority?
Choice 1 Decrypt the subject identification information using the subject's private key.
Choice 2 Check the certificate authority's digital signature.
Choice 3 Call the subject and have them repeat the digital signature of the certificate.
Choice 4 Decrypt the subject identification information using the certificate authority's private key.
Choice 5 Check the subject's digital signature.
Answer : Choice 2


21)When considering employing a firewall, you will expect to find all of the following services but one. Which is it?
Choice 1 IP Masquerade
Choice 2 Proxy Services
Choice 3 Packet Switching
Choice 4 Packet Filtering
Choice 5 Encrypted Tunnels
Answer : Choice 5


22)What do you need to decipher an encrypted E-mail message that uses public key encryption?
Choice 1 Your public key.
Choice 2 The sender's public key.
Choice 3 The sender's private key.
Choice 4 The digital signature included with the message.
Choice 5 Your private key.
Answer : Choice 2


23)Java applets can open new windows on the user's system. How do most modern browsers prevent them from spoofing or fooling the user by pretending to be a different application?
Choice 1 The window is displayed inside the browser's main display area.
Choice 2 The window does not permit users to enter any data.
Choice 3 The browser produces an audible warning whenever a user enters information into the applet window.
Choice 4 The window is always modal.
Choice 5 The window indicates that it is an unsecure applet window.

Answer : Choice 5


24)What is the rule of thumb when designing a system that must protect data in transit across the Internet?
Choice 1 An encryption mechanism is only as strong as the secrecy of its private key.
Choice 2 To ensure that the cost of breaking the encryption method exceeds the value of the data.
Choice 3 Private keys should always be stored in the configuration file, never in their own file.
Choice 4 Use symmetric key encryption if you do not know who you will be communicating with ahead of time.
Choice 5 Always authenticate and encrypt data using different keys.

Answer : Choice 2



25)Which is NOT a fundamental security risk to an Internet host?
Choice 1 Inadequate activity logging.
Choice 2 Inadequate backup procedures.
Choice 3 Failure to upgrade software after bugs/security holes are detected.
Choice 4 Failure to upgrade hardware to increase processing efficiency.
Choice 5 Plain text password transmission.

Answer : Choice 1



26)What is the most common method of combating spam attacks?
Choice 1 Counter-spamming
Choice 2 Source post office blocking
Choice 3 Source address blocking
Choice 4 Content filtering
Choice 5 Source port blocking

Answer : Choice 3


27)How does one ensure non-repudiation on an e-commerce system?
Choice 1 By using hardware tokens.
Choice 2 By using public key cryptography.
Choice 3 By using private key cryptography.
Choice 4 By using proper access control.
Choice 5 By using digital signatures.
Answer : Choice 5


28)Files access rights are what type of permissions?
Choice 1 Cumulative
Choice 2 File
Choice 3 Open
Choice 4 Shared
Choice 5 Closed

Answer : Choice 3

29)Which of the following is NOT an appropriate action to take regarding misuse of organizational network resources?
Choice 1 Termination
Choice 2 Verbal Reprimand
Choice 3 Hiding the incident from public scrutiny.
Choice 4 Written Reprimand
Choice 5 Demotion

Answer : Choice 3

30)Which of the below controls best enhances the confidentiality of internet mail?
Choice 1 Making all post office connections with POP protocol.
Choice 2 Encrypting messages with RSA.
Choice 3 Hashing message contents with MD5.
Choice 4 Signing messages with PGP.
Choice 5 Using the digital signature standard.

Answer : Choice


31)What is the MOST COMMON use of server certificates?
Choice 1 Signed applets
Choice 2 SSL
Choice 3 Authenticode
Choice 4 Secure E-mail
Choice 5 Citizen Identification

Answer : Choice 2



32)Using public key encryption, how can Betty ensure a message she sends Bill cannot be read by anyone else and that Bill can be sure she sent it?
Choice 1 Encrypt it with her private key and sign it with her private key.
Choice 2 Encrypt it with Bill's public key and sign it with Bill's public key.
Choice 3 Encrypt it with Bill's public key and sign it with her public key.
Choice 4 Encrypt it with Bill's public key and sign it with her private key.
Choice 5 Encrypt it with her public key and sign it with Bill's public key

Answer : Choice 4

33)Which is NOT a benefit of having a single sign-on for all applications within a corporate environment?
Choice 1 Facilitating employee access from home via the Internet.
Choice 2 Making security administration easier.
Choice 3 Easing the memory burden on users.
Choice 4 Reducing the likelihood that users will write down their passwords.
Choice 5 Reducing the time spent by users gaining access to systems.

Answer : Choice 1


34)What is Kerberos used for?
Choice 1 To secure credit card authorization of all magnitudes.
Choice 2 Providing a secure single sign-on capability in a distributed environment.
Choice 3 For user identification and authentication for E-mail.
Choice 4 Approving small charges over the Internet.
Choice 5 Providing real-time authentication for teleconferencing applications.

Answer : Choice


35)How could a photo, like the one above, be transmitted across the Internet resistant to tampering AND enabling the recipient to positively identify the sender?
Choice 1 It could be encrypted with the sender's public key.
Choice 2 It could be encrypted with the receiver's public key.
Choice 3 File compression could be used.
Choice 4 It could be digitally signed by the sender.
Choice 5 It could be encrypted with the receiver's private key

Answer : Choice 2, 4



36)Which of the below SMTP packets is suspicious and should be blocked?
Choice 1 An incoming TCP packet to a source port >1023 from a destination port of 25.
Choice 2 An incoming TCP packet to a source port 25 from a destination port of >1023.
Choice 3 An outgoing TCP packet to a source port >1023 from a destination port of 25.
Choice 4 An outgoing TCP packet to a source port 25 from a destination port of >1023.
Choice 5 None of the above is suspicious.

Answer : Choice


37)
A)username/password
B)certificates
C)biometrics
D)smart cards or tokens

Which of the above techniques for user authentication can be used over the Internet?
Choice 1 A only
Choice 2 A and B only
Choice 3 A, B, and C only
Choice 4 B and D only
Choice 5 A, B, C, and D

Answer : Choice 2


38)If your organization wished to communicate with an outside organization using a means that is authenticated and encrypted, what should you get management to invest in?
Choice 1 3DES Network
Choice 2 Secure Access Network
Choice 3 Virtual Public Network
Choice 4 Ethernet
Choice 5 Virtual Private Network
Answer : Choice 5


39)What is the first step any organization should take when considering
internet/network security options?
Choice 1 Disconnect from the Internet until option is implemented.
Choice 2 Develop a good security plan.
Choice 3 Perform a risk analysis.
Choice 4 Attempt a full host scan on the network.
Choice 5 Employ a firewall.
Answer : Choice 5



40)What is always necessary to decipher symmetrically encrypted data?
Choice 1 The message digest.
Choice 2 The check sum file.
Choice 3 The digital signature.
Choice 4 The key.
Choice 5 The signature file.
Answer : Choice 4
1) Which of the Following can firewalls NOT Protect against?
Choice 1 : Unauthorized access to Legacy Systems
Choice 2 : Attackers with direct access to protected Site
Choice 3 : Viruses
Choice 4 : Inappropriate use of the internet
Choice 5 : Unauthorized access to Web Site

I feel Choice 2 is Correct

2) In Order to hide Internal IP Addresses from prying eyes on the internet, what would be the best optyion for an organization to employ?
Choice 1 : A DNS Server
Choice 2 : An E-mail Server
Choice 3 : A Proxy Server
Choice 4 : A File Server
Choice 5 : A Web Server

I feel the Choice 3 is correct

3) What is encrypted in Secure Email?
a) From : Category
b) Contents
c) CheckSum
d) TO : Category
c) Header


4)
Thanks for the information Muhammad Asif. Is just my bad luck. Hope everthing gets sorted out.


Thanks and Regards,
Vinod S
Hi All,
To be more clear i have reframed the Sentences and re posting the same query again.
I have a problem with SCEA Voucher. I had taken the voucher from an X Institute in Bangalore. Then i had sent a mail for booking a slot on Friday(24-03-06). They did not confirm about the booking. On Friday(24-03-06) i called them once again for atleast booking the slot on Saturday(25-03-06) and they started saying they have booked the slot on friday and asked me take the exam on the same day. As i did not get any confirmation from them before i was not ready on friday and told the same to them. They said it'll take some time to book the slot again and hence i called another Y institute and booked the slot on Tuesday(28-03-06). I gave my voucher they verified and told me it has already been used. When i went back to X institute and told them, they told they also dont know what to do and asked me to give some time. I dont know what to do now and i want take the exam as early as possible. How can a Voucher show as being used before taking the exam? Can anyone please Suggest me what to do.
Awaiting your Reply eagerly. Thanks in Advance for your Help.





Thanks and Regards,
Vinod S
Do we have to know the following in depth for SCEA Exam
1) JAAS
2) PKI Infrastructure
3) JSSE
4) JCA

Is it sufficient to know what they are and why they are used?



Thanks and Regards,
Vinod S
Hi All,
I have a problem with SCEA Voucher. I had taken the voucher from Institute in Bangalore. Then i had sent a mail for booking a slot on Friday(24-03-06). They did not confirm about the booking. On Friday(24-03-06) i called them once again for atleast booking the slot on Saturday(25-03-06) and they started saying they have booked the slot on friday and asked me take the exam on the same day. As i did not get the confirmation i was not ready on friday and told the same to them. They said it'll take some time to book the slot again and hence i called another institute and booked the slot on Tuesday(28-03-06). I gave my voucher they verified and told me it has already been used. When i went back to other institute and told them, they also didnt know what to do and asked me to give some time. I dont know what to do now and i want take the exam as early as possible. How can a Voucher show as being used before taking the exam? Can anyone please Suggest me what to do.



Thanks and Regards,
Vinod S
Hi All,
Iam Vinod S and cleared my SCBCD with 98% today. I thanks the members of this group for giving good guidance.
HFEJB is Very good for the exam and i also used some materials available on net for the preparation.


Regards,
Vinod S
19 years ago
True or False: Entity beans can have "UNKNOWN" primary keys so that they can be deployed more portably across different servers

Is there anything called "UNKNOWN" primary keys. If Yes how is it used
What is the difference between meaningfull and unspecified transaction.