Exam Code: 1Z0-574 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Oracle IT Architecture Release 3 Essentials
Certification Provider: Oracle
Free Today! Guaranteed Training- Pass 1Z0-574 Exam.
2021 Sep 1Z0-574 practice exam
Q51. As part of a company-wide IT Initiative to simplify and rationalize the technology and products used you have been tasked with defining an Enterprise Architecture. The Enterprise Architecture will be used to communicate the desired future state where redundant, deprecated, and undesired technology and products have been eliminated. Oracle products will be included. In the Enterprise Architecture, it will be products from other vendors, including products that directly compete with Oracle products.
Which option best describes how IT Strategies from Oracle (ITSO) material can be used while creating the Enterprise Architecture?
A. The ITSO material cannot be used because ITSO applies to Oracle products only.
B. The ITSO material can be used without modification because it has no Oracle product dependencies.
C. The ITSO material can be used as reference material but will require customization to reflect specific products selected by the company.
D. The Oracle Reference Architecture component of ITSO can be readily applied, but the Rest of ITSO cannot, because of product dependencies.
E. The Oracle Reference Architecture component of ITSO cannot be applied due to pre dependencies, but the rest of ITSO can be applied.
F. The ITSO material is not applicable to rationalization of IT asset
Answer: C
Explanation: IT Strategies from Oracle (ITSO) is a series of documentation and supporting collateral designed to enable organizations to develop an architecture-centric approach to enterprise-class IT initiatives. ITSO presents successful technology strategies and solution designs by defining universally adopted architecture concepts, principles, guidelines, standards, and patterns.
ITSO is made up of three primary elements:
* Oracle Reference Architecture (ORA) defines a detailed and consistent architecture for developing and integrating solutions based on Oracle technologies. The reference architecture offers architecture principles and guidance based on recommendations from technical experts across Oracle. It covers a broad spectrum of concerns pertaining to technology architecture, including middleware, database, hardware, processes, and services.
* Enterprise Technology Strategies (ETS) offer valuable guidance on the adoption of horizontal technologies for the enterprise.They explain how to successfully
execute on a strategy by addressing concerns pertaining to architecture, technology, engineering, strategy, and governance. An organization can use this material to measure their maturity, develop their strategy, and achieve greater levels of success and adoption. In addition, each ETS extends the Oracle Reference Architecture by adding the unique capabilities and components provided by that particular technology. It offers a horizontal technology-based perspective of ORA.
* Enterprise Solution Designs (ESD) are industry specific solution perspectives based on ORA. They define the high level business processes and functions, and the software capabilities in an underlying technology infrastructure that are required to build enterprise-wide industry solutions. ESDs also map the relevant application and technology products against solutions to illustrate how capabilities in Oracle’s complete integrated stack can best meet the business, technical and quality of service requirements within a particular industry.
Reference: IT Strategies from Oracle, An Overview, Release 3.0
Q52. How is Oracle Database Firewall (ODF) used to protect applications from attacks such as SQL- Injection?
A. ODF is an option for the Oracle Database. A DBA configures this option to inspect database commands and compare them with a set of known attacks. An ODF agent periodically downloads the latest signatures in order to keep up with the latest known types of attacks.
B. ODF is a feature of Oracle Advanced Security. A database security administrator configures each database realm with a set of acceptable ports and protocols from which database clients can connect. Valid connections are continuously monitored for suspicious activity.
C. ODF is an agent based secure connection component that is installed on the database and on the clients. It creates a VPN-like connection between the two that greatly reduces the likelihood of man-in-the-middle and SQL-injection attacks. An administrator installs ODF and configures it for a specific environment.
D. ODF is a stand-alone product that is installed in between the client and database. It monitors and/or blocks SQL statements, comparing them against a set of known good or known bad statements.
