I would like to thank this Forum for the precious information I got from it as well as to Mikalai Zaikin as well as to Java Ranchers..I would like to share my experience and materials which I have used for SCEA preparation..
Firstly, I am having 2 yr 10 months experience. Those who are having exp less than 4 yrs ,I would suggest them to finish these certifications (SCWCD, SCBCD & SCDJWS for J2EE 5) , though it’s not mandatory, but it helps you to gain more knowledge. If you are 5 + exp, then its easy to clear this exam..
Exam contains only scenario based questions and we need to select an appropriate answer. It’s quite difficult for me, to choose those answers . Don’t go for most powerful and new ones instead read the question carefully and address the requirements. For example, sometime two-tier architecture will be better than 3-tier, DAO over JPA, RMI over web services (it depends on our requirements )..
Note : I am still a programmer , not an architect .. To be an Architect : We need experience as well as hands on designing an real time application ..
How long did you prepare for this exam? I am not brilliant, little bit dumb fellow , so I took hardly 4 months..
Below topics are very important (If you want to be an architect, you must know about these topics in depth) . I got questions from this below topic..
Business Tier Technologies: Cleared SCBCD 5 Web services: Cleared SCDJWS 5.
Web Tier Technologies: Cleared SCWCD 5 ..
Design pattern : I read "Design Patterns", GoF , Core J2EE Patterns, 2nd ed , Java Design Patterns & Examples(Author: Pawan Modi). I took nearly 1 month to complete this 3 books and forget completely within an week .. So I would urge you to take notes (about pros & cons) and implement those patterns so that you will remember.. Please don’t memorize, understand why we need that pattern and take a paper try to describe each pattern in a single line.. If you are able to do that, then go for next chapter.
JCA ,JMX ,JSF - I don’t have much exposure on this ,only theory knowledge ..
CORBA,IIOP , RMI JRMP, Java IDL -I studied CORBA in College (had few ppts to revise), implemented Java IDL.
Cryptography alg– MD5,SHA1,Diffie-Hellman, DES (I have implemented this algorithms in C while in College , we had separate paper for cryptography )
Message Digest ,Digital signature,One-Way Hash Function, Digital Certificates, Asymmetric Ciphers - I have implemented this in my first project (Channel level as well as message level secuirty using https – web services(signing the soap msg) – CA signed jar ....
SSO: – I have implemented Cross-domain SSO in my second project ..So I have fair idea about this federation concept using Sun Access Manager as well as using Siteminder..
Security: I have basic knowledge on hacking stuffs as well as on JAAS,JSSE .. SQL injection, Cross site scripting, Denial of Service (DoS), Weak Encryption, Buffer Overflow, Man in middle (We have learned these topics while in College)…
Security related files you mentioned (SecurityBasics.pdf,WebApplicationSecurity.pdf,WebSecurityThreats.pdf) are no longer available,could you please upload them at Scribd(http://www.scribd.com).