For a large heterogeneous environment with a large number of hosts requiring scalability and efficiency, what is the best strategy for deployment of Oracle Enterprise Manager?
A. Use a centralized control with persistent connections to all agents to pull data.
B. Use multiple semi-autonomous agents collecting information and periodically relaying it to a central repository.
C. Use multiple Instances of Oracle Enterprise Manager to maximize performance.
D. Use centralized alert filtering.
Correct Answer: B
Explanation: Oracle Enterprise Manager 11g Grid Control has the ability to scale for hundreds of users and thousands of systems and services on a single Enterprise Manager implementation. Can use two instances of Oracle Enterprise Manager for large deployments (10000 clients or more). The architecture for Oracle Enterprise Manager 10g Grid Control exemplifies two key concepts in application performance tuning: distribution and parallelization of processing. Each component of Grid Control can be configured to apply both these concepts. The components of Enterprise Manager Grid Control include:
*
The Management Agent - A process that is deployed on each monitored host and that is responsible for monitoring all services and components on the host. The Management Agent is also responsible for communicating that information to the middle-tier Management Service and for managing and maintaining the system and its services.
*
The Management Service - A J2EE Web application that renders the user interface for the Grid Control
Console, works with all Management Agents to process monitoring and jobs information, and uses the Management Repository as its data store.
*
The Management Repository - The schema is an Oracle Database that contains all available information about administrators, services, and applications managed within Enterprise Manager.
References:
Question 122:
Which one of the following statements best describes authentication as a service?
A. Authentication is a service offered by the local computing platform to the application it is hosting. The application uses this service to authenticate users with a local LDAP.
B. Authentication is a service offered by the enterprise security framework. Applications access it directly, bypassing local platform security. The authentication service provides a level of abstraction between applications and the various instances of infrastructure (LDAPs, databases) that can be used to verify credentials.
C. Authentication is a service offered by both the local computing platform and the enterprise security framework. The local platform can be configured to direct requests to local LDAPs or common enterprise services, depending on the operating environment (dev/test/production). Meanwhile, the enterprise security framework services can virtualize several shared credential stores into a single shared service.
D. Authentication is not a valid example of a security service.
Correct Answer: C
Explanation: ORA Security is one of the series of documents that comprise Oracle Reference Architecture. ORA Security describes important aspects of the enterprise security layer including identity, role, and entitlement management, authentication, authorization, and auditing (AAA), and transport, message, and data security.
A desktop SSO solution is one that lives on the user's personal computer and handles authentication challenges on behalf of the user. The user logs into his desktop environment, which in turn works on his behalf to authenticate to the applications he accesses. The user is no longer prompted for credentials they are provided automatically by a process running on the desktop.
References:
Question 123:
How is state typically managed in the browser interface?
A. generally through the use of cookies in the browser
B. in the caching layer
C. State is not managed. All modern UIs are stateless.
D. The services tier manages state and the client tier is stateless.
Correct Answer: B
Explanation:
The State Management component is responsible for maintaining the current state of the user interface.
For browser interfaces, this is frequently implemented via cookies.
References:
Question 124:
Which of the following is not a valid type of SAML assertion?
A. authentication assertion
B. authorization decision assertion
C. audit assertion
D. attribute assertion
Correct Answer: C
Explanation:
SAML defines the syntax and semantics for creating XML-encoded assertions to describe authentication,
attribute, and authorization (entitlement) information, and for the protocol messages to carry this
information between systems. A brief description of the three SAML assertions is provided below.
*
Authentication Assertion (not A) - Generated by the authority when a subject successfully authenticates. It includes identity of the issuer and the principal, time of authentication, and how long it is valid. Many authentication methods are supported, including: passwords, Kerberos, hardware tokens, certificate-based client authentication (SSL/TLS), X.509 public key, PGP, XML digital signature, etc.
*
Authorization Decision Assertion (not B) - Issued by a policy decision point (PDP) containing the result of an access control decision. Authentication and attribute assertions may be provided in order to make authorization decisions. The resulting authorization assertion is used to claim access to protected resources. It includes the decision (Permit or Deny), along with the resource URI being accessed, and the action that the principal is authorized to perform.