Answer: D
Explanation: Oracle Database Firewall (ODF) - ODF is the first line of defense for both Oracle and non-Oracle databases. It monitors database activity on the network to help prevent unauthorized access, SQL injections, and other forms of attack. ODF uses positive (white list) and negative (black list) security models to validate SQL commands before they can reach the database. The ODF instances act as a firewall for incoming SQL traffic. Each instance can handle multiple downstream databases, and the instances are configured for high availability. SQL traffic must pass through the firewall boxes in order to reach the databases. ODF protects Oracle, MySQL, Microsoft SQL Server, IBM DB2 for Linux, Unix, and Windows, and Sybase databases
Reference: Oracle Reference Architecture,Security, Release 3.1
Q53. The Product Mapping view of the Service-Oriented Integration architecture shows some of the Oracle products mapped onto two or more layers in the architecture. For example, Oracle WebLogic Suite (OWLS) is mapped to the Business Service Layer, the Data Normalization Layer, and the Connectivity Layer. Which statement best describes why OWLS is mapped to these three layers in the OSI architecture?
A. OWLSis the only product that provides all the capabilities required by the three layers in the OSI architecture.
B. When OWLSis used to implement the OSI architecture, the three layers need to be combined Into a single architectural layer.
C. OWLS can be used to host assets delivering the capabilities in any or all of the three layers. Assets hosted on OWLS should still adhere to the layering of the architect.
D. OWLS plus the other Oracle products that are mapped to the three layers are required to deliver the capabilities for the three layers in the architecture.
E. The other Oracle product mapped to the three layers all have OWLS embedded in the product. Thus, OWLS is required for the products mapped into three layers.
Answer: E
Explanation: OPSS is incorporated into OWLS which ties the entire Service Tier into the enterprise security architecture.
The OWC provides the majority of the capabilities required for a modern user interface.
OWC provides some higher-level Connectivity capabilities (e.g. connectivity to content management systems, WSRP). OWLS provides the base Connectivity (e.g. JDBC,
JCA) to connect to the Resource Tier.
Note: Oracle WebLogic Suite (OWLS) - fully implements the latest Java EE standards, provides industry leading reliability and performance, and includes comprehensive management capabilities. OWLS can be used to host the Oracle WebCenter products.
Reference: Oracle Reference Architecture, User Interaction, Release 3.0
Q54. Which of the following statements are true concerning, data formats used In Service-Oriented Integration (SOI)?
A. SOA Services used in SOI should use application-specific data formats to ensure accurate transmission of data entities from the source systems.
B. A single, canonical data model must be created to successfully build an enterprise-wide SOI.
C. Data formats should be based on logical representations of business-level entities to facilitate composite application assembly.
D. Application-specific data formats should be translated to and from normalized data formats.
E. Data formats should use third normal form because this is the most efficient format for transmitting data.
F. Binary data formats should not be used because they are costly and difficult to maintain.
G. XML data formats should not be used because they are too verbose and result in poor performance.
Answer: C,D,F
Explanation: C:Logical Data Representations Message and data formats should be based on logical representations of business objects rather than native application data structures.
D: Providing consumer representations and reading from and writing to multiple source systems leads to the issue of data format transformations. For a very small number of source systems, point-to-point transformations can be used by the SOA Services.
However, this approach becomes untenable as the number of source systems increases.
Thus, a better approach is to create a normalized format for the data entities and then provide transformations to and from the normalized format for each source system.
Normalized Data Formats
Data transformations are to and from normalized formats. Normalized data formats facilitate composition and reduce the number of transformations that must be created and maintained.
F: Binary data formats would be awkward.
Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0
Q55. Which statement is true with respect to Metadata Repository and Asset Repository?
A. Metadata Repository manages the data about the assets, and Asset Repository stores the payload of the assets.
B. Asset Repository manages the data about the assets, and Metadata Repository stores the payload of the assets.
C. Metadata Repository stores everything related to the assets. Including metadata and payload.
D. Asset Repository stores everything related to the assets, including metadata and payload.
Explanation: Asset repository refers to the tools or technologies that store the physical assets or
payload, as opposed to the metadata that is stored in the Metadata Repository. Reference: Oracle Reference Architecture,Software Engineering, Release 3.0
Avant-garde 1Z0-574 exam question:
Q56. There are a number of ways to classify applications in order to assess business risks and assign appropriate security policies. Which of the following is not described as a primary means to classify an application?
