Hacking the Sun Certified Enterprise Architect Exam - PowerPoint PPT Presentation


PPT – Hacking the Sun Certified Enterprise Architect Exam PowerPoint presentation | free to view - id: 71c089-ZDFlN


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

Hacking the Sun Certified Enterprise Architect Exam


Hacking the Sun Certified Enterprise Architect Exam Part 1 Brian Briggman Pat Guimaraes Konrad Rokicki Session ID# BOF-0427 ... Tips & Tricks (continued) ... – PowerPoint PPT presentation

Number of Views:45
Avg rating:3.0/5.0
Slides: 39
Provided by: brig195


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Hacking the Sun Certified Enterprise Architect Exam

Hacking the Sun Certified Enterprise Architect
Exam Part 1
  • Brian Briggman
  • Pat Guimaraes
  • Konrad Rokicki

Session ID BOF-0427
Hacking the Sun Certified Enterprise Architect
Exam - Part 1
  • Brian Briggman
  • System ArchitectSoftware Consultants Inc.
  • Pat Guimaraes
  • Principal Software EngineerGene Logic
  • Konrad Rokicki
  • Software EngineerGene Logic

Goal of This Presentation
What You Can Expect to Gain
This session serves as a last minute review
session for all attendees who plan on taking Part
1 of the Sun Certified Enterprise Architect exam.
Intended Audience
Who is Expected to Attend
Ideally, any attendees who have already started
studying for the SCEA Part 1 Exam. Our intent is
not to teach all the material necessary to pass
the exam, but rather to share our experiences and
help by distributing a SCEA Study Sheet at the
end of the session.
Agenda With Section Highlights
  • SCEA Exam Overview
  • SCEA Exam Objectives
  • Tips and Tricks
  • Resources and References
  • Cram Sheet
  • For More Information
  • QA

SCEA Exam Overview
  • Sun Certified Enterprise Architect for J2EE
    Technology (Step 1 of 3)
  • Exam CX-310-051
  • Prerequisites None
  • Cost 150
  • Number of questions 48
  • Pass score 68 (33/48)
  • Time limit 75 minutes
  • Delivered at Authorized Prometric testing
  • Other exams/assignments required for this
    certification Step 2 (CX-310-300A), Step 3

SCEA Exam Objectives
  • Divided into 11 Categories
  • 1. Concepts
  • 2. Common Architectures
  • 3. Legacy Connectivity
  • 4. Enterprise JavaBeans Technology
  • 5. Enterprise JavaBeans Container Model
  • 6. Protocols
  • 7. Applicability of J2EE
  • 8. Design Patterns
  • 9. Messaging
  • 10. Internationalization
  • 11. Security

1. Concepts
  • UML - Structural Elements
  • Class rectangle
  • Interface lollipop or stereotyped class
  • Use Case oval
  • Collaboration dashed oval
  • Active Class bold border
  • Component rectangle with plugs
  • Node 3d box

1. Concepts
  • UML - Relationships
  • Dependency
  • Association
  • Composition
  • Aggregation
  • Generalization
  • Realization

2. Common Architectures
  • 1-tier - monolithic, standalone
  • pros manageability, availability, reliability,
    performance, security
  • cons scalability, maintainability, extensibility
  • 2-tier - client/server, fat client/stored
  • pros rapid prototyping
  • cons maintainability (client versioning and
    distribution, business logic changes)
  • 3-tier/n-tier - typical J2EE architecture
  • Client Tier (web clients, applets)
  • Web Tier (web servers, JSP's, servlets)
  • Business Tier (EJB's)
  • EIS Integration Tier (JDBC, ODBC, Corba)
  • EIS Tier (databases, legacy data)

3. Legacy Connectivity
  • Objective Distinguish appropriate from
    inappropriate techniques for providing access to
    a legacy system from Java code given an outline
    description of that legacy system
  • Concepts
  • Screen Scraper acts as terminal emulator on one
    end and an object interface on the other
  • used when you have a graphical interface to a
    mainframe, but no access to the mainframe source
  • Object Mapping wrappers map legacy objects
  • used when you have access to the mainframe source
  • used if legacy interface changes often
  • Offboard Server proxy for legacy system
  • often used with screen scrapers

