1Z1-574 Oracle IT Architecture Essentials Practice Exam Set 1

Which statements are correct for service versioning within Service-Oriented Integration?
A. Only one production version of each SOA Service should be allowed. Multiple versions cause
service sprawl.
B. Service consumers should be allowed to migrate to new versions of SOA Services over time as
part of regular maintenance.
C. Service consumers should be automatically migrated to new versions of SOA Services by using
the mediation layer to perform any necessary translations or transformations.
D. At most two versions of an SOA Service are allowed in production, one current and one thatís
deprecated.
E. The architecture must support multiple, concurrent production versions of SOA Services.


Options are :

  • C,D
  • A,B
  • B,D
  • B,E (Correct)

Answer : B,E

Which of the following statements are true with regard to the Service Contract as defined by the
Oracle Reference Architecture (ORA)?


Options are :

  • None
  • A Service Contract defines the contract between a service consumer and a service provider.
  • A Service Contract defines the functional and nonfunctional capabilities of the SOA ServiceiIn human-readable terms. (Correct)
  • The Web Services Description Language (WSDL) defines the Service Contract for a Web Service.
  • A Service Contract Is an optional part of an SOA Service, providing human-readable documentation of the SOA Service.
  • A Service Contract defines the totality of what the SOA Service provides, independent of individual service consumers.

Answer : A Service Contract defines the functional and nonfunctional capabilities of the SOA ServiceiIn human-readable terms.

A customer has two separate lines of business and each has its own unique resources that
are controlled independently. The customer wants to provide a single user interface at the
enterprise level that, at least from the user's perspective, unifies the separate lines of business
and presents a single consistent view. What is the most suitable architectural arrangement for
such a federated deployment?


Options are :

  • The client tier assimilates the data from the service stack of each line of business.
  • The enterprise implements full client and service stacks while each LoB deploys a partial service. sufficient to expose uniform interface elements.
  • The client tier assimilates the data from the resource stack of each line of business.
  • The enterprise implements full client stack and part of the service stack while each LoB deploys the remaining part of the service tierin order to expose uniform interface elements. (Correct)

Answer : The enterprise implements full client stack and part of the service stack while each LoB deploys the remaining part of the service tierin order to expose uniform interface elements.

Why is it necessary to have Integration of Metadata Repository to the Source Code Management
(SCM) server?


Options are :

  • The SCM needs to access the asset metadata for reporting purposes.
  • The Metadata Repository promotes the assets to the SCM.
  • The Metadata Repository links the asset metadata to the asset payload, which may be archived in the SCM. (Correct)
  • The Metadata Repository stores the asset metadata in the SCM.

Answer : The Metadata Repository links the asset metadata to the asset payload, which may be archived in the SCM.

 

Which of the following statements are true about point to point security?
A. It is often implemented using transport security protocols such as SSL/TLS.
B. It is designed to transport sensitive data over unprotected networks.
C. After data reaches an endpoint, it offers no further protection.
D. It can be combined with other forms of security such as perimeter security and defensein depth
E. SSL/TLS is used sparingly because it is difficult to set up.


Options are :

  • A,C,D
  • A,C,E
  • A,B,C,D
  • A,B,C,E (Correct)

Answer : A,B,C,E

Which of the following best describes the role of the Managed Target Tier within the Logical view
of the Management and Monitoring architecture?


Options are :

  • provides Management Repository and Management Engine capabilities
  • contains the named Infrastructure components that are required to be managed and monitored (Correct)
  • contains configuration details, historical metric data and alert Information, availability Information, and product and patch inventory Information
  • provides access to management content and operations and enables end users to access the appropriate business solution

Answer : contains the named Infrastructure components that are required to be managed and monitored

When two or more technology perspectives are combined, which statement best describes how
the Oracle Reference Architecture (ORA) applies to the combination?


Options are :

  • The vertical layersin ORA (Enterprise Development, Enterprise Security. Enterprise Management) provide the capabilities needed to combine two or more technology perspectives.
  • One of the layersin ORAis the Business Services layer that contains the SOA Services. It is these SOA Services that provide the connection between different technology perspectives; therefore the Business Services layer is the interlock between two or more technology perspectives. (Correct)
  • Each technology perspective is a separate reference architecture that leverages ORA as the common foundation for each of the individual reference architectures.
  • The vertical layers of ORA are identical for each technology perspective. Each technology perspective adds capabilities to the horizontal layers of ORA, especially the business Processes, Business Services, and Information Assets layers.
  • Each technology perspective adds to the core ORA capabilities. The core ORA capabilities support each of the technology perspectives by providing a common foundation.

