Exam Code: 1Z0-574 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Oracle IT Architecture Release 3 Essentials
Certification Provider: Oracle
Free Today! Guaranteed Training- Pass 1Z0-574 Exam.


♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for Oracle 1Z0-574 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 1Z0-574 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/1Z0-574-exam-dumps.html

Q81. What are the benefits of the browser over traditional user Interfaces (for example, client-server GUI)? 

A. HTML provides a richer interface for end users. 

B. Development, maintenance, and support costs are reduced. 

C. The browser simplifies application deployment compared to dedicated client server GUI applications. 

D. There is more variety among browsers than among client-server GUIs. 

E. The browser provides a richer graphical environment than client-server GUIs. 

F. Browsers can support more diverse devices than dedicated client-server GUI application. 

Answer: B,C,F 

Explanation: 


Q82. Which four components of the following list should be found in the client tier of the Logical view of the Oracle Reference Architecture User Interaction? 

A. Personalization 

B. Communication services 

C. State management 

D. Customization 

E. Collaboration 

F. Syndication 

G. Controller 

H. Rendering 

Answer: B,C,G,H 

Explanation: The Client Tier is hosted on the display device. As mentioned above, this may be a browser or an thick client specific to the display device. 

Regardless of the choice for the Client Tier, there are standard capabilities provided by 

this tier in the architecture: 

Controller: The Controller accepts input from the user and performs actions based on that input. 

State Management: The State Management component is responsible for maintaining the current 

state of the user interface. 

Rendering: The Rendering component is responsible for delivering a view of the interface suitable 

for the end user. 

Communication Services: The Communication Services provide the means to access Service Tier 

capabilities. 

Note: Security Container, Data Management and Composition can also be included here. 

Reference: Oracle Reference Architecture, User Interaction, Release 3.0 


Q83. The Product Mapping view of the Service-Oriented Integration architecture shows some of the Oracle products mapped onto two or more layers in the architecture. For example, Oracle WebLogic Suite (OWLS) is mapped to the Business Service Layer, the Data Normalization Layer, and the Connectivity Layer. Which statement best describes why OWLS is mapped to these three layers in the OSI architecture? 

A. OWLSis the only product that provides all the capabilities required by the three layers in the OSI architecture. 

B. When OWLSis used to implement the OSI architecture, the three layers need to be combined Into a single architectural layer. 

C. OWLS can be used to host assets delivering the capabilities in any or all of the three layers. Assets hosted on OWLS should still adhere to the layering of the architect. 

D. OWLS plus the other Oracle products that are mapped to the three layers are required to deliver the capabilities for the three layers in the architecture. 

E. The other Oracle product mapped to the three layers all have OWLS embedded in the product. Thus, OWLS is required for the products mapped into three layers. 

Answer:

Explanation: OPSS is incorporated into OWLS which ties the entire Service Tier into the enterprise security architecture. 

The OWC provides the majority of the capabilities required for a modern user interface. 

OWC provides some higher-level Connectivity capabilities (e.g. connectivity to content management systems, WSRP). OWLS provides the base Connectivity (e.g. JDBC, 

JCA) to connect to the Resource Tier. 

Note: Oracle WebLogic Suite (OWLS) - fully implements the latest Java EE standards, provides industry leading reliability and performance, and includes comprehensive management capabilities. OWLS can be used to host the Oracle WebCenter products. 

Reference: Oracle Reference Architecture, User Interaction, Release 3.0 


Q84. What best describes the best practice deployment of Metadata Repository? 

A. Every project should deploy its own dedicated Metadata Repository to ensure that the project assets are properly organized. 

B. The Metadata Repository is deployed as a single enterprise-scoped cluster to promote a single view of the enterprise. 

C. A sandbox Metadata Repository for training and testing purposes should not be deployed. 

D. The Source Code Management (SCM) server doubles as a Metadata Repository. 

Answer:

Explanation: A metadata repository is used as a common repository for managing metadata of different applications. Many applications use the MDS repository to manage their metadata. Each deployed application uses a logical partition in metadata repository. This logical partition also helps in maintaining the metadata lifecycle. Before deploying a application, you create a partition for it in MDS repository. This command creates a partition with the given name in the specified repository. 