4. Enterprise JavaBeans Technology
  • Core of any enterprise architecture
  • Many questions are related to EJB in some way
  • EJB questions are in-depth
  • Benefits
  • Distributed architecture
  • Resource pooling
  • Transaction management
  • Persistence
  • Security

EJB Basics
  • Types of EJBs and their purposes
  • Stateful Session Beans
  • Conversational state
  • Stateless Session Beans
  • Business logic
  • Entity Beans
  • Persistent business entities
  • Parts of an EJB
  • Home interface
  • Remote interface
  • Bean class

5. Enterprise JavaBeans Container Model
  • Bean finding and creation
  • Method execution
  • Passivation
  • Persistence
  • State transitions and callbacks (lifecycle

  • ACID principles
  • Atomic, Consistent, Isolated, Durable
  • BMT (bean-managed transactions)
  • Programmatic transaction demarcation
  • More flexible
  • CMT (container-managed transactions)
  • Declarative transactions
  • Easier development
  • Transaction attributes
  • Result when method is called with or without an
    existing transaction

  • When to use Entity beans
  • Never
  • Except when taking the exam
  • BMP
  • Ability to persist complex types
  • Potentially better performance
  • CMP
  • Faster development
  • Application Server portability
  • Data Access Objects (DAO)
  • greater database portability

6. Protocols
Protocol Description Port Stateful
Security HTTP Web 80 No No HTTPS HTTP
over SSL 443 Yes Yes IIOP CORBAs
transport 535 Yes CORBA JRMP RMIs
transport 1099 Yes SSL JAAS
IIOP can also be used as an alternative transport
for RMI when all remote interfaces are defined as
Java RMI interfaces, which is the case with EJBs.
7. Applicability of J2EE Technology
8. Design Patterns
  • From a list, select the most appropriate design
    pattern for a given scenario. Patterns will be
    limited to those documented in Gamma et al. and
    named using the names given in that book.
  • State the benefits of using design patterns.
  • State the name of a design pattern (for example,
    Gamma) given the UML diagram and/or a brief
    description of the pattern's functionality.
  • Select from a list benefits of a specified design
    pattern (for example, Gamma).
  • Identify the design pattern associated with a
    specified J2EE feature

Pattern Gotchas
  • Factory Method vs Abstract Factory
  • Both are used to defer instantiation to
  • Abstract Factory creates families of objects
  • Often implemented using Factory Methon
  • Singleton
  • Can maintain more than 1 instance
  • Template Method vs Strategy
  • Template Method lets you abstract part of
    algorithm, Strategy abstracts the entire thing

Enterprise Java Usage of Patterns
  • Prototype like Java's Cloneable
  • Decorator EJB Container adds security and
    transactions to methods
  • Facade Session Bean interface to Entity Beans
  • Flyweight Session Bean pooling
  • Proxy EJB Remote interface (stubs)
  • Observer JMS Publish-Subscribe

9. Messaging
Messaging Models Point-to-point one sender to
one receiver, uses Queues Publish/Subscribe one
sender to multiple receivers, uses Topics
JMS is an interface only, does not include
implementation. JMS supports transactions across
multiple messages. Messages are routed via
message brokers.
10. Internationalization
Internationalization is the process of creating a
program that can run on any region. Localization
is the process of customizing an
internationalized program to run on a particular
11. Security
  • General Applet Restrictions
  • In browsers, the Java Security Manager is
    installed and used by default
  • Running an applet from the command line means
    that no security manager is used by default.
  • Signed applets can connect to arbitrary hosts.
  • System properties can never be modified.