Answer : One of the layersin ORAis the Business Services layer that contains the SOA Services. It is these SOA Services that provide the connection between different technology perspectives; therefore the Business Services layer is the interlock between two or more technology perspectives.

Which statement best describes the role of the Data Movement Layer within the logical view of the
Service-Oriented Integration (SOI) architecture?


Options are :

  • All create, read, update, and delete operations on persistent data are performed via the Data Movement Layer.
  • All read operations on persistent data are performed via the Data Movement Layer.
  • All write operations on persistent data are performed via the Data Movement Layer.
  • The Data Movement Layer provides access to persistent data storage for the architecture
  • The Data Movement Layer provides batch and bulk data operations for the architecture. (Correct)

Answer : The Data Movement Layer provides batch and bulk data operations for the architecture.

A modular approach has been taken to document the Oracle Reference Architecture (ORA).
Select the statements that are true for this modular approach?
A. The ORA library has a document dedicated to each Oracle product suite.
B. ORA is a collection of reference architectures, some based on specific technologies.

C. ORA is a single-reference architecture but is documented via different views of the architectssome
focused on specific technologies (Technology Perspectives), and some on industry verticals
(Industry Perspectives).
D. The number of Technology Perspectives and Industry Perspectives will increase over time.
E. The technology Perspectives are complete, but the Industry Perspectives will increase over
time as more verticals are Included.



Options are :

  • C,D,E
  • A,B,E
  • B,D,E
  • A,C,D (Correct)

Answer : A,C,D

What one the three primary concerns that developers following this architecture should strive to
conform to?
A. Personalization
B. Modular development
C. Internationalization
D. Localization
E. The Model View-Controller (MVC) pattern
F. Federation


Options are :

  • B,E,F (Correct)
  • A,D,F
  • B,D,E
  • B,C,E

Answer : B,E,F

How do you enable risk profiling on the Authentication Service?


Options are :

  • Risk profiling is a standard feature of Oracle Access Manager (OAM). It is enabled by default, but configured to only profile administrative Identities. The OAM administrator can configure additional identities individually, or by group, or enable profiling on all users.
  • Risk profiling is a feature of Oracle Advanced Security. This comprehensive suite provides value-odd authentication and authorization capabilities including multi-factor authentication and rule-based authorization. OAS is a separately installed product that integrates with OAM, OIM, and Oracle Entitlements Server (OES).
  • Risk profiling is a feature of Oracle Virtual Directory (OVD). It will assess risk based on login attempts, login devices, login locations, and so on, and take action based on configurable rules. Possible actions include denying access, terminating sessions, and raising alerts. Sample rules are provided out of the box, and additional rules can be added via the IVD administrative console.
  • Risk profiling is a feature of Oracle Adaptive Access Manager (OAAM), OAAM works in conjunction with OAM to provide value-add authentication features. OAAM will assess anomalies based on configurable rules, behavior, and risk analysis and will challenge users when risks ore detected. (Correct)
  • Risk profiling is a feature of Oracle Identity Manager (OIM). It can be performed on any collection of users, groups, and/or roles. Risk profiling is an available option for OIM 11g. An administrator must install the license and configure the set of identities to profile.

Answer : Risk profiling is a feature of Oracle Adaptive Access Manager (OAAM), OAAM works in conjunction with OAM to provide value-add authentication features. OAAM will assess anomalies based on configurable rules, behavior, and risk analysis and will challenge users when risks ore detected.

Which statements are correct with regard to the layers in the Logical View of Service-Oriented
Integration (SOI)?
A. Upper layers in the architecture leverage capabilities provided by lower layers.
B. Upper layers are allowed to access capabilities in any lower layer.
C. Upper layers are allowed to access capabilities only in the next lower layer.
D. Each layer encapsulates specific capabilities required by the entire architecture.
E. Each layer encapsulates optional capabilities of the architecture; thus any layer can be omitted
from the architecture.
F. The layers are used to partition the capabilities of the architecture, but otherwise have no
architectural significance.


Options are :

  • B,C,D
  • A,C,D (Correct)
  • A,D,F
  • B,E,F

Answer : A,C,D

ORA defines the concept of Data Grid. Which of the following is the most accurate definition of Data Grid?


