A developer implements a session bean with a method doStuff which behaves differently depending on the caller's security role. Only users in security roles "ADMIN" and "USER" are allowed to call the method. Assume that there is no security-related metadata in the deployment descriptor. Which two, taken in combination, are appropriate to accomplish this? (Choose two.)

A. Annotate method doStuff with @PermitAII.

B. AnnotatemethoddoStuff with@RolesAllowed({"ADMIN","USER"})

C. If EJBContext.getCallerPrincipal returns role "ADMIN", implement thebehaviorfor users in role ADMIN.

D. If EJBContext.isCallerlnRole("ADMIN") returns true, implement the behavior defined for users in role "ADMIN".

A session bean's business method throws an exception during execution. Which two are responsibilities of the Bean Provider when throwing the exception? (Choose two.)

A. For application exceptions, ensure that if the current transaction commits there will be no loss of data integrity.

B. For application exceptions, ensurethatthe current transaction will commit.

C. For system errors, when the client is remote, throw a java.rmi.RemoteException that wraps the original exception.

D. For checked exceptions from which the bean cannot recover, throw an EJBException that wraps the original exception.

A developer writes an interceptor class called Foolnterceptor containing the following Aroundlnvoke method:

11.

@Aroundlnvoke

12.

public Object intercept(lnvocationContext ctx) {

13.

return "intercepted"; 14.}

Foolnterceptor is applied to a business method in a stateless session bean:

11.

@lnterceptors(Foolnterceptor.class)

12.

public String testzero(int i) {

13.

return (i == 0) ? "zero""not zero";

14.

}

Which describes the result when a client invokes the testzero method with a value of 1?

A. The intercept method is NEVER invoked.

B. The clientreceivesareturnvalueof "zero".

C. The client receivesa returnvalue of "not zero".

D. The client receivesareturn value of "intercepted".

Given this code snippet from a JMS message-driven bean class X:

11.

public XQ { System, out. print("1 "); }

12.

public void onMessagefMessage m) throws Java. rmi. RemoteException

13.

try {

14.

TextMessage tm = (TextMessage) m;

15.

String text = tm.getText0;

16.

System, out. print("2 ");

17.

} catch (JMSException e) {

18.

throw new java. rmi. RemoteExceptionQ;

19.}

20.}

When this bean class handles a message, which is correct?

A. After a messagedelivery theresultis1.

B. Aftera message delivery the resultis2.

C. Aftera message delivery the result is12.

D. Afteramessage delivery an exception isthrown.

E. After a message delivery the resultisunpredictable.

F. This isNOTanEJB3.0 compliant bean.

A developer wants to implement a relationship between Company and Department entity classes. Every department belongs to one company, and one company has several departments. In this application it is essential to quickly determine which company a department belongs to and to also easily access all departments of a given company. Which two declarations provide a solution to these requirements? (Choose two.)

A. In class Department @ManyToOne private Company company;

B. In class Department @OneToMany private Company company;

C. In class Department: @OneToMany(mappedBy="department") private Collection companies;

D. In class Company: @ManyToOne(mappedBy="company") private Collection departments;

E. In class Company: @OneToMany(mappedBy="company") private Collection departments;

A developer is working on a project that includes both EJB 2.1 and EJB 3.0 session beans. A lot of business logic has been implemented and tested in these EJB 2.1 session beans. Some EJB 3.0 session beans need to access this business logic. Which design approach can achieve this requirement?

A. Add adapted home interfaces to EJB 3.0 session beans to make EJB 3.0 and EJB 2.1 session beans interoperable.

B. Add EJB 3.0 business interfaces to existing EJB 2.1 session beans and inject references to these business interfaces into EJB 3.0 session beans.

C. No need to modify existing EJB 2.1 session beans. Use the @EJB annotation to inject a reference to the EJB 2.1 home interface into the EJB 3.0 bean class.

D. No need to modify existing EJB 2.1 session beans. Use the @EJB annotation to inject a reference to the EJB 2.1 component interface into the EJB 3.0 bean class.

Session bean A is a client of session bean B. Bean A is using container-managed transactions and Bean A invokes a business method of bean B. Under which two circumstances does bean A know for certain that continuing the transaction is fruitless? (Choose two.)

A. Bean A receives an application exception.

B. Bean Areceives ajava.rmi.RemoteException.

C. Bean A's invocationofUserTransaction.getStatus returnsfalse.

D. Bean A's invocation of EJBContext.getRollbackOnly returns true.

E. Bean Areceives ajavax.ejb.EJBTransactionRolledbackException.

A Java EE 5 application contains a session bean which uses a security role USER. A group called people is defined in an LDAP server. Which two define appropriate EJB role responsibilities? (Choose two.)

A. The deployer definesandconfigures the LDAP realm.

B. The system administratordefines and configuresthe LDAPrealm.

C. Thedeployermaps the application role USER totheLDAP group people.

D. Thesystem administrator maps the application role USER totheLDAP group people.

Which two are true about specifying Java EE environment annotation metadata for session bean classes? (Choose two.)

A. Itis possible to inject a resource without using annotations.

B. Only field-level annotations can be overriden by the deployment descriptor.

C. Only type-level annotations can be overriden by the deployment descriptor.

D. Resource annotations cannot be specified on a superclass of the session bean class.

E. Type-level, method-level,andfield-level annotations can all beoverridden by thedeployment descriptor.

F. Only field-level annotations and method-level annotations can be overridden by the deployment descriptor.

Given a stateless session bean with container-managed transaction demarcation, from which two methods can a developer access another enterprise bean? (Choose two.)

A. beanconstructor

B. Timeout callback method

C. PreDestroy lifecycle callback method

D. PostConstruct lifecycle callback method

E. businessmethod fromthebusiness interface