Page: 7
Unit-5 : Web Application Security
Q18. Which two statements are true about the security-related tags in a valid Java EE deployment descriptor? (Choose two.) A. Every <security-constraint> tag must have at least one <http-method> tag. B. A <security-constraint> tag can have many <web-resource-collection> tags. C. A given <auth-constraint> tag can apply to only one <web-resource-collection> tag. D. A given <web-resource-collection> tag can contain from zero to many <url-pattern> tags. E. It is possible to construct a valid <security-constraint> tag such that, for a given resource, no user roles can access that resource. Answer: B, E Q19. Which element of a web application deployment descriptor <security-constraint> element is required? A. <realm-name> B. <auth-method> C. <security-role> D. <transport-guarantee> E. <web-resource-collection> Answer: E Q 20 Which two are required elements for the <web-resource-collection> element of a web application deployment descriptor? (Choose two.) A. <realm-name> B. <url-pattern> C. <description> D. <web-resource-name> E. <transport-guarantee> Answer: B, D
Page: 7
1
2
3
4
5
6
7
8
9
10
|