Oracle IT Architecture Essentials v6.0 (1z0-574)

Page:    1 / 12   
Total 176 questions

The Oracle Reference Architecture provides a specific definition of SOA Service. Which statement best describes the relationship between SOA Service and Web Service?

  • A. A Web Service is one possible type of SOA Service.
  • B. A SOA Service is a Web Service with a defined Service Contract.
  • C. A SOA Service may be implemented using a Web Service Interface.
  • D. All SOA Services are Web Services, but not all Web Services are SOA Services.
  • E. All Web Services are SOA Services, but not all SOA Services are Web Services.


Answer : C

Explanation: In service-oriented integration the consumer is decoupled from the source system via the SOA Service that encapsulates and abstracts the source systems behind a service interface. Consumers of the SOA Service should need no details about the underlying source system. They should base the service usage solely on the contract provided by the SOA Service.
Unfortunately, simply adding a wrapper (e.g. Web service) to an existing system does not eliminate point-to-point integration. In fact point-to-point integration can be accomplished quite nicely using Web service interfaces. To be truly service-oriented, the SOA Services created must be well designed and constructed so the source system details do not bleed through. Service infrastructure that provides capabilities such as service discovery and routing is also essential to decouple service providers and consumers.
Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0

When mapping Oracle Products onto the Logical view, what is the best approach?

  • A. Utilize management packs, connectors, and plug-ins to create a customized product mapping for the Logical view.
  • B. Use Oracle Enterprise Manager to provide core capabilities required by the three layers for Oracle stack, and use management packs, connectors, and plug ins for non-Oracle stack.
  • C. Use an Oracle Enterprise Manager product to provide all the capabilities required by the three layers in the Management and Monitoring architecture.
  • D. Use a third-party to provide all capabilities required by the three layersin the Management and Monitoring architecture.


Answer : C

Explanation: Oracle offers a comprehensive SOA solution through a suite of SOA products. Oracle
Fusion Middleware products cover the needs of the SOA infrastructure end-to-end.
The figure below shows the mapping of Oracle products to the SOA logical components.
Management of services is extremely important in SOA environments, where services are integrated, reused, and constantly changed. Oracle Enterprise Manager (OEM) simplifies monitoring and managing SOA environments. It addresses each of the challenges by helping model, monitor, and manage the SOA environment.
The products referred in the figure are:
* OSB - Oracle Service Bus
* OSR - Oracle Service Registry
* OER - Oracle Enterprise Repository
* OWSM - Oracle Web Service Management
* OEM - Oracle Enterprise Manager (with SOA management pack)
* IdM - Identity and Access Management
There isn't necessarily a one to one mapping between logical
architecture components and products. While some products target a specific logical need, most provide additional features, such as monitoring, management, and security.
Note:
The SOA infrastructure capabilities can be grouped into the following logical components as shown in Figure below.
* Service Bus
* SOA Security Framework
* Service Registry
* Metadata Repository
* Monitoring Framework3-2 ORA SOA Infrastructure
* Management Framework
Reference: Oracle Reference Architecture, SOA Infrastructure, Release 3.0

What additional functions might an authentication service perform aside from performing basic authentication?

  • A. directory management
  • B. strong authentication
  • C. risk profiling based on conditional factors such as time of day, device, or location
  • D. initiating challengequestions based on conditional factors such as time of day, device
  • E. forwarding users to password update and reset services


Answer : E

Explanation: The authentication service can detect when the user's password needs to be reset or changed and redirect the user to a self-service management interface.
Reference: Oracle Reference Architecture,Security, Release 3.1

What best describes the best practice deployment of Metadata Repository?

  • A. Every project should deploy its own dedicated Metadata Repository to ensure that the project assets are properly organized.
  • B. The Metadata Repository is deployed as a single enterprise-scoped cluster to promote a single view of the enterprise.
  • C. A sandbox Metadata Repository for training and testing purposes should not be deployed.
  • D. The Source Code Management (SCM) server doubles as a Metadata Repository.


Answer : A

Explanation: A metadata repository is used as a common repository for managing metadata of different applications. Many applications use the MDS repository to manage their metadata. Each deployed application uses a logical partition in metadata repository.
This logical partition also helps in maintaining the metadata lifecycle. Before deploying a application, you create a partition for it in MDS repository. This command creates a partition with the given name in the specified repository.
Note: The Metadata repository provides a centralized holding area for a great deal of SOA related information that will be utilized at design time to construct additional services and applications. The repository also provides the primary means for service discovery. In many ways, the service repository can be utilized as the center point for service oriented design.