A. by the user community it serves, such as HR, finance, all employees, general public, and so on
B. by the information it handles, such as classified information, personal information, publicly availableinformation, and so on
C. by business criticality, such as revenue-generating applications versus informational applications
D. by technology and/or vendor, such as .NET versus Java, and so on
E. by the applicability of existing laws and regulations pertaining to privacy, auditing, and access control
Answer: D
Explanation: Applications can be classified in a number of ways, such as:
* By the user community it serves, such as HR, Finance, company executives, all employees, all persons working on behalf of the company (includes contractors and temporary workers), general public, etc. (not A)
* Based on information confidentiality. Some applications process personal information while others do not. Likewise, in military terms, an application might be targeted towards individuals with a specific level of clearance. (not B)
* Based on business criticality. Some applications may have a direct and severe contribution or impact to revenue. Examples include order processing, credit card processing, call processing, securities trading, and travel reservations. Others may have little or no impact. (not C)
* Based on the applicability of existing laws and regulations. For example, HIPPA puts more security emphasis on patient records than would otherwise exist. (not E)
* Based on network exposure. Levels might include: locked down (no network access), secure production environment access, general organization-wide intranet access, partner access, Internet access limited to a specific user community, and Internet access open to the public.
Reference: Oracle Reference Architecture,Security, Release 3.1
Q57. Which of the following are ORA Engineering logical categories?
A. Integrated Development Environment
B. Quality Manager
C. Asset Manager
D. Monitoring and Management
Answer: A,B
Explanation: The Engineering logical view shows the logical components of the Engineering environment and show how they are connected to each other. T The primary logical categories as shown are: *Modeler *Integrated Development Environment (IDE) *Quality Manager *Deployment Manager *Metadata Repository *Asset Repository
Reference: Oracle Reference Architecture, Software Engineering, Release 3.0, Engineering Logical View
Q58. Which of the following are capabilities provided by the Monitoring Engine within the Logical view of the Management and Monitoring architecture?
A. Resource Monitor
B. System Monitor
C. Collection Monitor
D. Service Monitor
Answer: A,B,D
Explanation: Logocal View, Monitoring Engine:
Note: The Monitoring Engine contains a number of monitoring sub-systems which respond to scheduled events, and specific user actions within the management console in making various requests for data to be collected from various managed targets. In addition, these monitoring sub-systems integrate with each other to offer the administrator full discovery and drill down capabilities.
Reference: Oracle Reference Architecture,Management and Monitoring, Release 3.0
Q59. Which of the following statements are true about applying security to SOA Services?
A. SOA Services must base access control decisions on roles, attributes, rules, and so on, that are universal to all consumers.
B. SOA Services are difficult to secure due to a lack of security standards for Web Services.
C. SOA Services are a type of monolithic application with self-contained identity and role management.
D. Data returned by a SOA Service may need to be redacted according to data classification schemes, depending on the privileges of users.
Answer: A,D
Explanation: A: In terms of access control, SOA Services must base access control decisions on roles, attributes, rules, etc. that are universal to all consumers.
D: data provided by a SOA Service must adhere to data classification restrictions that might differ between consumers. For instance, the same query service may need to redact various rows or columns of data based on restrictions assigned to classes of consumers.
Reference: Oracle Reference Architecture,Security, Release 3.1
Q60. The principle of "Security as a Service" states that business solution; must be designed to consume common security services, where possible, as opposed to implementing custom security logic and replicating copies of security data. Which of the following statements is not an Implication of this principle?
A. Security logic must be externalized as much as possible, i.e., developers must not hand-code security logic into business solutions.
B. Security enforcement, decisions, and management must be performed by dedicated, shared services and Infrastructure.
C. Wherever possible, security services must be built upon open standards.
D. Security services must use Web Service (SOAP) interfaces and XML payloads in order to promote Interoperability.
Answer: A,B,C
Explanation: Rationale: Security services allow multiple solutions to share common security logic, features, policies, and identity information. This provides a more secure environment by eliminating redundancies and associated risks. It also enables more effective management of security in the IT environment. Implications:
* Security logic must be externalized as much as possible, i.e., developers must not hand-code security logic into business solutions.(A)
* Security enforcement, decisions, and management must be performed by dedicated, shared services and infrastructure.(B)
* Security services must leverage open standards for interface protocols and message formats where possible in order to promote interoperability.(C)
* The availability and performance characteristics of security services must meet or exceed the specifications required to support the business solutions.
Reference: Oracle Reference Architecture,Security, Release 3.1