how many questions of 1Z0-574 vce?
Cause all that matters here is passing the Oracle 1Z0-574 exam. Cause all that you need is a high score of 1Z0-574 Oracle IT Architecture Release 3 Essentials exam. The only one thing you need to do is downloading Testking 1Z0-574 exam study guides now. We will not let you down with our money-back guarantee.
2024 Oracle Official New Released 1Z0-574 ♥♥
https://www.certleader.com/1Z0-574-dumps.html
Q1. Which of the following statements are true about asymmetric key encryption?
A. It uses a pair of keys, one public and one private, that are unique and mathematically linked.
B. It uses one key that is shared by both parties in the data exchange.
C. It is faster than symmetric key encryption.
D. It can be used in conjunction with symmetric key encryption in order to securely share a common encryption key.
E. It can be used to produce and verify digital signatures.
Answer: A,D
Explanation: A:Public (asymmetric) key encryption uses a pair of keys, one private and one public.
The public key is freely distributed to any party that may wish to send encrypted data.
Once encrypted, data can only be decrypted with the private key. Therefore the private key is maintained by the receiving party and is not shared with anyone else.
The two keys are mathematically related, but can't be used to discover each other.
D: A combination of symmetric and asymmetric encryption is often used.
Reference: Oracle Reference Architecture,Security, Release 3.1
Q2. Which of the following statements about asset-centric engineering is true?
A. Project assets are maintained at each individual project level in an asset-centric engineering.
B. Asset-centric engineering promotes an integrated asset management approach in which assets are shared across the enterprise.
C. Asset-centric engineering uses multiple enterprise repositories to store and maintain the assets.
D. Asset-centric engineering requires that everything related to the assets,including metadata and payload, should be stored in the same repository.
Answer: D
Explanation: The underlying core principle of ORA Engineering is asset sharing and enterprise development through an integrated asset management approach. Most organizations use a Software Configuration Management (SCM) or Version Control System (VCS) for managing the code and configuration assets. These tools are great for managing the versioning of assets produced but they don't maintain the metadata of the assets. Without metadata assets are not organized in context and it is hard to discover them. ORA recommends an asset-centric engineering process, where an Asset Manager is used to address the challenges posed by the traditional approaches. The Asset Manager is typically an enterprise-scoped Metadata Repository working in concert with SCMs and other types of asset repositories.
Reference: Oracle Reference Architecture,Software Engineering, Release 3.0
Q3. The WebShipAnywhere company currently has a manual Order-to-Ship process. The company is implementing Service-Oriented Integration architecture and, as part of that initiative, they are automating the Order-to-Ship process.
Whenever an order ships, the Warehouse Management System (WMS) is manually updated to reflect that the order has been shipped. If the Inventory for any product that was part of the order drops below a threshold value, the WMS alerts the user via a pop-up screen indicating that the product inventory is low. When this happens, the user logs in to the Purchasing System (PS) and enters the need to order more of the product. Both the WMS and PS are thick-client, two-tier applications that use an Oracle database. As part of automating the Order-to-Ship process, the company would like to remove this manual step.
What integration pattern(s) should be used to automate this manual step?
A. The WMS should be modified to create a "low-inventory" event and publish the event to a topic queue following the publish-and-subscribe pattern. An event handler registered for the "low- inventory" event then receives the event and updates the PS.
B. The polling integration pattern should be used to detect that the inventory for a product is low in the WMS. If a product inventory is low, the polling component uses a reliable-one-way message to call an SOA Service that updates the PS.
C. It is not possible to integrate thick-client, two-tier applications (such as VMS and PS) by using a SOI architecture. Only applications with service interfaces can be included in an SOI architecture
D. The polling integration pattern should be used to detect that the inventory for a product is low in the VMS. If a product inventory is low, a “low-inventory” event should be created and published to a topic queue following the publish-and-subscribe pattern. An event handler registered for the “low inventory” event then receives the event and updates the PS.
E. Because both the WMS and the PS use Oracle database, the WMS should be modified to use a trigger to update the PS database whenever a low inventory is detected.
Answer: B
Explanation: Polling, using a reliable-one-way message, and using a SOA Service is a good solution.
Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0
Q4. Which of the following capabilities are provided by containers?
A. Transaction Support
B. Security Support
C. Thread Management
D. Business Processes
Answer: A,B,C
Explanation: Containers provide several capabilities that include the following: Transaction Support (A) Security Support (B) Scalability and Performance Thread Management (C) Data and Code Integrity Centralized Configuration Connection and Session Management Abstraction
Reference: Oracle Reference Architecture, Application Infrastructure Foundation, Release 3.0
Q5. Which statements arc true about Rich Internet Applications (RIAs)?
A. A Rich Internet Application (RIA) is a web application that provides the type of sophisticated user Interface that has traditionally requiredadedicated desktop client.
B. There are a variety of technologies being applied to create RIAs, but all provide a sophisticated user interface delivered through a browser.
C. Rich Internet Applications provide only limited functionality and the traditional fat client is still needed in cases such as those requiring animation.
D. Rich Internet Applications transfer all the business application processing to the client, thereby reducing the cost of the server infrastructure.
Answer: A,B
Explanation: A Rich Internet Application (RIA) is a Web application that has many of the characteristics of desktop application software, typically delivered by way of a site-specific browser, a browser plug-in, an independent sandbox, extensive use of JavaScript, or a virtual machine. Adobe Flash, JavaFX, and Microsoft Silverlight are currently the three most common platforms.
Not D: Rich internet applications (RIA) move some (but usually not all) of the view and controller functionality to the Client Tier.
Note: Web 2.0 introduces even more client-side code to enrich the user experience (i.e. Rich Internet Applications). This can be done in a standardized way, such as the Ajax framework. New message-injection attacks are possible in areas such as cross-site scripting and cross-site-forgery due to poor protocol implementations and poor message parsing. An example exploit is the SAMY worm created on MySpace.
Q6. Oracle Entitlements Server (OES) provides fine grained authorization capabilities that, along with Oracle Access Manager (OAM), comprise the XACML based Authorization Service. What factors should be considered when choosing how to specify and deploy OES policy decision points (PDPs)?
A. If a policy enforcement point exists in the DMZ, then a remote PDP should be deployed behind the inner firewall.
B. If both OAM and OES are used, then OES should be configured to use the PDP embeddedin OAM.
C. OES includes a security provider for Oracle WebLogic Server that will handle policy decisions locally.
D. Oracle Advanced Security includes a universal stand-alone PDP that provides access for Java, NET, and SOAP clients.
E. It is best to use a local PDP whenever possible to avoid network calls between the PEP and PDP. A remote PDP ran be used when a local PDP is not available for the client technology, or for other various exceptional cases.
Answer: A,C,E
Explanation: A, E:Policy decision points (PDPs) for computingnodes located outside the secure environment. For example, web servers located in theDMZ might leverage a central PDP, deployed behind a firewall. Policy enforcement is still local to the web servers but decisions are made remotely.
C: OES integrates with OPSS (and other security platforms) to enable the use of local PEPs and
PDPs. OPSS is a standards-based Java framework of plug-in security services and APIs.
It provides the platform security for Oracle WebLogic Server.
Note: OES is a fine-grained authorization engine that simplifies the management of complex entitlement policies. The authorization engine includes both local and centralized PDPs. OES integrates with OPSS (and other security platforms) to enable the use of local PEPs and PDPs. Policy administration is centralized, providing a broad perspective of access privileges, yet delegated, enabling multiple stakeholders to maintain the policies that affect them.
Note 2: PDP - Policy Decision Point, where policy is evaluated and a decision is made.
PDPs may be distributed throughout the IT environment and physically co-located with PEPs to avoid network latency.
Note 3: PEP - Policy Enforcement Point, where permit/deny access decisions are enforced. This is generally included in SOA Service or application infrastructure, such as J2EE containers that manage security. It may also be represented as custom code within a SOA Service or application, providing fine grained entitlements evaluation.
Reference: Oracle Reference Architecture, Security , Release 3.1
Q7. Identify the true statements in the following list.
A. The core components of the ORA UI Logical view are grouped into the client tier and the server tier.
B. The components of the ORA UI Logical view are model, view, and controller.
C. The core components of the ORA UI Logical view are grouped into thedisplaytier and theresourcestier.
D. In addition to the core components, the Logical view also includes security, communication protocols, and development tools.