Options are :

  • A Data Grid is a system composed of multiple servers that work together to manage Information and related operations such as computations in a distributed environment. (Correct)
  • A Data Grid is a cluster of databases providing scalability and high availability.
  • A Data Grid is used for data mirroring and data replication.
  • A Data Grid is a tool used to perform ETL (Extract-Transform-Load).

Answer : A Data Grid is a system composed of multiple servers that work together to manage Information and related operations such as computations in a distributed environment.

Which of the following standards states that every reusable asset must contain a minimum of one
manifest file and at least one artifact to be considered a valid reusable asset?


Options are :

  • OMG Systems Modeling Language (SysML)
  • OMG Reusable Asset Specification (RAS) (Correct)
  • OMG XML Metadata Interchange (XMI)
  • OMG Meta Object Facility (MOF)

Answer : OMG Reusable Asset Specification (RAS)

Which of the following statements best describes the ideal role of an application owner with
respect to defining application security?


Options are :

  • The application owner must become knowledgeable about security risks, threats, classifications, and policies in order to define security requirements for his or her applications. The more on owner learns about security, the more secure his or her applications will become.
  • The application owner, whenever possible, should elect to deploy applications into a public cloud computing environment. Doing so effectivelydelegatesresponsibility and accountability of concerns to another company. The owner doesn't need to be concerned with security as long as the cloud provider has been certified.
  • The application owner should hire a security expert to define security requirements for his or herapplications, based on current Industry best practices. Actively implementing the latest trends will best ensure a secure application environment.
  • The application owner should recommend adherence to common established practices for assessments, classifications, architecture, and policies that have been defined, and are actively maintained, by security experts across the organization. Deviations may be necessary, butapplication owners should strive to be consistent with best practices that have been adopted by the organization. (Correct)

Answer : The application owner should recommend adherence to common established practices for assessments, classifications, architecture, and policies that have been defined, and are actively maintained, by security experts across the organization. Deviations may be necessary, butapplication owners should strive to be consistent with best practices that have been adopted by the organization.

What are the two primary approaches of visualization?
A. Server Visualization - creating multiple logical virtual machines on top of a single hardware
platform
B. Server Consolidation - abstracting the complexities of the underlying pool of servers by creating
aggregated logical machines
C. Server Management - managing the servers by using a single-point management interface
D. Server Sprawl - leads to a disproportionate amount of physical server machines running at very
low rates of usage


Options are :

  • B,C (Correct)
  • A,B
  • C,D
  • B,D

Answer : B,C

What does the Java EE Management Specification (JSR 77) provide?


Options are :

  • a general mechanism for monitoring and managing Java resources
  • a structured approach to monitor diverse and heterogeneous shared systems
  • a standard model for managing a J2EE Platform; it describes a standard data model for monitoring and managing the runtime state of any Java EE Web application server and Its resources (Correct)
  • an internet-standard protocol for managing devices on IP networks

Answer : a standard model for managing a J2EE Platform; it describes a standard data model for monitoring and managing the runtime state of any Java EE Web application server and Its resources

Which statements are correct for service contracts?

A. Each SOA Serviceincludes a service contract.
B. When using web services, the WSDL for the web service is the service contract.
C. A service contract defines the functional and non-functional capabilities provided by an SOA
Service.
D. A service contract defines which clients are allowed to access a particular SOA Service.
E. A service contract is optional documentation that might be provided for an SOA Service.



Options are :

  • B,D
  • A,C (Correct)
  • A,B
  • C,D

Answer : A,C

Which one of the following security strategies protects data in motion but does not address data at
rest or in memory?


Options are :

  • cloud security
  • per (motor security)
  • defense In depth
  • point to point security (Correct)
  • end to end security

Answer : point to point security

Which of the following is not a key function of an identity management system?
A. user provisioning
B. password maintenance and self-service
C. approval workflow
D. LDAP integration
E. authentication


Options are :

  • B,C
  • A,C
  • D,E
  • B,E (Correct)

Answer : B,E

Which of the following statements are true?
A. When a DMZis used, all components of the architecture are deployed into the demilitarized
zone.
B. Secure Internet protocols, such as HTTPS, enable the deployment of the full UI stack without
the use of a firewall.
C. Traditional "fat client" applications may be deployed across the Internet along with browsers
and mobile devices.
D. The ORA UI architecture may be deployed in a cloud environment by using virtual servers.


Options are :

  • B,D (Correct)
  • A,B
  • C,D
  • A,C

Answer : B,D

Which statement best describes the mapping of User Interaction logical architecture layers to
deployment tiers?


Options are :

  • The Logical view and Deployment view of the User Interaction architecture do not map effectively from one to the other because other intermediate views are needed. (Correct)
  • The web tier and the application tier together map to the service layer, while the dates tier is an example of the resource layer component.
  • The web tier and the application tier together map to the client layer, while the data tier is an example of the resource layer component.
  • The web tier fulfills the majority of the client layer capabilities; the application tier maps to the service layer; the data tier is an example of the resource layer component.

Answer : The Logical view and Deployment view of the User Interaction architecture do not map effectively from one to the other because other intermediate views are needed.

Credential mapping is done in order to create the proper credential for a user in order to issue a
request to another system. In a scenario where one Oracle WebLogic Server makes a Web
Service request to another Oracle WebLogic Server, where might credential mapping be
performed?
A. In the WLS platform (OPSS / OWSM agent) making the Web Service request
B. In the service bus, if one is being used
C. In the WLS platform (OPSS / OWSM agent) responding to the request
D. In a Security Token Service, if WS-Trust is being used
E. In the credential store

F. In the identity management server


Options are :

  • C,D
  • A,C (Correct)
  • A,B
  • B,D

Answer : A,C

Which of the following are primary parts of a SOA Service as defined by the Oracle Reference
Architecture?
A. Service Contract

B. Usage Agreement
C. Service Infrastructure
D. Service Implementation
E. Service Interface
F. Web Services Description Language (WSDL)



Options are :

  • A,D,E (Correct)
  • C,D,E
  • D,E,F
  • A,B,F

Answer : A,D,E

Which statement most accurately describes the purpose of the Process view of User Interaction?


Options are :

  • The Process view describes the workflow of the user Interaction with the application from screen to screen.
  • The Process view describes the sequence of activities In the development to deployment life cycle of the UI application
  • The Process view describes the computer processes incorporated into the architecture and illustrates the interactions between the various components in the architecture. (Correct)
  • The Process view describes the business processes that are implemented In the UI applications.

Answer : The Process view describes the computer processes incorporated into the architecture and illustrates the interactions between the various components in the architecture.

Which of the following statements are true about asymmetric key encryption?
A. It uses a pair of keys, one public and one private, that are unique and mathematically linked.
B. It uses one key that is shared by both parties in the data exchange.
C. It is faster than symmetric key encryption.

D. It can be used in conjunction with symmetric key encryption in order to securely share a
common encryption key.
E. It can be used to produce and verify digital signatures.


Options are :

  • A,D (Correct)
  • B,C
  • A,B
  • C,D

Answer : A,D

What does ORA Engineering refer to as Round-Trip Engineering?


Options are :

  • the ability to effectively perform both forward and reverse engineering to seamlessly transform assets in either direction of the life cycle (Correct)
  • a continuous improvement process in the SDLC that allows the assets to be produced at various stages of the life cycle with a feedback loop from operations to requirement analysis.
  • the ability to derive artifacts from a previous life-cycle activity
  • the ability to generate artifacts backwardsinthe life cycle

Answer : the ability to effectively perform both forward and reverse engineering to seamlessly transform assets in either direction of the life cycle

What is meant by cache hit rate or ratio?


Options are :

  • the ratio of cache objects in a server to the total number of cache objectsin the server cluster
  • the percentage of times the cache was refreshed from the back-end database
  • the percentage of times the cache was hit successfully over the total number of tries (Correct)
  • the number of servers the cache is replicated to

Answer : the percentage of times the cache was hit successfully over the total number of tries

What does access to Consolidated Information in Complex Distributed Environments require?


Options are :

  • Following for diagnosing and correlating problems in complex, distributed environments.
  • siloedIT management and monitoring tools such as event managers and network managers.
  • a strong bottom-up approach to IT management to focus on the status of individual low-level Infrastructure components
  • Access to information concerning dynamicinterdependences acrossinfrastructurecomments. (Correct)
  • architects and engineers to reverse engineer applications to determine dependencies across components

Answer : Access to information concerning dynamicinterdependences acrossinfrastructurecomments.

What is the main benefit of Utility Computing?


Options are :

  • better security
  • scalability
  • high availability
  • better economics (Correct)

Answer : better economics

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions