Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Jan Oracle Official New Released 1z0-574
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/1z0-574.html

Oracle IT Architecture Essentials

Question No: 51

Which statements are true with regard to authorization checks being done in the Mediation Layer?

  1. Performing authorization checksin the Mediation Layer provides a centralized approach to securing SOA Services.

  2. Performing authorization checks in the Mediation Layer requires that all secured SOA Services be accessed via the same protocol.

  3. Performing authorization checks in the Mediation Layer requires that all secured SOA Services be accessed only via the Mediation Layer.

  4. Performing authorization checks in the Mediation Layer eliminates the need for role- based authentication.

  5. Performing authorization checks in the Mediation Layer requires that user authentication be based on username and password.

Answer: A,D

Explanation: Mediation is a key component in the overall architecture providing the decoupling

between consumers and providers.

A: Although not always required, leveraging the authorization capability within the Mediation Layer provides a centralized approach to securing SOA Services.

Note:

In addition to run time Service endpoint discovery, SOA infrastructure can provide additional value by acting as an intermediary and mediator between consumers and providers. For example, intermediaries can bridge the technology gaps between the two parties. Among their many capabilities are:

  • Translate (map) security credentials between different users/groups/roles or between different credential types

  • Translate, or transform request and response messages

  • Accept requests via one transport or protocol and forward them on using a different transport or protocol (not B)

  • Route messages based on content within the request message (Content-based routing)

  • Route messages based on security policies

  • Add or remove security measures such as encryption and certificates

  • Invoke multiple Service providers as part of a single Service request

  • Audit and/or log requests

  • Deny requests based on access policies (SLAs, Usage Agreements)

  • Capture response time metrics and usage metrics

  • Monitor and report on error conditions

Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0

Question No: 52

Which of the following are types of policy considerations designed to affect the way privileges are assigned to users?

  1. Principle of Alternating Privilege

  2. Separation of Duties

  3. DefenseinDepth

  4. Vacation, Job Rotation, and Transfer

  5. Principle of Least Privilege

Answer: B,D,E

Explanation: B: Separation of duties is a classic security principle that restricts the amount of power held by any one individual in order to prevent conflict of interest, the appearance of conflict of interest, fraud, and errors. Separation of duties is one of the fundamental principles of many regulatory mandates such as Sarbanes-Oxley (SOX) and the Gramm- Leach-Bliley Act (GLBA), and as a result IT organizations are placing greater emphasis on separation of duties across all IT functions, especially database administration.

D: Vacation, Job Rotation, and Transfer are policy considerations.. Once way to detect and deter misuse of systems is to have a new person perform the duties of an existing worker.

The new

person might notice irregularities or questionable circumstances and be able to report it. The new worker might be there temporarily, i.e. filling in for someone on vacation, or might be a replacement as a result of periodic job rotations and transfers. In addition, workers that expect periodic rotations are less likely to misuse systems as they know others following behind them will eventually discover it and report them.

E:Each user should have only those privileges appropriate to the tasks she needs to do, an idea termed the principle of least privilege. Least privilege mitigates risk by limiting privileges, so that it remains easy to do what is needed while concurrently reducing the ability to do inappropriate things, either inadvertently or maliciously.

Note: The principle of least privilege. Users are given the least amount of privileges necessary in order to carry out their job functions. This applies to interactions between systems as well as user interactions. This reduces the opportunity for unauthorized access to sensitive information.

Reference: Oracle Reference Architecture,Security, Release 3.1

Question No: 53

Which of the following is not a valid type of SAML assertion?

  1. authentication assertion

  2. authorization decision assertion

  3. audit assertion

  4. attribute assertion

Answer: C

Explanation: SAML defines the syntax and semantics for creating XML-encoded assertions to

describe authentication, attribute, and authorization (entitlement) information, and for the protocol messages to carry this information between systems. A brief description of the three SAML assertions is provided below.

  • Authentication Assertion (not A) – Generated by the authority when a subject successfully authenticates. It includes identity of the issuer and the principal, time of

    authentication, and how long it is valid. Many authentication methods are supported, including: passwords, Kerberos, hardware tokens, certificate-based client authentication (SSL/TLS), X.509 public key, PGP, XML digital signature, etc.

  • Authorization Decision Assertion (not B) – Issued by a policy decision point (PDP) containing the result of an access control decision. Authentication and attribute assertions may be provided in order to make authorization decisions. The resulting authorization assertion is used to claim access to protected resources. It includes the decision (Permit or Deny), along with the resource URI being accessed, and the action that the principal is authorized to perform.

  • Attribute Assertion (not D)- Generally issued by the authority in response to a request containing an authentication assertion. It contains a collection of attribute name/value pairs, in addition to identity and other elements. Attribute assertions can be passed to the authority when authorization decisions need to be made.

Reference: Oracle Reference Architecture,Security, Release 3.1

Question No: 54

How is state typically managed in the browser interface?

  1. generally through the use of cookies in the browser

  2. in the caching layer

  3. State is not managed. All modern UIs are stateless.

  4. The services tier manages state and the client tier is stateless.

Answer: B

Explanation: The State Management component is responsible for maintaining the current state of

the user interface. For browser interfaces, this is frequently implemented via cookies.

Reference: Oracle Reference Architecture, User Interaction, Release 3.0

Question No: 55

Which one of the following statements best describes authentication as a service?

  1. Authentication is a service offered by the local computing platform to the application it is hosting. The application uses this service to authenticate users with a local LDAP.

  2. Authentication is a service offered by the enterprise security framework. Applications access it directly, bypassing local platform security. The authentication service provides a level of abstraction between applications and the various instances of infrastructure (LDAPs, databases) that can be used to verify credentials.