Answer: A,D
Explanation: The Logical View of the architecture describes the various layers in the architecture.
Each layer encapsulates specific capabilities for the overall architecture. Upper layers
in the architecture leverage the capabilities provided by the lower layers.
The Client Tier is hosted on the display device.
The Service Tier hosts the capabilities that satisfy the requirements of the end user.
Q8. The Product Mapping view of the Service-Oriented Integration architecture shows some of the Oracle products mapped onto two or more layers in the architecture. For example, Oracle WebLogic Suite (OWLS) is mapped to the Business Service Layer, the Data Normalization Layer, and the Connectivity Layer. Which statement best describes why OWLS is mapped to these three layers in the OSI architecture?
A. OWLSis the only product that provides all the capabilities required by the three layers in the OSI architecture.
B. When OWLSis used to implement the OSI architecture, the three layers need to be combined Into a single architectural layer.
C. OWLS can be used to host assets delivering the capabilities in any or all of the three layers. Assets hosted on OWLS should still adhere to the layering of the architect.
D. OWLS plus the other Oracle products that are mapped to the three layers are required to deliver the capabilities for the three layers in the architecture.
E. The other Oracle product mapped to the three layers all have OWLS embedded in the product. Thus, OWLS is required for the products mapped into three layers.
Answer: E
Explanation: OPSS is incorporated into OWLS which ties the entire Service Tier into the enterprise security architecture.
The OWC provides the majority of the capabilities required for a modern user interface.
OWC provides some higher-level Connectivity capabilities (e.g. connectivity to content management systems, WSRP). OWLS provides the base Connectivity (e.g. JDBC,
JCA) to connect to the Resource Tier.
Note: Oracle WebLogic Suite (OWLS) - fully implements the latest Java EE standards, provides industry leading reliability and performance, and includes comprehensive management capabilities. OWLS can be used to host the Oracle WebCenter products.
Reference: Oracle Reference Architecture, User Interaction, Release 3.0
Q9. Which of the following statements are true about defense-in-depth strategy?
A. It saves money by allowing organizations to remove costly perimeter security Infrastructure.
B. It is a strategy designed to win the battle by attrition. It consists of multiple security measures at various levels as opposed to a single barrier.
C. It includes security measures for the network, the operating system, the application, and data.
D. Due to network overhead issues, it should not be used in a distributed computing environment such as SOA or cloud computing.
E. It is a good strategy to protect an organization from insider threats.
Answer: B,C,E
Explanation: Defense in depth is a security strategy in which multiple, independent, and mutually reinforcing security controls are leveraged to secure an IT environment.
The basic premise is that a combination of mechanisms, procedures and policies at different layers within a system are harder to bypass than a single or small number security mechanisms. An attacker may penetrate the outer layers but will be stopped before reaching the target, which is usually the data or content stored in the 'innermost' layers of the environment. Defense in depth is also adopted from military defense strategy, where the enemy is defeated by attrition as it battles its way against several layers of defense.
Defense in depth should be applied so that a combination of firewalls, intrusion detection and prevention, user management, authentication, authorization, and encryption mechanisms are employed across tiers and network zones.
The strategy also includes protection of data persisted in the form of backups and transportable/mobile devices. Defense in depth should take into account OS and VM hardening as well as configuration control as means of preventing attackers from thwarting the system by entering via the OS or by tampering with application files.
Reference: Oracle Reference Architecture,Security, Release 3.1
Q10. Which of the following are primary parts of a SOA Service as defined by the Oracle Reference Architecture?
A. Service Contract
B. Usage Agreement
C. Service Infrastructure
D. Service Implementation
E. Service Interface
F. Web Services Description Language (WSDL)
Answer: A,D,E
Explanation: The three primary parts of a SOA Service as defined by ORA are contract, interface, and implementation.
Note:
A Service Contract describes the SOA Service in human-readable terms.
The Service Implementation is the technical realization of the contract. I
A Service Interface provides a means for the consumers of a SOA Service to access its functionality according to the Service Contract.
Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0