Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free GIAC GSSP-Java Practice Exam with Questions & Answers | Set: 3

Questions 21

Which of the following security related elements of the deployment descriptor matches the argument to the isCallerInRole() method?

Options:
A.

B.

C.

D.

GIAC GSSP-Java Premium Access
Questions 22

Which of the following fields is required when a user is authenticated using FORM authentication?

Options:
A.

j_security_check

B.

password

C.

j_pw

D.

jid

E.

_jid

F.

jpassword

Questions 23

Identify whether the given statement is true or false.

"An object becomes eligible for garbage collection when it becomes unreachable by any code."

Options:
A.

False

B.

True

Questions 24

You work as a Software Developer for NewTech Inc. You write a bean class using Enterprise JavaBeans 3.0. The class uses the @DeclareRoles ("ADMIN, HR, DBA, USER") annotation to declare the security roles. The class contains a method named showResult(). You want to ensure that the ADMIN role is granted privilege to the showResult() method. Moreover, if a role that is not allowed to access the method tries to call the method, an error message must be shown. Assuming that there is no security-related element in the deployment descriptor, which of the following will you use to accomplish the task?

Each correct answer represents a part of the solution. Choose two.

Options:
A.

The isCallerInRole() method

B.

The getCallerPrincipal() method

C.

The @RolesAllowed("ADMIN") annotation

D.

The @PermitAll annotation

Questions 25

Which of the following methods retrieves a single character from a string?

Options:
A.

trim()

B.

substring()

C.

charAt()

D.

indexOf()

Questions 26

Which of the following methods throws a SecurityException if the calling thread is not allowed to open a socket connection to the specified host and port number?

Options:
A.

checkDelete()

B.

checkExec()

C.

checkCreate()

D.

checkConnect()

Questions 27

Identify whether the given statement is true or false.

"If the isUserInRole() method is called on an unauthenticated user, the container returns false."

Options:
A.

True

B.

False

Questions 28

Which of the following classes enables a programmer to create an object and protect its confidentiality with a cryptographic algorithm?

Options:
A.

MAC

B.

SealedObject

C.

KeyGenerator

D.

SecretKeyFactory

Questions 29

Mark works as a Programmer for InfoTech Inc. He develops an application named JavaServices. He wants to declare a security constraint that will restrict everything in the com/files directory so that security role of Admin can invoke any http methods on the resources. Which of the following element declarations will be used to accomplish the task?

Options:
A.

<web-resource-collection>

<web-resource-name>JavaServices</web-resource-name>

com/files

</web-resource-collection>

<auth-constraint>

Admin

</auth-constraint>

B.

<web-resource-collection>

<web-resource-name>JavaServices</web-resource-name>

com/files/*

</web-resource-collection>

Admin

C.

<web-resource-collection>

<web-resource-name>JavaServices</web-resource-name>

com/files/*

<http-method>*</http-method>

</web-resource-collection>

<auth-constraint>

Admin

</auth-constraint>

D.

<web-resource-collection>

<web-resource-name>JavaServices</web-resource-name>

com/files/*

</web-resource-collection>

<auth-constraint>

Admin

</auth-constraint>

Questions 30

Which of the following statements about the <web-resource-collection> element are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

It can have at the most one sub-element.

B.

It has <web-resource-name> as one of its sub-elements.

C.

If there is no <http-method> sub-element, no HTTP method will be constrained.

D.

It is a sub-element of the element.

Exam Code: GSSP-Java
Certification Provider: GIAC
Exam Name: GIAC Secure Software Programmer – Java
Last Update: Sep 12, 2025
Questions: 275

GIAC Related Exams

How to pass GIAC G2700 - GIAC Certified ISO-2700 Specialist Practice Test Exam
How to pass GIAC GCFW - GIAC Certified Firewall Analyst Exam
How to pass GIAC GCPM - GIAC Certified Project Manager Certification Practice Test Exam
How to pass GIAC GISF - GIAC Information Security Fundamentals Exam
How to pass GIAC GISP - GIAC Information Security Professional Exam
How to pass GIAC GSSP-.NET - GIAC GIAC Secure Software Programmer - C#.NET Exam
How to pass GIAC GSSP-NET-CSHARP - GIAC GIAC Secure Software Programmer - C#.NET Exam
GICSP - Global Industrial Cyber Security Professional (GICSP)
GCED - GIAC Certified Enterprise Defender
GCIA - GCIA – GIAC Certified Intrusion Analyst Practice Test
GCFR - GIAC Cloud Forensics Responder (GCFR)
GPYC - GIAC Python Coder (GPYC)
GPPA - GIAC Certified Perimeter Protection Analyst
GCFA - GIACCertified Forensics Analyst
GSLC - GIAC Security Leadership Certification (GSLC)
GIAC Free Access
Get GIAC Full Access

GIAC Free Exams
GIAC Free Exams
Prepare for GIAC certification with free access to reliable study resources and practice tests at Examstrack.