Which statement best describes how the Oracle Reference Architecture (ORA) combines different Technology Perspectives?

  • A. A Technology Perspective is a specialized view of ORA focused on a particular set of products and technology; therefore, the core ORA material represents the combination of all of the Technology Perspectives.
  • B. Each Technology Perspective belongs to an Enterprise Technology Strategy. Each Enterprise Technology Strategy includes practical guidance on how to combine the strategy with other Enterprise Technology Strategies.
  • C. The composition of different Technology Perspectives is accomplished via Industry Perspectives. The Industry Perspective illustrates and describes how the different Technology Perspectives apply to a particular industry vertical.
  • D. The composition of different Technology Perspectives is accomplished via SOA Services. The SOA conceptual model is used to illustrate and describe how each Technology Perspective consumes and provides SOA Services.


Answer : D

Explanation: The intent of SOA is to provide common reusable SOA Services that can be leveraged by a variety of consumers. SOA Services are made available to various types of service consumers in order to rationalize the way business functions are performed and enterprise data is managed. Its modular architecture approach promotes reuse and business agility, and the use of widely adopted technology standards improves interoperability between business solutions.
Service consumers consist of various types of business solutions, such as BPM, EDA,
MDM, BI.
SOA Services can also act as service consumers.
ORA provides a framework to describe how various technology perspectives are related.
Note:The reference architecture is designed to support an expanding list of technology strategies. It is also important that the various technology perspectives can be easily combined since they are very much complementary.
ORA embraces service orientation at the core so that services provide a consistent mechanism to expose and combine various technologies and the capabilities.
A high-level conceptual model for SOA is used to illustrate how technology perspectives consume and provide SOA Services.
Reference: Oracle Reference Architectureand Service Orientation, Release 3.0

Which product provides the standard communication protocols (for example, HTTPS) between the Client Tier and the Service Tier as well as Message Security?

  • A. Oracle platform Security Services
  • B. Oracle WebCenter
  • C. Application Development Framework
  • D. Oracle HI IP Server


Answer : A

Explanation: Oracle Platform Security Services comprises Oracle WebLogic Server's internal security framework and Oracle's security framework (referred to as Oracle Platform
Security). OPSS delivers security as a service within a comprehensive, standards-based security framework.
The Security Services includes SSL:Hypertext Transfer Protocol Secure (HTTPS) is a combination of Hypertext Transfer Protocol (HTTP) with SSL/TLS protocol.
Note:Oracle Platform Security Services (OPSS) provides enterprise product development teams, systems integrators (SIs), and independent software vendors (ISVs) with a standards-based, portable, integrated, enterprise-grade security framework for Java
Standard Edition (Java SE) and Java Enterprise Edition (Java EE) applications.
OPSS provides an abstraction layer in the form of standards-based application programming interfaces (APIs) that insulate developers from security and identity management implementation details. With OPSS, developers dont need to know the details of cryptographic key management or interfaces with user repositories and other identity management infrastructures. Thanks to OPSS, in-house developed applications, third-party applications, and integrated applications benefit from the same, uniform security, identity management, and audit services across the enterprise.
OPSS is the underlying security platform that provides security to Oracle Fusion
Middleware including products like WebLogic Server, SOA, WebCenter, ADF, OES to name a few. OPSS is designed from the ground up to be portable to third-party application servers. As a result, developers can use OPSS as the single security framework for both
Oracle and third-party environments, thus decreasing application development, administration, and maintenance costs.
Reference: Oracle Fusion Middleware Security Overview, 11g Release 1, About Oracle

Platform Security Services -

Which of the following statements pertaining to role-based and group-based user classifications are true?

  • A. A role is a subset of a group where all users share a commonidentity.
  • B. Users can belong to one and only one role.
  • C. A role can have any number of users.
  • D. A group is a collection of users that perform the same function. A role is a collection of groups.
  • E. Access privileges can be assigned to roles or groups.


Answer : C,E

Explanation: A group is a set of users, classified by common trait.
A role is an abstract name for the permission to access a particular set of resources in an application.
Multiple users can be mapped to a role.
Users can be mapped to multiple roles.

