hacking the sun certified enterprise architect exam – part 1
DESCRIPTION
Hacking the Sun Certified Enterprise Architect Exam – Part 1. Brian Briggman Pat Guimaraes Konrad Rokicki. Session ID# BOF-0427. Hacking the Sun Certified Enterprise Architect Exam - Part 1. Brian Briggman System Architect Software Consultants Inc. Pat Guimaraes - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/1.jpg)
2006 JavaOneSM Conference | Session BOF-0427
Hacking the Sun Certified Enterprise Architect Exam – Part 1Brian BriggmanPat GuimaraesKonrad Rokicki
Session ID# BOF-0427
![Page 2: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/2.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 2
Hacking the Sun Certified Enterprise Architect Exam - Part 1
● Brian Briggman● System Architect
Software Consultants Inc.
● Pat Guimaraes● Principal Software Engineer
Gene Logic
● Konrad Rokicki● Software Engineer
Gene Logic
![Page 3: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/3.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 3
This session serves as a last minute review session for all attendees who plan on taking Part 1 of the Sun Certified Enterprise Architect exam.
What You Can Expect to GainGoal of This Presentation
![Page 4: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/4.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 4
Ideally, any attendees who have already started studying for the SCEA Part 1 Exam. Our intent is not to teach all the material necessary to pass the exam, but rather to share our experiences and help by distributing a SCEA Study Sheet at the end of the session.
Who is Expected to AttendIntended Audience
![Page 5: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/5.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 5
Agenda With Section Highlights
SCEA Exam OverviewSCEA Exam ObjectivesTips and TricksResources and ReferencesCram SheetFor More InformationQ&A
![Page 6: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/6.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 6
SCEA Exam Overview
● Sun Certified Enterprise Architect for J2EE Technology (Step 1 of 3)
● Exam CX-310-051 ● Prerequisites: None ● Cost: $150● Number of questions: 48 ● Pass score: 68% (33/48)● Time limit: 75 minutes
● Delivered at: Authorized Prometric testing centers● Other exams/assignments required for this certification:
Step 2 (CX-310-300A), Step 3 (CX-310-061)
![Page 7: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/7.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 7
SCEA Exam Objectives● Divided into 11 Categories:
● 1. Concepts● 2. Common Architectures● 3. Legacy Connectivity● 4. Enterprise JavaBeans Technology● 5. Enterprise JavaBeans Container Model● 6. Protocols● 7. Applicability of J2EE● 8. Design Patterns● 9. Messaging● 10. Internationalization● 11. Security
![Page 8: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/8.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 8
1. Concepts
● UML - Structural Elements● Class – rectangle● Interface – lollipop or stereotyped class● Use Case – oval● Collaboration – dashed oval● Active Class – bold border● Component – rectangle with “plugs”● Node – 3d box
![Page 9: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/9.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 9
1. Concepts
● UML - Relationships● Dependency● Association
● Composition● Aggregation
● Generalization● Realization
![Page 10: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/10.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 10
2. Common Architectures
● 1-tier - monolithic, standalone● pros: manageability, availability, reliability, performance, security● cons: scalability, maintainability, extensibility
● 2-tier - client/server, fat client/stored procedures● pros: rapid prototyping ● cons: maintainability (client versioning and distribution, business
logic changes)● 3-tier/n-tier - typical J2EE architecture
● Client Tier (web clients, applets)● Web Tier (web servers, JSP's, servlets)● Business Tier (EJB's)● EIS Integration Tier (JDBC, ODBC, Corba)● EIS Tier (databases, legacy data)
![Page 11: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/11.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 11
3. Legacy Connectivity
● Objective: Distinguish appropriate from inappropriate techniques for providing access to a legacy system from Java code given an outline description of that legacy system
● Concepts:● Screen Scraper – acts as terminal emulator on one end and an
object interface on the other● used when you have a graphical interface to a mainframe, but no
access to the mainframe source code● Object Mapping – wrappers map legacy objects
● used when you have access to the mainframe source code● used if legacy interface changes often
● Offboard Server – proxy for legacy system● often used with screen scrapers
![Page 12: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/12.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 12
4. Enterprise JavaBeans Technology
● Core of any enterprise architecture● Many questions are related to EJB in some way● EJB questions are in-depth● Benefits:
● Distributed architecture● Resource pooling● Transaction management● Persistence● Security
![Page 13: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/13.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 13
EJB Basics
● Types of EJB’s and their purposes ● Stateful Session Beans
● Conversational state● Stateless Session Beans
● Business logic● Entity Beans
● Persistent business entities
● Parts of an EJB● Home interface● Remote interface● Bean class
![Page 14: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/14.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 14
5. Enterprise JavaBeans Container Model
● Bean finding and creation● Method execution● Passivation● Persistence● State transitions and callbacks (lifecycle
methods)
![Page 15: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/15.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 15
Transactions
● ACID principles● Atomic, Consistent, Isolated, Durable
● BMT (bean-managed transactions)● Programmatic transaction demarcation● More flexible
● CMT: (container-managed transactions)● Declarative transactions● Easier development● Transaction attributes
● Result when method is called with or without an existing transaction
![Page 16: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/16.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 16
Persistence
● When to use Entity beans● Never● Except when taking the exam
● BMP● Ability to persist complex types● Potentially better performance
● CMP● Faster development● Application Server portability
● Data Access Objects (DAO)● greater database portability
![Page 17: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/17.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 17
6. Protocols
Protocol Description Port Stateful Security
HTTP Web 80 No NoHTTPS HTTP over SSL 443 Yes YesIIOP CORBA’s transport 535 Yes CORBAJRMP RMI’s transport 1099 Yes SSL & JAAS
IIOP can also be used as an alternative transport for RMI when all remote interfaces are defined as Java RMI interfaces, which is the case with EJBs.
