1 A web application uses a cookies to track a client as it navigates through the pages that constitutes the application. Which code snippet can be used by the web application to reduce the chance of a cross-site scripting attack by setting some property of the cookie before returning it to the client?
(A) cookie.setHttpOnly(true)
(B) cookie.setMaxAge(3600)
(C) cookie.setPath("/")
(D) cookie.setSecure(true)

147. 在Word 2016中，欲變更所有超連結文字的顏色或底線色彩，可透過下列哪一項功能？ (A)尋找 (B)取代 (C)功能變數 (D)樣式

148. 在Word 2016中，欲建立目錄，可透過下列哪一項功能變數？ (A)TA (B)TC (C)TOA (D)TOC

149. 如附圖所示，在Word 2016中，在下列哪一項情況中，會出現頁首虛線下的「同前」？ (A)Word預設頁首內容會與前一頁內容相同 (B)有二頁以上的內容時 (C)有插入頁首內容時 (D)有分節符號時

150. 在Word 2016中，當按[F9]鍵後仍然無法更新功能變數的結果，表示該功能變數可能已被鎖定，可按下列哪一項按鍵解除鎖定？ (A)[F11]鍵 (B)[Shift]+[F11]鍵 (C)[Ctrl]+[F11]鍵 (D)[Ctrl]+[Shift]+[F11]鍵

2 Which EL expression returns true if no session has been established with current client? (A) ${not(pageContext.session)} (B) ${not(requestScope.session)} (C) ${requestScope.sessions.this} (D) ${sessionScope.empty}

3 A Client wants to retrieve a representation of a resource, e.g. an XML document, localized according to the preferences of the user. Each user is allowed to specify one or more languages, in order of preference. Such preferences are application independent. How can the Client send language preference Information to the Server using a standard HTTP facility? (A) In the request body (B) In a request header (C) In the request line (D) In the request URL

4 During initialization, a servlet finds that the database connection it requires is unavailable. As the system designer, you know that the database start up completes several minutes after the webcontainer initializes the servlet. How should this be handled? (A) Retry the connection until it is successful, then allow the init() method to complete. (B) Throw a ServletException (C) Throw the IOException (D) Throw an UnavailableException

5 Given a war file with the following structure where wf.jar contains a valid web-fragment.xml and the class MyServlet.class. The following is a snippet of web.xml The following is a snippet of web-fragment.xml The following is code snippet of MyServlet: What is the value of x inside doGet method of MyServlet? (A) 1 (B) 0 (C) -1 (D) -2 (E) -3

6 Which JSP standard action can be used to import content from a resource called foo.jsp? (A) ＜jsp:import file='foo.jsp' /＞ (B) ＜jsp:import page='foo.jsp' /＞ (C) ＜jsp:include page='foo.jsp' /＞ (D) ＜jsp:include file='foo.jsp' /＞ (E) ＜jsp:import＞foo.jsp＜/jsp:import＞ (F) ＜jsp:include＞foo.jsp＜/jsp:include＞

複選題7 Which two actions protect a resource file from direct HTTP access within a web application? (Choose two) (A) placing it in the /secure directory (B) placing it in the /WEB-INF directory (C) placing it in the /META-INF/secure directory (D) creating a ＜web-resource＞ element within the deployment descriptor (E) creating a ＜secure-resource＞ element within the deployment descriptor