Incorrect answers -
A, B: Just wrong.
D: A group is a collection of users, but a role does not need to be a collection of groups.
Note: Given the potentially large number of users of a system, access privileges are generally not assigned at the user level. Instead, users are assigned to groups (mimicking the organizational structure of a company), or roles (defined based on job functions that users perform), or some combination of the two. Access privileges are then assigned to groups and/or roles. The most natural case is that they are assigned to roles, since roles align more closely with operations users naturally perform to accomplish their job. The industry term for this is Role-Based Access Control (RBAC). RBAC is more flexible than defining access rights based on usernames or static groups and enables an organization to be more versatile when allocating resources.
With RBAC the system must determine if the subject (user or client) is associated with a role that has been granted access to a resource. This process of user to role ascertainment is called role mapping.

You are designing a mission-critical application that requires high performance. Your analysis concludes that Oracle Exadata would enable you to meet the performance goals.
What characteristics of Oracle Exadata make it possible to provide such superior performance?

  • A. Oracle Exadata uses massively parallel architecture to speed up Oracle data warehouses by offloading data-intensive query processing from the databases.
  • B. By pushing SQL processing to the Oracle Exadata Storage Server, all the disks can operate in parallel, reducing database server CPU consumption while consuming much less bandwidth to move data between storage and database servers.
  • C. The Oracle Exadata Storage Server returns a query result set rather than entire tables, eliminates network bottlenecks, and frees up database server resources.
  • D. Oracle Exadata uses direct data placement to ensure very low CPU overhead by directly moving data from the wire to database buffers with no extra data copies being made.


Answer : A

Explanation: To overcome the limitations of conventional storage, Oracle Exadata Storage
Servers use a massively parallel architecture to dramatically increase data bandwidth between the database server and storage. Innovative technologies such as Exadata Smart
Scan, Exadata Smart Flash Cache, and Hybrid Columnar Compression enable Exadata to deliver extreme performance for everything from data warehousing to online transaction processing to mixed workloads.

Identify the true statements in the following list.

  • A. The origins of http and the World Wide Web are attributed to Tim Berners-Lee while he was working on a European physics project.
  • B. The Internet was invented by AlGore.
  • C. AJAX is the primary standard enabling today's Rich Internet Applications.
  • D. The Internet was invented in the US by the Advanced Research Projects Agency.
  • E. ORA UI architecture is based on Apache struts.
  • F. Today's RIA standards are provided primarily by W3C, IETF, JCP and OASIS.
  • G. Todays RIA standards are provided by the wide variety of industry-standards group including W3C, IEEE, TMF, ISO, and so on.


Answer : A,C,D,G

Explanation: C: AJAX is short for Asynchronous JavaScript And XML, which essentially limits the term to the set of RIA (Rich Internet Application) solutions based on JavaScript.
D: The Advanced Research Projects Agency created ARPA-net. Internet was developed from ARPA-net.
Note: A Rich Internet Application (RIA) is a Web application that has many of the characteristics of desktop application software, typically delivered by way of a site-specific browser, a browser plug-in, an independent sandbox, extensive use of JavaScript, or a virtual machine. Adobe Flash, JavaFX, and Microsoft Silverlight are currently the three most common platforms, with desktop browser penetration rates around 96%, 76%, and
66% respectively (as of August 2011).

Which of the following statements is true with respect to virtualization?

  • A. Visualization creates a layer of abstraction that allows the underlying resources to be managed independently of the applications that run on them.
  • B. Virtualization is a hardware appliance that allows the applications to run faster.
  • C. Virtualization is a technology used for creating clusters to support scalability of the infrastructure.
  • D. Visualization may lead to server sprawl and decrease the overall data center utilization.


Answer : A,C

Explanation: A: Computer hardware virtualization (or hardware virtualisation) is the virtualization of computers or operating systems. It hides the physical characteristics of a computing platform from users, instead showing another abstract computing platform.
C: Computer clusters have historically run on separate physical computers with the same operating system. With the advent of virtualization, the cluster nodes may run on separate physical computers with different operating systems which are painted above with a virtual layer to look similar. The cluster may also be virtualized on various configurations as maintenance takes place.
Reference: Oracle White Paper, The Most Complete and Integrated Virtualization: From

Desktop to Datacenter -

Audit logging is a form of what type of access control mechanism?

