1Z1-899 試験問題を無料オンラインアクセス

You have been contracted to create a web site for a free dating service. One feature is the ability for one client to send a message to another client, which is displayed in the latter client's private page. Your contract explicitly states that security is a high priority. Therefore, you need to prevent cross-site hacking in which one user inserts JavaScript code that is then rendered and invoked when another user views that content.
Which two JSTL code snippets will prevent cross-site hacking in the scenario above? (Choose two.)

• A.<c:out eliminateXml= 'true'>${message}</c:out>
• B.<c:out value='${message}' eliminateXml= 'true' />
• C.<c:out>${message}</c:out>
• D.<c:out value= '${message}' />
• E.<c:out value= '${message}' escapeXMl= 'true' />

You want to create a filter for your web application and your filter will implement
.servlet.Filter.
Which two statements are true? (Choose two)

• A.Your filter class must implement an init method and a destroy method.
• B.The method that your filter invokes on the object it received that implementsjavax - servlet.Filterchain can invoke either another filter or a servlet.
• C.Your filter class must also implement javax.sarvlat.FilterChain.
• D.Your filter class must implement a doFilter method that takes, among other things, an HttpServletRequest object and an HttpServletresponse object.
• E.When your filter chains to the next filter, it should pass the same arguments it received in its doFilter method.

Assume a JavaBean com.example.GradedTestBean exists and has two attributes. The attribute name of type java.lang.string and the attribute score is of type jave.lang.Integer.
An array of com.example.GradedTestBean objects is exposed to the page in a request-scoped attribute called results. Additionally, an empty java.util.HashMap called resultMap is placed in the page scope.
A JSP page needs to add the first entry in results to resultMap, storing the name attribute of the bean as the key and the score attribute of the bean as the value.
Which code snippet of JSTL code satisfies this requirement?

• A.<c:set var="${resultMap}" key="{results[0].name}"value="${results[0].score}" />
• B.<c:set var="resultMap" property="${results[0].name}">value="${results[0].score}" />
• C.<c:set target="${resultMap}" property="${results[0].name}">value="${results[0].score}" />
• D.${resultMap[results[0].name] = results[0].score}
• E.<c:set var="resultMap" property="${results[0].name}">${results[0].value}</c:set>

Which EL expression returns true if no session has been established with current client?

• A.${not(requestScope.session)}
• B.${requestScope.sessions.this}
• C.${sessionScope.empty}
• D.${not(pageContext.session)}

A web application wants to expose to its clients an operation that results in a transaction being performed across several systems, for example the transfer of money from one bank account to another Which HTTP method should it use?

• A.OPT IONS
• B.POST
• C.GET
• D.HEAD