Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

GSSP-Java GIAC Secure Software Programmer – Java Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GIAC GSSP-Java GIAC Secure Software Programmer – Java certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GIAC GSSP-Java Premium Access     Download Demo    
Page: 1 / 5
Total 275 questions

Which of the following elements contains the element in the deployment descriptor?

A.

B.

C.

D.

E.

Which of the following syntaxes can be used to retrieve a URL to a resource specified as WEBINF/example/sessionObject.txt?

Note. Assume that session is an instance of the HttpSession interface, request is an instance of the HttpServletRequest interface, and context is an instance of the ServletContext interface.

A.

context.getResource ("/example/sessionObject.txt")

B.

session.getResource ("/WEB-INF/example/sessionObject.txt")

C.

request.getResource ("/WEB-INF/example/sessionObject.txt")

D.

context.getResource ("WEB-INF/example/sessionObject.txt")

E.

context.getResource ("/WEB-INF/example/sessionObject.txt")

F.

request.getResource ("WEB-INF/example/sessionObject.txt")

Which of the following is a Permission class whose permissions have no actions, and allows suppressing the standard Java programming language access checks?

A.

java.awt.RuntimePermission

B.

java.security.SecurityPermission

C.

java.lang.reflect.ReflectPermission

D.

java.lang.AllPermission

Which of the following methods are used to customize object serialization so that the objects will be able to apply default serialization?

Each correct answer represents a complete solution. Choose two.

A.

readObject()

B.

setDefault()

C.

writeObject()

D.

getDefault()

You work as programmer for PassGuide.Inc. You have purchased a Web application named

SecureProgrammer that uses the programmatic authorization, and the security roles that are not used in your organization. Which of the following deployment descriptor elements must you use so that the SecureProgrammer application can work with your organization?

A.

B.

C.

D.

Which of the following statements are true about Vector and ArrayList?

Each correct answer represents a complete solution. Choose all that apply.

A.

ArrayList is synchronized and Vector is not synchronized.

B.

Each vector tries to optimize storage management by maintaining a capacity and a

capacityIncrement.

C.

If multiple threads are trying to access an ArrayList instance concurrently, and at least one of the threads modifies the list structurally, it must be synchronized externally.

D.

Vector is an implementation of the List interface and implements all optional list operations, and permits all elements, excluding null.

You work as a programmer for PassGuide.Inc. You want to create a servlet filter that stores all request headers to a database for all requests to the Web application's home page "/work.jsp". Which of the following HttpServletRequest methods allows you to retrieve all of the request headers?

A.

java.util.Enumeration getRequestHeaders()

B.

java.util.Enumeration getHeaderNames()

C.

String[] getRequestHeaders()

D.

java.util.Iterator getRequestHeaders()

E.

java.util.Iterator getHeaderNames()

F.

String[] getHeaderNames()

Which of the following statements about various authentication mechanisms in J2EE are true?

A.

The FORM based authentication requires a user to possess a Public Key Certificate.

B.

The realm string of the BASIC authentication must reflect a security policy.

C.

In case of the CLIENT-CERT authentication, a base-64 encoded user name and password is used.

D.

The DIGEST authentication may or may not be supported for a J2EE 1.4 compliant Web container.

You work as a Software Developer for Developer Inc. You write the following code.

interface A {public boolean b = false;}

class C implements A {public static void main(String args[]) {b = true;System.out.println(b);}}

Which of the following will be the result, when you try to compile and execute the above code?

A.

The code will compile and print false.

B.

The code will compile, but it will not execute.

C.

The code will compile and print true.

D.

The code will not compile.

Which of the following statements about the element are true?

Each correct answer represents a complete solution. Choose all that apply.

A.

It can have at the most one sub-element.

B.

It has as one of its sub-elements.

C.

If there is no sub-element, no HTTP method will be constrained.

D.

It is a sub-element of the element.

Which of the following pieces of codes will be placed at the line XXX to successfully compile the given class?

public interface Publication

{

String GetDetails();

}

public class Book implements Publication

{

//line XXX

}

A.

public String GetDetails(){}

B.

Object GetDetails(){}

C.

long GetDetails(){}

D.

private String GetDetails(){}

You develop an application. Now you want to ensure that data is sent between client and server in such a way that it cannot be changed in transit. Which of the following element declarations will be specified to satisfy the requirement of the application?

A.

<user-data-constraint>

INTEGRAL

B.

<user-data-constraint>

CONFIDENTIAL

C.