Applet Abilities and Restrictions
  • Applet Permitted Operations
  • Create a thread
  • Read but not modify some system properties
  • Make network connection to the host it was
    downloaded from
  • Excessive CPU Usage - not monitored by Security
  • Excessive Memory Usage - not monitored by
    Security Manger
  • Excessive Network Bandwidth Usage - not monitored
    by Security Manger
  • Applet Not Permitted Operations
  • Cannot access files or directories on the host
  • Cannot make network connections to any arbitrary
  • Cannot read keystrokes intended for other parts
    of the browser or host system
  • Cannot execute arbitrary programs on the host
  • Cannot block or kill other threads
  • Cannot create top level windows
  • Cannot hide or replace system classes with
    downloaded classes

Asymetric keys, Public keys, and Private keys
  • Asymetric keys - use public and private keys to
    encrypt messages
  • Public key - used for encrypting
  • Private key - used for decrypting
  • Encrypted messages are not required to be sent
    via SSL since they're already encrypted

Jar Signing
  • Just about any signed code can be compromised or
    contain malicious code
  • Signing a jar signs the individual files it
  • Unsigned files may be added to a signed jar
    without invalidating the signature.

Digital Signatures, Message Digests and
Certificate Authority (CA)
  • Digital Signature - only proves that the correct
    private key was used. nothing more.
  • Message digest - only proves that a piece of data
    has not been altered
  • Certificate Authority (CA) only proves public
    key belongs to who you think it does

Firewalls, the DMZ, and Tunneling
  • Packet Filtering Routers - typically filter on
    destination IP, port, and source IP.
  • Proxy Server - typically provides content
    filtering and passes along packets
  • Firewalls - typically contain a packet filtering
    router and proxy server(s)
  • Inner Firewall - the firewall between the DMZ and
    the inner network
  • Outer Firewall - the firewall between the DMZ and
    the outer world
  • DMZ - Zone between 2 firewalls
  • Tunneling - A means of circumventing a firewall

Tips Tricks
  • General Test Taking
  • Radio Buttons - Choose 1
  • Checkboxes - Choose 2 (or more) - pay attention
    to the "x" in "Choose x"
  • Mark - So that you can review the question later
  • Images - Some questions require a user to view an
    image to answer the question. A button provides
    this functionality.
  • Scrollbars - some answers to a question may be
    off the bottom of the screen, requiring you to
    scroll to see them.
  • Time - Time starts once you are given the Terms
    and Conditions page, so read them thoroughly

Tips Tricks (continued)
  • Keywords
  • Mnemonics
  • Last Minute Cramming
  • Use of your scratch paper

Resources and References
  • Sun Certified Enterprise Architect for J2EE
    Technology Study Guide, Mark Cade and Simon
    Roberts. 2002, Sun Microsystems Press.
  • Strengths Best All-Around Study Guide also
    covers Part 2 and Part 3
  • Weaknesses No coverage of Legacy Connectivity or
  • http//leocrawford.org.uk/work/jcea/part1/
  • Covers the older version, but has good coverage
    of messaging and legacy connectivity.

Resources and References
  • Design Patterns Elements of Reusable
    Object-Oriented Software, Erich Gamma, Richard
    Helm, Ralph Johnson, John Vlissides, Grady Booch.
    1995, Addison-Wesley.
  • UML Distilled A Brief Guide to the Standard
    Object Modeling Language, Martin Fowler. 2003,
  • SCEA_J2EE on Yahoo Groups
  • http//groups.yahoo.com/group/scea_j2ee/

Resources and References
  • WhizLabs SCEA Simulator
  • http//www.whizlabs.com/scea/scea.html
  • Strengths Fairly close to actual Prometric test
    format, includes 7 sample exams.
  • Weaknesses Covers EJB 2.0 and some J2EE Design
    Patterns, neither of which are on the exam, and
    cost is 89.95.

Cram Sheet
For More Information
  • Sun Certified Enterprise Architect for J2EE
    Technology (Step 1 of 3) (CX-310-051)
  • http//www.sun.com/training/catalog/courses/CX-310
  • Thompson Prometric Schedule an Exam
  • http//securereg3.prometric.com/
  • This Presentation Electronic Copy
  • http//www.briggman.com/scea
  • SCEA Cram Sheet Electronic Copy
  • http//www.briggman.com/scea

  • Brian Briggman
  • Pat Guimaraes
  • Konrad Rokicki

Hacking the Sun Certified Enterprise Architect
Exam Part 1
  • Brian Briggman
  • Pat Guimaraes
  • Konrad Rokicki

b.briggman_at_briggman.com pguimara_at_genelogic.com kon
Session ID BOF-0427
About PowerShow.com