![Page 18: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/18.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 18
7. Applicability of J2EE TechnologyFrameworks for Distributed Architectures:• CORBA – moves state of object (call by value)• RMI – moves state and behavior of object (call by reference)
Transport Protocols:• IIOP – Default transport for CORBA, uses JAVA IDL, has access to CORBA’s services• RMI-IIOP – Standard protocol for EJBs• RMI-JRMP – Used for pure Java solutions
Java Interfaces Supporting Distributed Architectures:• Java IDL – Default interface for CORBA, treats Java like any other language• JNI – Used by JRMP to connect to other languages
![Page 19: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/19.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 19
8. Design Patterns
● From a list, select the most appropriate design pattern for a given scenario. Patterns will be limited to those documented in Gamma et al. and named using the names given in that book.
● State the benefits of using design patterns.● State the name of a design pattern (for example,
Gamma) given the UML diagram and/or a brief description of the pattern's functionality.
● Select from a list benefits of a specified design pattern (for example, Gamma).
● Identify the design pattern associated with a specified J2EE feature
![Page 20: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/20.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 20
Pattern Gotcha’s
● Factory Method vs Abstract Factory● Both are used to defer instantiation to subclasses● Abstract Factory creates families of objects● Often implemented using Factory Methon
● Singleton● Can maintain more than 1 instance
● Template Method vs Strategy● Template Method lets you abstract part of algorithm,
Strategy abstracts the entire thing
![Page 21: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/21.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 21
Enterprise Java Usage of Patterns
● Prototype: like Java's Cloneable● Decorator: EJB Container adds security and
transactions to methods● Facade: Session Bean interface to Entity Beans● Flyweight: Session Bean pooling● Proxy: EJB Remote interface (stubs)● Observer: JMS Publish-Subscribe
![Page 22: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/22.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 22
9. Messaging
Synchronous Messaging:• Tight coupling• Blocks sender• Requires constant network connectivity
Asynchronous Messaging:• Loose coupling• Does not block sender• Does not require constant network connectivity
Messaging Models:Point-to-point: one sender to one receiver, uses QueuesPublish/Subscribe: one sender to multiple receivers, uses Topics
JMS is an interface only, does not include implementation.JMS supports transactions across multiple messages.Messages are routed via message brokers.
![Page 23: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/23.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 23
10. InternationalizationInternationalization is the process of creating a program that can run on any region. Localization is the process of customizing an internationalized program to run on a particular region.
Types of data that vary by region:
• messages, labels• colors, graphics, icons• date/number/currency formats• legal rules (tax algorithms)
Java classes involved in Internationalization:
• java.util.Locale• java.util.ResourceBundle• java.util.Properties• java.text package• java.io.Input/OutputStreamReader
![Page 24: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/24.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 24
11. Security
● General Applet Restrictions● In browsers, the Java Security Manager is installed and used by
default● Running an applet from the command line means that no
security manager is used by default.● Signed applets can connect to arbitrary hosts.● System properties can never be modified.