<user-data-constraint>

NONE

D.

<auth-constraint>

CONFIDENTIAL

</auth-constraint>

Which of the following statements are correct about the code given below?

AccountServlet

This is an Account Servlet.

GET

POST

PUT

DELETE

acme/AccountServlet

Each correct answer represents a complete solution. Choose all that apply.

A.

The delete http method is not allowed in the http-method element declaration.

B.

If no http-method is specified in the web-resource-collection element, the security restriction will be applied to all http methods.

C.

There should be at-least one url-pattern element otherwise, the will be ignored.

D.

It is necessary that the web-resource-name must be specified in the web-resource-collection element.

E.

It is not possible to define more than two http method in the web-resource-collection element.

F.

It is necessary that the web-resource-name must be specified in the url of the url-pattern element.

You work as a Software Developer for BlueWell Inc. Your team creates a Web site for online shopping.

All payments are made through credit cards. Hence, you want to ensure that the information transferred between the customers and your Web site is encrypted. Which of the following authentication mechanisms will you use to accomplish the task?

A.

FORM

B.

DIGEST

C.

BASIC

D.

CLIENT-CERT

Mark works as a Programmer for InfoTech Inc. He develops the following code snippet.

1. public class Garbage

2. {

3. public static void main(String args[])

4. {

5. String line;

6. String first="it is a program";

7. String last="last argument";

8. String arg1=new String((args.length>0) ? "'" + args[0] + "'" . "no arguments");

9. line=arg1;

10. arg1=null;

11. line=first + line + last;

12. first=null;

13. System.out.println("line");

14. line=null;

15. last=null;

16. args=null;

17. }

18. }

Which of the following statements about the code snippet is true when an object is initially referenced with arg1, and it is eligible for garbage collection?

A.

After line 10.

B.

After line 15.

C.

After line 12.

D.

After line 11.

Wilbert works as a Software Developer for Wintos Inc. He writes the following code.

1. public class tcf

2. {

3. public static void main(String[] args)

4. {

5. try

6. {

7. int x = 5 / 0;

8. System.exit(0);

9. }

10. catch(ArithmeticException e)

11. {

12. System.out.println("Within catch");

13. }

14. finally

15. {

16. System.out.println("Within finally");

17. }

18. }

19. }

What will happen when he tries to compile and execute the code?

A.

It will compile and print Within catch as the output.

B.

It will compile and execute successfully but will not print anything.

C.

It will compile and print Within catch and Within finally as the output.

D.

It will compile and print Within finally as the output.

Which of the following statements about serialization are true?

Each correct answer represents a complete solution. Choose all that apply.

A.

Transient variables cannot be serialized.

B.

Externalizable is a marker interface and does not define any method.

C.

Serializable is a marker interface and does not define any method.

D.

Static variables cannot be serialized.

Peter works as a Programmer in Magi Net Inc. He writes the following code.

1. class Ques0190{

2. public static void main(String[] argv){

3. byte a = 100;

4. switch(a){

5. case 10.

6. System.out.println("ten");

7. case 100.

8. System.out.println("hundred");

9. case 1000.

10. System.out.println("thousand");

11. }

12. }

13. }

What will happen when Peter attempts to compile and execute the code?

A.

The code will compile and execute displaying hundred.

B.

The code will not compile because 1000 is not assignment compatible with a byte data type.

C.

The code will not compile because the argument to the switch cannot be a primitive type byte value.

D.

The code will compile and execute displaying hundred followed by thousand.

Peter works as a Software Developer for Neon Inc. He is developing an application in Java. He declares an interface. Which of the following field declarations are valid within the body of an interface?

Each correct answer represents a complete solution. Choose three.

A.

final static int answer=42;

B.

public static int answer = 42;

C.

private final static int answer=42;

D.

public int answer=42;

E.

int answer;

Mary works as a Software Developer for ABC Solutions Inc. She writes the following code.

public class StringMethods {

public static void main(String[] args) {

String str = new String("abc");

str.concat("xyz");

StringBuffer strBuf = new StringBuffer(" 123");

strBuf.append(" no");

System.out.println(str + strBuf);}}

What will be the output when Mary tries to compile and execute the code?

A.

Compilation will fail.

B.

The program will print abc xyz 123 no when run.

C.

The program will print xyz 123 no when run.

D.

The program will print abc 123 no when run.

GIAC GSSP-Java Premium Access     Download Demo    
Page: 1 / 5
Total 275 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved