Which two statements are true about using the isUserInRole method to implement security in a Java EEapplication？（）

多项选择题Whichtwoarerequiredelementsfortheelementofawebapplicationdeploymentdescriptor？（）

A.<realm-name>
B.<url-pattern>
C.<description>
D.<web-resource-name>
E.<transport-guarantee>

单项选择题Whichelementofawebapplicationdeploymentdescriptorelementisrequired？（）

A.<realm-name>
B.<auth-method>
C.<security-role>
D.<transport-guarantee>
E.<web-resource-collection>

多项选择题Whichtwostatementsaretrueaboutthesecurity-relatedtagsinavalidJavaEEdeploymentdescriptor？（）

A.Every  tag must have at least one  tag.
B.A  tag can have many  tags.
C.A given  tag can apply to only one  tag.
D.A given  tag can contain from zero to many  tags.
E.It is possible to construct a valid  tag such that，for a given resource，no user rolescan access that resource.

单项选择题You web application uses a lot of Java enumerated types in the domain model of the application. Built intoeach enum type is a method， getDisplay（）， which returns a localized， user-oriented string. There are manyuses for presenting enums within the web application， so your manager has asked you to create a customtag that iterates over the set of enum values and processes the body of the tag once for each value； settingthe value into a page- scoped attribute called， enumValue. Here is an example of how this tag is used： 10. 11. 12.${enumValue.display} 13. 14. You have decided to use the Simple tag model to create this tag handler. Which tag handler method willaccomplish this goal？（）

A.
B.
C.
D.

多项选择题Whichtwoaretrueconcerningtheobjectsavailabletodeveloperscreatingtagfiles？（）

A.The session object must be declared explicitly.
B.The request and response objects are available implicitly.
C.The output stream is available through the implicit outStream object.
D.The servlet context is available through the implicit servletContext object.
E.The JspContext for the tag file is available through the implicit jspContext object.