Note: The Metadata repository provides a centralized holding area for a great deal of SOA related information that will be utilized at design time to construct additional services and applications. The repository also provides the primary means for service discovery. In many ways, the service repository can be utilized as the center point for service oriented design. 


Q85. Which of the following statements are true? 

A. The MVC pattern became very popular when the client-server architecture was in common use. 

B. MVC was developed to map to three tiers of an n-tier architecture. 

C. Federation, as applied to user interfaces, means that all security standards must only be applied at a level at which government security agencies are able to decrypt communications. 

D. Federation, as applied to user interfaces, is the concept that parts of the user interface arecreatedand controlled by an organization that is separate from the organization creating the user interface. 

E. When in a disconnected state, the Data Management capability in the client tier may act temporarily as the model allowing the user interface to function. 

F. Federation, as applied to a user interfaces, means that data must be replicated. 

Answer: A,D 

Explanation: A: When the MVC pattern came into prominence, client-server was the system architecture de rigueur. Note: The model-view-controller (MVC) pattern separates the three major elements in the user interface; thereby providing separation of concerns which results in code that is more easily understood, reused, modified, and maintained. The three major elements in the user interface are: model, view, and controller. 

D: Whereas the MVC pattern and modular programming are relatively old concepts (at least as far as software development is concerned), federation is a relatively new concept closely related to service orientation. Applied to user interfaces, federation is the concept that parts of the user interface are created and controlled by an organization (authority) that is separate from the organization (authority) creating the user interface. 

Reference: Oracle Reference Architecture, User Interaction, Release 3.0 


Q86. Which of the following statements are true about asymmetric key encryption? 

A. It uses a pair of keys, one public and one private, that are unique and mathematically linked. 

B. It uses one key that is shared by both parties in the data exchange. 

C. It is faster than symmetric key encryption. 

D. It can be used in conjunction with symmetric key encryption in order to securely share a common encryption key. 

E. It can be used to produce and verify digital signatures. 

Answer: A,D 

Explanation: A:Public (asymmetric) key encryption uses a pair of keys, one private and one public. 

The public key is freely distributed to any party that may wish to send encrypted data. 

Once encrypted, data can only be decrypted with the private key. Therefore the private key is maintained by the receiving party and is not shared with anyone else. 

The two keys are mathematically related, but can't be used to discover each other. 

D: A combination of symmetric and asymmetric encryption is often used. 

Reference: Oracle Reference Architecture,Security, Release 3.1 


Q87. Which one of the following user classification schemes best reflects what function or function performs? 

A. role-based classification 

B. rule-based classification 

C. group-based classification 

D. attribute-based classification 

E. rank-based classification 

Answer:

Explanation: Given the potentially large number of users of a system, access privileges are generally not assigned at the user level. Instead, users are assigned to groups (mimicking the organizational structure of a company), or roles (defined based on job functions that users perform), or some combination of the two. Access privileges are then assigned to groups and/or roles. The most natural case is that they are assigned to roles, since roles align more closely with operations users naturally perform to accomplish their job. The industry term for this is Role-Based Access Control (RBAC). RBAC is more flexible than defining access rights based on usernames or static groups and enables an organization to be more versatile when allocating resources. With RBAC the system must determine if the subject (user or client) is associated with a role that has been granted access to a resource. This process of user to role ascertainment is called role mapping. 

Incorrect answers 

B: Rule-based access control is very similar to fine-grained access control, where access is controlled by rules defined in policies. The twist is that rules might refer to each other. For instance, access may be granted to resource/function A as long as it is not also granted to resource/function B. This form of control can be used to ensure that a group or individual is not given privileges that create a conflict of interest or inappropriate level of authority. For instance, the approver of expenses or purchases cannot be the same as the requestor. 

