Actualtests 1Z0-574 Questions are updated and all 1Z0-574 answers are verified by experts. Once you have completely prepared with our 1Z0-574 exam prep kits you will be ready for the real 1Z0-574 exam without a problem. We have Avant-garde Oracle 1Z0-574 dumps study guide. PASSED 1Z0-574 First attempt! Here What I Did.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Oracle 1Z0-574 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 1Z0-574 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/1Z0-574-exam-dumps.html
Q1. Which of the following are the three major tiers of the Logical view of the Oracle Management Reference Architecture?
A. Administrative Tier
B. Client Tier
C. Management Tier
D. Managed Services Tier
E. Managed Target Tier
Answer: B,C,E
Explanation: * The Client Tier represents access to management content and operations as well as end users accessing the appropriate business solution. Administrators utilize a browser based console to perform their management tasks using a standard browser interface. The management console which is lightweight, easy to access and firewall friendly, enables administrators to centrally manage their entire environment.
* The Management Tier renders the content and interface for the management console that gives access to management operations such as monitoring, administration, configuration, central policy setting, and security. The Management Tier controls the accessing and uploading of management information.
* The Managed Target Tier contains the named infrastructure components that are required to be managed and monitored. It is common to utilize a combination of agent based and gateway (a.k.a. proxy) patterns to monitor and manage hosted and non-hosted targets.
Reference: Oracle Reference Architecture,Management and Monitoring, Release 3.0
Q2. The principle of "Security as a Service" states that business solution; must be designed to consume common security services, where possible, as opposed to implementing custom security logic and replicating copies of security data. Which of the following statements is not an Implication of this principle?
A. Security logic must be externalized as much as possible, i.e., developers must not hand-code security logic into business solutions.
B. Security enforcement, decisions, and management must be performed by dedicated, shared services and Infrastructure.
C. Wherever possible, security services must be built upon open standards.
D. Security services must use Web Service (SOAP) interfaces and XML payloads in order to promote Interoperability.
Answer: A,B,C
Explanation: Rationale: Security services allow multiple solutions to share common security logic, features, policies, and identity information. This provides a more secure environment by eliminating redundancies and associated risks. It also enables more effective management of security in the IT environment. Implications:
* Security logic must be externalized as much as possible, i.e., developers must not hand-code security logic into business solutions.(A)
* Security enforcement, decisions, and management must be performed by dedicated, shared services and infrastructure.(B)
* Security services must leverage open standards for interface protocols and message formats where possible in order to promote interoperability.(C)
* The availability and performance characteristics of security services must meet or exceed the specifications required to support the business solutions.
Reference: Oracle Reference Architecture,Security, Release 3.1
Q3. Conventional Management and Monitoring tools focus and produce metrics on which one of the
following?
A. holistically across heterogeneous systems
B. metrics that measure individual resources
C. metrics that focus on understanding the relationship and Interactions between component
D. metrics that capture the combined behavior of several components interacting with the shared component
Answer: B
Explanation: Conventional tools tend to focus and produce metrics on individual resources which is inadequate for an agile shared services computing environment.
Note:
A metric is a unit of measurement used to report the health of the system that is captured from the monitored infrastructure components. Metrics from all monitored infrastructure components are stored and aggregated in the Management Repository, providing administrators with a rich source of diagnostic information and trend analysis data.
Reference: Oracle Reference Architecture,Management and Monitoring, Release 3.0
Q4. Which of the following statements are true with regard to the Service Contract as defined by the Oracle Reference Architecture (ORA)?
A. A Service Contract defines the contract between a service consumer and a service provider.
B. A Service Contract defines the functional and nonfunctional capabilities of the SOA ServiceiIn human-readable terms.
C. The Web Services Description Language (WSDL) defines the Service Contract for a Web Service.
D. A Service Contract defines the totality of what the SOA Service provides, independent of individual service consumers.
E. A Service Contract Is an optional part of an SOA Service, providing human-readable documentation of the SOA Service.
Answer: B
Explanation: SOA Services include a contract that specifies the functional and non-functional capabilities provided.
In order to support business-level composition, the SOA Service must have a contract that is understandable to a business person.
Reference: Oracle Reference Architectureand Service Orientation, Release 3.0
Q5. Audit logging is a form of what type of access control mechanism?
A. detective control
B. preventive control
C. deterrent control
D. corrective control
E. compensating control
F. recovery control
Answer: A
Explanation: There are many different forms of access control, which in turn can be classified into one or more categories. Detective - Detective controls are meant to record all activities. They are passive systems that are aware of events but are not designed to prevent them from happening. Audit logging is a form of detective access control.
Reference: Oracle Reference Architecture,Security, Release 3.1
Q6. The Service-Oriented Integration (SOI) architecture includes an event-handling capability as illustrated and described in the Process View. Which statement best describes the rationale for including event handling in the SOI architecture?
A. Event-Driven Architecture (EDA) is a subset of SOI, so including event handling provides the EDA part of SOI.
B. The event-handling capability allows arbitrarily complex events to be handled by the architecture; i.e. Complex Event Handling (CEP) is part of the SOI architecture.
C. AH other interactions within the architecture are upper layers calling lower layers. The event- handling capability allows a Connectivity Service to call a Business Service, thus providing the ability to lower layers to call upper layers in the architecture.
D. The event-handling capability allows a back-end system that is included in the SOI to initiate action because something important has occurred within the back-end system.
E. By employing a publish-and-subscriber message approach, the event-handling capacity allows the SOI architecture to handle high-volume message traffic because publish-and-subscribe handles higher message volumes than request-response.
Answer: D
Explanation:
Note:
Events allow one system (event emitter) to notify other systems (event sink) that
something of interest has changed. There are two broad categories of event types:
* Business Event - A business event is an event that is of business relevance and would be readily understood by a business person.
* Technical Event - A technical event is an event that is relevant to IT but not directly relevant to the business.
As illustrated by the figure below, in this architecture all events are routed to the Business Process Layer and the appropriate business processes are executed for that event. Essentially this is a mechanism for a lower level in the architecture stack, the Connectivity Layer, to initiate actions that might include interactions with all other levels in the architecture. This is essential since the generated event will likely be backend system specific; therefore it is likely that the data must be normalized and some amount of custom logic may be required to convert the event into an event that is backend system agnostic.
Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0
Q7. Which of the following is not a valid type of SAML assertion?
A. authentication assertion
B. authorization decision assertion
C. audit assertion
D. attribute assertion
Answer: C
Explanation: SAML defines the syntax and semantics for creating XML-encoded assertions to describe authentication, attribute, and authorization (entitlement) information, and for the protocol messages to carry this information between systems. A brief description of the three SAML assertions is provided below.
* Authentication Assertion (not A) - Generated by the authority when a subject successfully authenticates. It includes identity of the issuer and the principal, time of authentication, and how long it is valid. Many authentication methods are supported, including: passwords, Kerberos, hardware tokens, certificate-based client authentication (SSL/TLS), X.509 public key, PGP, XML digital signature, etc.
* Authorization Decision Assertion (not B) - Issued by a policy decision point (PDP) containing the result of an access control decision. Authentication and attribute assertions may be provided in order to make authorization decisions. The resulting authorization assertion is used to claim access to protected resources. It includes the decision (Permit or Deny), along with the resource URI being accessed, and the action that the principal is authorized to perform.
* Attribute Assertion (not D)- Generally issued by the authority in response to a request containing an authentication assertion. It contains a collection of attribute name/value pairs, in addition to identity and other elements. Attribute assertions can be passed to the authority when authorization decisions need to be made.
Reference: Oracle Reference Architecture,Security, Release 3.1
Q8. The Mediation Layer in the Logical View of the Service-Oriented Integration architecture provides several capabilities. Which of the following are capabilities provided by the Mediation Layer?
A. enrichment - adding data elements to a data entity to give the entity increased Information
B. routing - sending the client request to the appropriate provider (s) based on some criteria
C. message transformation - converting the request message format to a different message form, appropriate for the provider
D. choreography - defining the messages that flow back and forth between systems that are participating in a business process
E. protocol mediation - converting a client request from one protocol to a different protocol used by provider
Answer: B,C,E
Explanation: The Mediation Layer provides loose coupling for the entire architecture. It decouples the layers of the architecture as well as decoupling external users of the layers from the specific layers in the architecture. The key capabilities in this layer include:
* Routing - Routing provides the ability to send the client request to the appropriate provider based on some criteria. The routing may even include sending the client request to multiple providers. This capability facilitates location transparency, versioning, scalability, partitioning, request pipelining, SLA management, etc.
* Protocol Mediation - Protocol mediation is the ability to handle a client request using one protocol (e.g. WS*, JMS, REST) with a provider using a different protocol. This provides protocol decoupling between the provider and the consumer. Message Transformation - Message transformation allows a client request using one message format to be handled by a provider that expects a different message format. This provides message format decoupling between the provider and the consumer.
* Discovery - Discovery is the mechanism by which a client finds a provider of a particular SOA Service. Discovery can occur at design time or runtime.
* Monitoring - Monitoring captures runtime information about the messages flowing through the mediation layer. Since the mediation layer is an intermediary for message traffic, it provides a centralized monitoring capability.
* Policy Enforcement - Policy enforcement provides consistent application of policies (e.g. WS-SecurityPolicy) across all messages flowing through the mediation layer. Since the mediation layer is an intermediary for message traffic, it provides a centralized policy enforcement capability.
Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0
Q9. Enterprise Architecture consists of Business Architecture, Application Architecture, Information, Architecture and Technical Architecture (BAIT). Which statement best describes Oracle Reference Architecture (ORA) in the context of BAIT?
A. ORA addresses all four (Business, Application, Information, and Technical) equally.
B. ORA is primarily focused on the Technical Architecture, with some content on the other three aspects- of BAIT.
C. ORA has content applicable to the Technical Architecture only.
D. ORA is primarily focused on the Business Architecture, with some content on the other three aspects of BAIT
E. ORA is primarily focused on the information Architecture, with some limited content on the other three aspects of BAIT.
F. ORA has content applicable to Information Architecture only.
Answer: A
Explanation: Oracle Reference Architecture(ORA) defines a detailed and consistent reference architecture for developing and integrating solutions based on current technologies from Oracle and other vendors. The reference architecture offers architecture views, principles, and guidance based on recommendations from technical experts across Oracle. It covers a broad spectrum of concerns pertaining to technology architecture, including middleware, database, hardware, processes, and services.
Q10. Which of the following statements is true with respect to virtualization?
A. Visualization creates a layer of abstraction that allows the underlying resources to be managed independently of the applications that run on them.
B. Virtualization is a hardware appliance that allows the applications to run faster.
C. Virtualization is a technology used for creating clusters to support scalability of the infrastructure.
D. Visualization may lead to server sprawl and decrease the overall data center utilization.
Answer: A,C
Explanation: A: Computer hardware virtualization (or hardware virtualisation) is the virtualization of computers or operating systems. It hides the physical characteristics of a computing platform from users, instead showing another abstract computing platform.
C: Computer clusters have historically run on separate physical computers with the same operating system. With the advent of virtualization, the cluster nodes may run on separate physical computers with different operating systems which are painted above with a virtual layer to look similar. The cluster may also be virtualized on various configurations as maintenance takes place.
Reference: Oracle White Paper, The Most Complete and Integrated Virtualization: From Desktop to Datacenter