Java EE 6 Enterprise Architect Certified Master Exam v7.2 (1z0-807)

Your company has decided to expose a set of business operations through an API so that clients can access them remotely. These operations, which are modeled as methods on a stateless session bean component, act as building blocks for complex state-changing activities that need to possess atomicity,, consistency, isolation and durability (ACID) semantics.
Select the best technology to implement the API.

Which two measures are most effective in protecting websites from cross site scripting
(XSS) attacks?

You are the architect at ACME, a large a large global retailer of festival and holiday accessories. ACME wants to launch a new shopping portal for the holiday shopping session, allowing two months from project inception to going live. The portal must contain in-house and third-party stock to attack customers.
Fast response times are also critical so users remain engaged and sticky to the portal.
What would you recommend to the ACME project team to deliver this project?

You are the lead technical designer for a new B2C retail application. A key goal is to minimize design and build complexity in order to maximize speed to market.
Which three features of JPA make it the most appropriate technology to use in building the persistence layer of the application?

You are the architect of an application that reads from and writes to multiple systems. The application must participate in an existing transaction to update a database using JDBC, and also invoke a transactional method on a remote system as part of the same transaction.
Which two technologies would you suggest, to access remote system, for this application?

You are contracted to improve the performance of an application.
While analyzing the application, you observe the following issues:
-> Tight coupling between client and business objects
-> Too many remote method Invocations between client and server
Which design pattern is best suited to improving performance?

Which two types of applications benefit from using JavaServer Faces (JSF)?

Which two statements are true about transport-layer security?

Your company has been using the ACME database vendor for many years. Recently, it started considering a migration to the XYZ database vendor, who uses different SQL dialed. The SQL engines in ACME and XYZ have significant differences in performance when executing the same SQL queries?
Which is the best persistence technology for database migration?

Upper management has announced a change in a company's primary hardware supplier for the next year, the timing of this change coincides with key purchases that line of business department has to make in support of its Java EE application upgrade/redesign project.
You are asked to help outline a strategy to preserve the project timeline and keep hardware training costs contained.
Which recommendation will you make?

Which two statements are true about java Cryptography Architecture (JCA)?

You are the architect for XYZ bank. XYZ is redesigning their online banking offering and you need to ensure that the new design follows security best practices for the JEE platform.
Select three security best practices for JEE applications.

Oasis Corporation has decided to develop a single Instance multi-tiered application with its existing EIS resources. You are the technical lead for the Integration team responsible for providing the following:
-> A common Interface that can easily access the heterogeneous EIS resources
-> Generic transaction mechanism support for EIS resource managers
-> A connection pool to legacy EIS resources
Which two technologies would you use to meet these requirements?

You are asked to propose a software deployment strategy that will reduce a client will also make deploying and testing their software stack more efficient.
Which element would you include in your proposal?

The integration team has reported a problem in testing a few deployed MDBs. By design, each MDB listens to one of four named queues. Two producers write messages to each queue. The test issues messages of the same payload type that each producer will send, but varies the number or size of these messages to measure the messaging servers performance.
The team has noticed that the utilization remains at the same high rate any time the test writes messages destined for the third MDB. The message server log does not reveal any failure in sending messages to this MDB. Which anticipation expresses cause for this condition?