C: Role is better here. 

D: There are times when access should be based on characteristics the user has rather than the organization or roles to which the user belongs. For instance, a customer with premium status might be granted access to exclusive offers, and a sales representative that has achieved his target sales revenue might have access to certain perks. Such levels of status vary over time, making it difficult to manage access based on relatively static group or role assignments. Attribute-based access control offers a more dynamic method of evaluation. Decisions are based on attributes assigned to users, which are free to change as business events unfold. Access policies define the attributes and values a user must have, and access decisions are evaluated against the current values assigned to the user. Attributes can be used to support both course-grained and fine-grained authorization. 

E: No such thing as rank-based classification 

Reference: Oracle Reference Architecture,Security, Release 3.1 


Q88. What additional functions might an authentication service perform aside from performing basic authentication? 

A. directory management 

B. strong authentication 

C. risk profiling based on conditional factors such as time of day, device, or location 

D. initiating challengequestions based on conditional factors such as time of day, device 

E. forwarding users to password update and reset services 

Answer:

Explanation: The authentication service can detect when the user's password needs to be reset or changed and redirect the user to a self-service management interface. 

Reference: Oracle Reference Architecture,Security, Release 3.1 


Q89. Which of the following statements pertaining to role-based and group-based user classifications are true? 

A. A role is a subset of a group where all users share a commonidentity. 

B. Users can belong to one and only one role. 

C. A role can have any number of users. 

D. A group is a collection of users that perform the same function. A role is a collection of groups. 

E. Access privileges can be assigned to roles or groups. 

Answer: C,E 

Explanation: A group is a set of users, classified by common trait. 

A role is an abstract name for the permission to access a particular set of resources in an application. 

Multiple users can be mapped to a role. 

Users can be mapped to multiple roles. 

Incorrect answers 

A, B: Just wrong. 

D: A group is a collection of users, but a role does not need to be a collection of groups. 

Note: Given the potentially large number of users of a system, access privileges are generally not assigned at the user level. Instead, users are assigned to groups (mimicking the organizational structure of a company), or roles (defined based on job functions that users perform), or some combination of the two. Access privileges are then assigned to groups and/or roles. The most natural case is that they are assigned to roles, since roles align more closely with operations users naturally perform to accomplish their job. The industry term for this is Role-Based Access Control (RBAC). RBAC is more flexible than defining access rights based on usernames or static groups and enables an organization to be more versatile when allocating resources. With RBAC the system must determine if the subject (user or client) is associated with a role that has been granted access to a resource. This process of user to role ascertainment is called role mapping. 


Q90. Which one of the following statements best describes authentication as a service? 

A. Authentication is a service offered by the local computing platform to the application it is hosting. The application uses this service to authenticate users with a local LDAP. 

B. Authentication is a service offered by the enterprise security framework. Applications access it directly, bypassing local platform security. The authentication service provides a level of abstraction between applications and the various instances of infrastructure (LDAPs, databases) that can be used to verify credentials. 

C. Authentication is a service offered by both the local computing platform and the enterprise security framework. The local platform can be configured to direct requests to local LDAPs or common enterprise services, depending on the operating environment (dev/test/production). 

Meanwhile, the enterprise security framework services can virtualize several shared credential stores into a single shared service. 

D. Authentication is not a valid example of a security service. 

Answer:

Explanation: ORA Security is one of the series of documents that comprise Oracle Reference Architecture. ORA Security describes important aspects of the enterprise security layer including identity, role, and entitlement management, authentication, authorization, and auditing (AAA), and transport, message, and data security. 

A desktop SSO solution is one that lives on the user's personal computer and handles authentication challenges on behalf of the user. The user logs into his desktop environment, which in turn works on his behalf to authenticate to the applications he accesses. The user is no longer prompted for credentials - they are provided automatically by a process running on the desktop. 

Reference: Oracle Reference Architecture,Security, Release 3.1