  • A. detective control
  • B. preventive control
  • C. deterrent control
  • D. corrective control
  • E. compensating control
  • F. recovery control


Answer : A

Explanation: There are many different forms of access control, which in turn can be classified into one or more categories.
Detective - Detective controls are meant to record all activities. They are passive systems that are aware of events but are not designed to prevent them from happening. Audit logging is a form of detective access control.
Reference: Oracle Reference Architecture,Security, Release 3.1

A customer with an existing WebCenter portal wants to expand his client device list to include a variety of mobile devices beyond basic browser support. What Oracle products are available to enable this expansion?

  • A. OWC, OHS, ADF Mobile, and Java ME
  • B. OWCA, ADF Mobile, OPSS, and Java ME
  • C. OWC, OHS, and ADF Mobile
  • D. OWCIC, ADF Mobile, and Java ME


Answer : A

Explanation: Oracle HTTP Server (OHS) - provides a HTTP listener for Oracle WebLogic
Server and the framework for hosting static content, dynamic content, and applications over the Web.
Java Platform, Micro Edition (Java ME)(not C):meets the needs of developers creating applications for the consumer and embedded markets. No other technology provides such robust applications across so many types of size-constrained wireless and wireline devices, from mobile phones and PDAs to set-top boxes and vehicle telematics.c
Reference: Oracle Reference Architecture, User Interaction, Release 3.0

Conceptually, management and monitoring capabilities consist of which of the following?

  • A. consolidating administration tasks for a variety of infrastructure components
  • B. homogeneous support for IT management environments
  • C. skilled architects to perform root-cause analysis
  • D. allowing enterprises to define, model, capture, and consolidate monitoringinformation into a single framework


Answer : A,D

Because each back-end system is running in a separate process, any integration architecture is required to cross multiple process boundaries. A Service-Oriented
Integration (SOI) architecture also introduces SOA Services that run in their own process, thus adding more process boundaries to be crossed. What approaches can be employed to reduce the performance impact of crossing multiple process boundaries?

  • A. There is nothing that can be done because process boundaries are just part of any integration architecture.
  • B. The SOA Services should expose larger-granularity operations to reduce the number of s-calls, which reduces the number of times process boundaries are crossed.
  • C. Service composition should be used to reduce the number of SOA Services that are exposed to the clients
  • D. The SOA Services should use XML-based request-and-response messages because XML is a platform- (and hence process-) neutral format.
  • E. The SOA Services can encapsulate multiple layers of theSOI architecture to reducenumber of service calls, which reduces the number of process boundaries being crossed.


Answer : B,E

Explanation: Each time a process boundary is crossed there are performance impacts from the network and message marshalling and de-marshalling. This is a primary reason why
SOA Services should expose relatively course-grained interfaces (B).
This is also a reason why a service implementation might span multiple layers in the architecture .(E)
Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0,

Process Boundaries -

There are a number of ways to classify applications in order to assess business risks and assign appropriate security policies. Which of the following is not described as a primary means to classify an application?

  • A. by the user community it serves, such as HR, finance, all employees, general public, and so on
  • B. by the information it handles, such as classified information, personal information, publicly availableinformation, and so on
  • C. by business criticality, such as revenue-generating applications versus informational applications
  • D. by technology and/or vendor, such as .NET versus Java, and so on
  • E. by the applicability of existing laws and regulations pertaining to privacy, auditing, and access control


Answer : D

Explanation: Applications can be classified in a number of ways, such as:
* By the user community it serves, such as HR, Finance, company executives, all employees, all persons working on behalf of the company (includes contractors and temporary workers), general public, etc. (not A)
* Based on information confidentiality. Some applications process personal information while others do not. Likewise, in military terms, an application might be targeted towards individuals with a specific level of clearance. (not B)
* Based on business criticality. Some applications may have a direct and severe contribution or impact to revenue. Examples include order processing, credit card processing, call processing, securities trading, and travel reservations. Others may have little or no impact. (not C)
* Based on the applicability of existing laws and regulations. For example, HIPPA puts more security emphasis on patient records than would otherwise exist. (not E)
* Based on network exposure. Levels might include: locked down (no network access), secure production environment access, general organization-wide intranet access, partner access, Internet access limited to a specific user community, and
Internet access open to the public.
Reference: Oracle Reference Architecture,Security, Release 3.1

Page:    1 / 12   
Total 176 questions