Application Design Concepts and Principles
Identify the effects of an object-oriented approach to system design including the effect of encapsulation, inheritance, and use of interfaces.
Identify how the Separation of Concerns principle applies to the component model of a Java EE application; including client, the web and business component containers, and the integration and resource layers.
Identify the correct interpretation of Separation of Concerns as it applies to the Java EE service layers, including component APIs, run-time containers, the operating system, and hardware resources.
Identify non-functional and quality-of-service requirements that influence application design, including trade-offs in performance, availability, and serviceability.

Common Architectures
Identify the appropriate strategy for deploying client applications to desktop and mobile platforms, the principles for designing a user interface and the benefits of applying client-tier patterns.
Identify best practices for exception handling, logging, and business tier patterns.
Identify design patterns that address specific challenges in the web tier, including authentication, authorization, and scaling and clustering to meet demand.
Identify Java EE technologies, including JMS, JCA and Web Services, and design patterns that address specific challenges in enterprise integration.
Identify the challenges in integrating enterprise resources, the Java EE technologies that address them (including JPA and JDBC), and the communication protocols that support tier-to-tier communication (including RMI, IIOP, and CORBA).

Integration and Messaging
Identify the APIs available for a Java EE technology-based system to communicating with external resources, including JPA, JDBC, RMI, Web Services, JMS, and JCA. Outline the benefits and drawbacks of each approach.
Describe the technologies used to integrate business components with Web Services, including XML over HTTP, JSON, SOAP and REST.
Identify and detail the technologies used to integrate business components with external resources, including JMS and JCA.
Identify how a Service Oriented Architecture (SOA) facilitates system integration and best practices.

Business Tier Technologies
Identify the correct EJB technology to apply for a given scenario, including entity classes, session beans, message-driven beans, timers, interceptors, and POJOs.
Identify benefits and drawbacks of different persistence technologies such as BMP, CMP, and JPA, including ease of development, performance, scalability, extensibility, and security.
Identify the benefits and drawbacks of implementing Web Services in the EJB component container.
Select the appropriate use of JPA and JPQL in a given scenario.

Web Tier Technologies
Identify the benefits and drawbacks of using URL rewriting and cookies to manage HTTP session state.
Identify appropriate uses for JSP and Servlet technology, and JavaServer Faces in a given Java EE application.
Identify the benefits of using an EJB container with a web container instead of a web container alone.
Identify the differences between client pull and server push architectures.
Identify the benefits and drawbacks of using a browser to access asynchronous, lightweight processes on the server.

Design Patterns
Demonstrate knowledge of Java EE design patterns including: Service Starter, Singleton, Bean Locator, Resource Binder, Dependency Inj ection, Payload Extractor, Context Holder, and Thread Tracker.
Select an appropriate pattern for a given application challenge from the following: Facade, Strategy, Observer, Composite, and Abstract Factory.
Identify a design pattern, using a description of its features, from the following: Facade, Strategy, Observer, Composite, and Abstract Factory.
Identify the use of the law of leaky abstractions or a specific anti-pattern in a given scenario.

Security
Identify elements of the security model in the Java SE environment for remote clients, including Web Start, applets and the role of the SecurityManager class.
Select appropriate locations to implement Java EE security technologies or features in a UML component and deployment diagram.
Classify security threats to an enterprise application select measures an architect can propose to mitigate them.
Identify techniques associated with declarative and programmatic security, including the use of annotations, deployment descriptors, and JAAS technology.
Identify the security technologies that apply to an application’s code, messaging and transport layers