![Page 25: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/25.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 25
Applet Abilities and Restrictions● Applet Permitted Operations
● Create a thread● Read but not modify some system properties● Make network connection to the host it was downloaded from● Excessive CPU Usage - not monitored by Security Manger● Excessive Memory Usage - not monitored by Security Manger● Excessive Network Bandwidth Usage - not monitored by Security Manger
● Applet Not Permitted Operations● Cannot access files or directories on the host system● Cannot make network connections to any arbitrary host● Cannot read keystrokes intended for other parts of the browser or host
system● Cannot execute arbitrary programs on the host system● Cannot block or kill other threads● Cannot create top level windows● Cannot hide or replace system classes with downloaded classes
![Page 26: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/26.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 26
Asymetric keys, Public keys, and Private keys
● Asymetric keys - use public and private keys to encrypt messages
● Public key - used for encrypting● Private key - used for decrypting● Encrypted messages are not required to be sent
via SSL since they're already encrypted
![Page 27: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/27.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 27
Jar Signing
● Just about any signed code can be compromised or contain malicious code
● Signing a jar signs the individual files it contains.● Unsigned files may be added to a signed jar
without invalidating the signature.
![Page 28: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/28.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 28
Digital Signatures, Message Digests and Certificate Authority (CA)
● Digital Signature - only proves that the correct private key was used. nothing more.
● Message digest - only proves that a piece of data has not been altered
● Certificate Authority (CA) – only proves public key belongs to who you think it does
![Page 29: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/29.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 29
Firewalls, the DMZ, and Tunneling● Packet Filtering Routers - typically filter on destination
IP, port, and source IP.● Proxy Server - typically provides content filtering and
passes along packets● Firewalls - typically contain a packet filtering router and
proxy server(s)● Inner Firewall - the firewall between the DMZ and the
inner network● Outer Firewall - the firewall between the DMZ and the
outer world● DMZ - Zone between 2 firewalls● Tunneling - A means of circumventing a firewall
![Page 30: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/30.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 30
Tips & Tricks
● General Test Taking● Radio Buttons - Choose 1● Checkboxes - Choose 2 (or more) - pay attention to the "x" in
"Choose x"● Mark - So that you can review the question later● Images - Some questions require a user to view an image to
answer the question. A button provides this functionality.● Scrollbars - some answers to a question may be off the bottom
of the screen, requiring you to scroll to see them.● Time - Time starts once you are given the Terms and Conditions
page, so read them thoroughly beforehand.
![Page 31: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/31.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 31
Tips & Tricks (continued)
● Keywords● Mnemonics● Last Minute Cramming● Use of your scratch paper
![Page 32: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/32.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 32
Resources and References
● Sun Certified Enterprise Architect for J2EE Technology Study Guide, Mark Cade and Simon Roberts. 2002, Sun Microsystems Press.
● Strengths: Best All-Around Study Guide – also covers Part 2 and Part 3
● Weaknesses: No coverage of Legacy Connectivity or Messaging
● http://leocrawford.org.uk/work/jcea/part1/● Covers the older version, but has good coverage of
messaging and legacy connectivity.
![Page 33: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/33.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 33
Resources and References
● Design Patterns: Elements of Reusable Object-Oriented Software, Erich Gamma, Richard Helm, Ralph Johnson, John Vlissides, Grady Booch. 1995, Addison-Wesley.
● UML Distilled: A Brief Guide to the Standard Object Modeling Language, Martin Fowler. 2003, Addison-Wesley.
● “SCEA_J2EE” on Yahoo Groups● http://groups.yahoo.com/group/scea_j2ee/
![Page 34: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/34.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 34
Resources and References
● WhizLabs SCEA Simulator● http://www.whizlabs.com/scea/scea.html● Strengths: Fairly close to actual Prometric test format,
includes 7 sample exams.● Weaknesses: Covers EJB 2.0 and some J2EE
Design Patterns, neither of which are on the exam, and cost is $89.95.
![Page 35: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/35.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 35
Cram Sheet
![Page 36: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/36.jpg)
2006 JavaOneSM Conference | Session BOF-0427 | 36
For More Information
● Sun Certified Enterprise Architect for J2EE Technology (Step 1 of 3) (CX-310-051)
● http://www.sun.com/training/catalog/courses/CX-310-051.xml
● Thompson Prometric – Schedule an Exam● http://securereg3.prometric.com/
● This Presentation – Electronic Copy● http://www.briggman.com/scea
● SCEA Cram Sheet – Electronic Copy● http://www.briggman.com/scea
![Page 37: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/37.jpg)
2006 JavaOneSM Conference | Session TS-8360 | 37
Q&ABrian Briggman
Pat Guimaraes
Konrad Rokicki
![Page 38: Hacking the Sun Certified Enterprise Architect Exam – Part 1](https://reader035.vdocuments.us/reader035/viewer/2022081513/56812bdf550346895d904ed9/html5/thumbnails/38.jpg)
2006 JavaOneSM Conference | Session BOF-0427
Hacking the Sun Certified Enterprise Architect Exam – Part 1
Brian BriggmanPat GuimaraesKonrad Rokicki
Session ID# BOF-0427