*
Attribute Assertion (not D)- Generally issued by the authority in response to a request containing an authentication assertion. It contains a collection of attribute name/value pairs, in addition to identity and other elements. Attribute assertions can be passed to the authority when authorization decisions need to be made.
References:
Question 125:
Which of the following are types of policy considerations designed to affect the way privileges are assigned to users?
A. Principle of Alternating Privilege
B. Separation of Duties
C. DefenseinDepth
D. Vacation, Job Rotation, and Transfer
E. Principle of Least Privilege
Correct Answer: BDE
Explanation:
B: Separation of duties is a classic security principle that restricts the amount of power held by any one individual in order to prevent conflict of interest, the appearance of conflict of interest, fraud, and errors. Separation of duties is one of the fundamental principles of many regulatory mandates such as Sarbanes-Oxley (SOX) and the Gramm-Leach-Bliley Act (GLBA), and as a result IT organizations are placing greater emphasis on separation of duties across all IT functions, especially database administration.
D: Vacation, Job Rotation, and Transfer are policy considerations.. Once way to detect and deter misuse of systems is to have a new person perform the duties of an existing worker. The new person might notice irregularities or questionable circumstances and be able to report it. The new worker might be there temporarily, i.e. filling in for someone on vacation, or might be a replacement as a result of periodic job rotations and transfers. In addition, workers that expect periodic rotations are less likely to misuse systems as they know others following behind them will eventually discover it and report them. E:Each user should have only those privileges appropriate to the tasks she needs to do, an idea termed the principle of least privilege. Least privilege mitigates risk by limiting privileges, so that it remains easy to do what is needed while concurrently reducing the ability to do inappropriate things, either inadvertently or maliciously. Note: The principle of least privilege. Users are given the least amount of privileges necessary in order to carry out their job functions. This applies to interactions between systems as well as user interactions. This reduces the opportunity for unauthorized access to sensitive information. References:
Question 126:
Which statements are true with regard to authorization checks being done in the Mediation Layer?
A. Performing authorization checksin the Mediation Layer provides a centralized approach to securing SOA Services.
B. Performing authorization checks in the Mediation Layer requires that all secured SOA Services be accessed via the same protocol.
C. Performing authorization checks in the Mediation Layer requires that all secured SOA Services be accessed only via the Mediation Layer.
D. Performing authorization checks in the Mediation Layer eliminates the need for role-based authentication.
E. Performing authorization checks in the Mediation Layer requires that user authentication be based on username and password.
Correct Answer: AD
Explanation:
Mediation is a key component in the overall architecture providing the decoupling between consumers and
providers.
A: Although not always required, leveraging the authorization capability within the Mediation Layer provides a centralized approach to securing SOA Services.
Note:
In addition to run time Service endpoint discovery, SOA infrastructure can provide additional value by
acting as an intermediary and mediator between consumers and providers. For example, intermediaries
can bridge the technology gaps between the two parties. Among their many capabilities are:
*
Translate (map) security credentials between different users/groups/roles or between different credential types
*
Translate, or transform request and response messages
*
Accept requests via one transport or protocol and forward them on using a different transport or protocol (not B)
*
Route messages based on content within the request message (Content-based routing)
*
Route messages based on security policies
*
Add or remove security measures such as encryption and certificates
*
Invoke multiple Service providers as part of a single Service request
*
Audit and/or log requests
*
Deny requests based on access policies (SLAs, Usage Agreements)
*
Capture response time metrics and usage metrics
*
Monitor and report on error conditions
References:
Question 127:
Which of the following statements about asset-centric engineering is true?
A. Project assets are maintained at each individual project level in an asset-centric engineering.
B. Asset-centric engineering promotes an integrated asset management approach in which assets are shared across the enterprise.
C. Asset-centric engineering uses multiple enterprise repositories to store and maintain the assets.
D. Asset-centric engineering requires that everything related to the assets,including metadata and payload, should be stored in the same repository.
Correct Answer: D
Explanation: The underlying core principle of ORA Engineering is asset sharing and enterprise development through an integrated asset management approach. Most organizations use a Software Configuration Management (SCM) or Version Control System (VCS) for managing the code and configuration assets. These tools are great for managing the versioning of assets produced but they don't maintain the metadata of the assets. Without metadata assets are not organized in context and it is hard to discover them. ORA recommends an asset-centric engineering process, where an Asset Manager is used to address the challenges posed by the traditional approaches. The Asset Manager is typically an enterprise-scoped Metadata Repository working in concert with SCMs and other types of asset repositories.
References:
Question 128:
You need to redesign your application to improve performance. The potential solution requires the data to be kept in memory for faster access. The in-memory data requires full support for SQL with BI queries and there is no need to scale out further. Which Oracle product would you choose to implement your solution?
A. Oracle Coherence
B. Oracle TimesTen
C. Oracle TUXEDO
D. Oracle VM
Correct Answer: B
Explanation: Oracle TimesTen In-Memory Database (TimesTen) is a full-featured, memory-optimized, relational database with persistence and recoverability. It provides applications with the instant responsiveness and very high throughput required by database-intensive applications. Deployed in the application tier, TimesTen operates on databases that fit entirely in physical memory (RAM). Applications access the TimesTen database using standard SQL interfaces. For customers with existing application data residing on the Oracle Database, TimesTen is deployed as an in-memory cache database with automatic data synchronization between TimesTen and the Oracle Database.
Question 129:
Service-Oriented Integration is based on creating a catalogue of SOA Services that expose existing capabilities from back-end systems. Which statement best describes how an SOA Service relates to the existing back-end systems?
A. Each SOA Service exposes the functionality from only a single back-end system to ensure the decoupling of SOA Services.
B. An SOA Service should expose the low-level interface of the back-end system to ensure that all back-end system capabilities are fully exposed.
C. An SOA Service should expose higher-level business capabilities by encapsulating the lower level Interfaces of the back-end systems.
D. Each SOA Service should expose only one isolated capability of the back-end systems to ensure isolation between SOA Service calls in composite applications.
E. All access to a back end system should be through a single SOA Service to ensure the back-end system will net become overloaded by service requests.
F. An SOA Service should connect to at least two back-end systems; otherwise the SOA Service is just duplicating the existing interface to the back-end system.
Correct Answer: C
Explanation: The primary purpose of the Business layer in the architecture is to define and automate the business processes external to, and independent of, the specific backend systems used in the organization. This isolates the business process from backend system changes, and conversely, isolates the backend systems from business process changes. De-coupling the business processes from the backend systems simplifies changes and maintenance for business processes and backend systems. The Business layer generally provides the greatest and most measurable business value.
References:
Question 130:
The Service-Oriented Integration (SOI) architecture includes an event-handling capability as illustrated and described in the Process View. Which statement best describes the rationale for including event handling in the SOI architecture?
A. Event-Driven Architecture (EDA) is a subset of SOI, so including event handling provides the EDA part of SOI.
B. The event-handling capability allows arbitrarily complex events to be handled by the architecture;
C. e. Complex Event Handling (CEP) is part of the SOI architecture.
D. AH other interactions within the architecture are upper layers calling lower layers. The event- handling capability allows a Connectivity Service to call a Business Service, thus providing the ability to lower layers to call upper layers in the architecture.
E. The event-handling capability allows a back-end system that is included in the SOI to initiate action because something important has occurred within the back-end system.
F. By employing a publish-and-subscriber message approach, the event-handling capacity allows the SOI architecture to handle high-volume message traffic because publish-and-subscribe handles higher message volumes than request-response.
Correct Answer: D
Explanation:
Note:
Events allow one system (event emitter) to notify other systems (event sink) that something of interest has
changed. There are two broad categories of event types:
*
Business Event - A business event is an event that is of business relevance and would be readily understood by a business person.
*
Technical Event - A technical event is an event that is relevant to IT but not directly relevant to the business.
As illustrated by the figure below, in this architecture all events are routed to the Business Process Layer and the appropriate business processes are executed for that event. Essentially this is a mechanism for a lower level in the architecture stack, the Connectivity Layer, to initiate actions that might include interactions with all other levels in the architecture. This is essential since the generated event will likely be backend system specific; therefore it is likely that the data must be normalized and some amount of custom logic may be required to convert the event into an event that is backend system agnostic.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Oracle exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 1Z0-574 exam preparations and Oracle certification application, do not hesitate to visit our Vcedump.com to find your solutions here.