  3. Authentication is a service offered by both the local computing platform and the enterprise security framework. The local platform can be configured to direct requests to local LDAPs or common enterprise services, depending on the operating environment (dev/test/production). Meanwhile, the enterprise security framework services can virtualize several shared credential stores into a single shared service.

  4. Authentication is not a valid example of a security service.

Answer: C

Explanation: ORA Security is one of the series of documents that comprise Oracle Reference

Architecture. ORA Security describes important aspects of the enterprise security layer including identity, role, and entitlement management, authentication, authorization, and auditing (AAA), and transport, message, and data security.

A desktop SSO solution is one that lives on the user#39;s personal computer and handles authentication challenges on behalf of the user. The user logs into his desktop environment, which in turn works on his behalf to authenticate to the applications he accesses. The user is no longer prompted for credentials – they are provided automatically by a process running on the desktop.

Reference: Oracle Reference Architecture,Security, Release 3.1

Question No: 56

For a large heterogeneous environment with a large number of hosts requiring scalability and efficiency, what is the best strategy for deployment of Oracle Enterprise Manager?

  1. Use a centralized control with persistent connections to all agents to pull data.

  2. Use multiple semi-autonomous agents collecting information and periodically relaying it to a central repository.

  3. Use multiple Instances of Oracle Enterprise Manager to maximize performance.

  4. Use centralized alert filtering.

Answer: B

Explanation: Oracle Enterprise Manager 11g Grid Control has the ability to scale for hundreds of users and thousands of systems and services on a single Enterprise Manager implementation.

Can use two instances of Oracle Enterprise Manager for large deployments (10000 clients or more).

The architecture for Oracle Enterprise Manager 10g Grid Control exemplifies two key concepts in application performance tuning: distribution and parallelization of processing. Each component of Grid Control can be configured to apply both these concepts.

The components of Enterprise Manager Grid Control include:

  • The Management Agent – A process that is deployed on each monitored host and that is responsible for monitoring all services and components on the host. The Management Agent is also responsible for communicating that information to the middle-tier Management Service and for managing and maintaining the system and its services.

  • The Management Service – A J2EE Web application that renders the user interface for the Grid Control Console, works with all Management Agents to process monitoring and jobs information, and uses the Management Repository as its data store.

  • The Management Repository – The schema is an Oracle Database that contains all available information about administrators, services, and applications managed within Enterprise Manager.

Reference: Oracle Enterprise Manager Administration, Sizing Your Enterprise Manager Deployment

Question No: 57

Select the two layers of ORA application infrastructure from the following list:

  1. Application

  2. Platform

  3. Abstraction

  4. Computing Foundation

Answer: A,B

Explanation: The ORA Application infrastructure covers the following layers:

*Platform

  • *Virtualization

    **Containers:

  • Computing Foundation

** Distributed Computing:

**Grid Computing

** Caching

Dumps4Cert 2018 PDF and VCE

Reference: Oracle Reference Architecture, Application Infrastructure Foundation, Release 3.0

Question No: 58

Which statement best describes the relationship between the Service-Oriented Integration (SOI) architecture and the Application Integration Architecture (AIA) product from Oracle?

  1. AIA is a product specific Implementation of the SOI architecture.

  2. AIA is a traditional Enterprise Application Integration (EAI) architecture; therefore AIA does not follow the SOI architecture.

  3. AIA is an Oracle product that maps to some of the layers and capabilities defined by the SOI architecture.

  4. AIAis an Oracle product and the SOI architecture is a product-agnostic architecture; therefore there is no relationship between the two.

  5. AIA is one of many Oracle products that maps onto SOI architecture.

    Answer: E

    Explanation: There are two categories of Oracle products that map into the service- oriented

    integration architecture, Fusion Middleware products and the Application Integration Architecture (AIA) products.

    Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0

    Question No: 59

    Data is often said to exist in one of three states:

    1. In motion – being transmitted over a network or connection

    2. At rest – persisted in a queue, disk, file, and so on

    3. In memory – loaded into computer memory

      The third state, in memory, is seldom mentioned in security standards, texts and requirements. Why?

      1. Computer memory has built-in parity checking which protects against malicious alteration

      2. No one has direct access to a computer’s memory, therefore it is the safest place to be.

      3. All modern computers (developed since the mid-90s) automatically store data in memory in encrypted from to help ensure confidentiality and integrity, because of this, more emphasis has been placed on raising the level of protection in the other two states.

      4. This state is often overlooked. Data in memory can easily be viewed by anyone with system administrator.

Answer: D

Explanation: In Memory – a term used here to describe data that is currently being processed

and therefore exposed to any program, diagnostic tool, operating system command, virus, etc. that is able to access memory.

Reference: Oracle Reference Architecture,Security, Release 3.1

Question No: 60

The Service-Oriented Integration architecture makes a distinction between technical orchestrations and business processes. Which statement best describes these two concepts?

  1. A business processes is likely to change when the business changes, whereas a technical orchestration is likely to change when back-end systems change.

  2. A business process that is implemented within SOIis called a technical orchestration.

  3. Each business process is implemented by calling a sequence of SOA Services. This sequential calling of SOA Services Is what is known as a technical orchestration.

  4. A technical orchestration is a low-level implementation detail and has no relationship to business processes.

  5. Business processes are implemented using BPMN, whereas technical orchestrations are Implemented using BPEL.

Answer: A

Explanation: Technical orchestration is separated from business processes.

Making a clear distinction between technical aspects and business aspects facilitates maintenance of both. Technical aspects change when the underlying systems change whereas business aspects change when the business changes.

Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0

100% Dumps4cert Free Download!
Download Free Demo:1z0-574 Demo PDF
100% Dumps4cert Free Guaranteed!
1z0-574 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.