Exam Code: 1Z0-868 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Java Enterprise Edition 5 Enterprise Architect Certified Master Upgrade Exam
Certification Provider: Oracle
Free Today! Guaranteed Training- Pass 1Z0-868 Exam.

2021 Jul 1Z0-868 dumps

Q51. Service method A(), implemented in a session bean, performs a highly sensitive operation. This operation must be available in limited ways to low-privilege users to support a low-sensitivity operation B(). Which approach addresses the requirements most securely? 

A. mark the method A() as accessible to all necessary roles 

B. mark the method A() as accessible to all appropriate roles, and use the programmatic security model to impose the necessary additional restrictions 

C. mark the method A() as accessible to all appropriate roles, and use the deployment descriptor to indicate the conditions under which each role can invoke the high priority method 

D. Mark method A() as accessible only to a special role, then use a run-as element to invoke A() from B(); before making the call to A(), B() checks that conditions are appropriate for the call 

Answer: D 


Q52. Which two actions limit the negative consequences of a successful attack? (Choose two.) 

A. implementing the principle of least privilege 

B. installing a firewall at the outer boundary of your systems 

C. placing Internet-accessible servers in a demilitarized zone 

D. using a single sign-on system so that administrators do not have to log in to each server separately 

E. giving servers administrative rights to the databases they need, and ensure that the password is not hard-coded 

Answer: A,C 


Q53. You are architecting an online music sales application. After the users purchase their songs, they can input reviews of the music in a text box. The president of your company is concerned about protecting honest users from malicious users. What precautions should you take for this specific concern? 

A. encrypt user input with Blowfish 

B. filter tags, such as applet, iframe, and script 

C. require SSL in the deployment descriptor transport guarantee 

D. make sure that the database field is large enough to handle any amount of user input 

Answer: B 


Q54. With which two is the service-oriented architecture concerned? (Choose two.) 

A. low cohesion 

B. loose coupling 

C. XML web services 

D. stateful session handling 

E. well-defined contracts 

Answer: B,E 


Q55. What are the three primary roles in a web service interaction? (Choose three.) 

A. Broker 

B. Facade 

C. Provider 

D. Decorator 

E. Requestor 

F. Interceptor 

Answer: A,C,E 


1Z0-868  real exam

Replace 1Z0-868 latest exam:

Q56. Your web page design company is designing web sites for all of the stores in a local mall. Your company must create a consistent "look and feel" for these sites. Once this "look and feel" project has gone through demonstration, enhancement, and approval iterations with the mall's clients, your job will be done, and the development of the actual B2C (business to client) system will be handled by a different firm. Which architecture is most appropriate for your prototype project? 

A. two-tier, web-centric 

B. three-tier, web-centric 

C. three-tier, enterprise-centric 

D. three-tier, application-centric 

Answer: A 


Q57. Your company is a startup that created an application to support a local insurance company. Insurance forms have a complicated object model with several levels of whole-part relationships. Currently, the code to create insurance forms is complex and embedded in object model classes. Your company has just won a bid from a major insurance corporation that handles clients across multiple countries, and each country has its own rules about how insurance forms are constructed. You need to separate the model creation from the model classes and support different construction rules. Which two patterns should you apply? (Choose two.) 

A. State 

B. Proxy 

C. Builder 

D. Strategy 

E. Prototype 

Answer: C,D 


Q58. You are building a web application that must integrate to a content management system (CMS). Your company currently has a homegrown CMS, but management is considering purchasing a new CMS. Unfortunately, you have little confidence that their latest choice, BigCMS, is likely to be the final decision. After analyzing the interface to BigCMS, you find that its interface is different from the homegrown CMS. Furthermore, you suspect that any other third-party CMS will have yet another interface. What is the simplest pattern that would isolate your web application from the interface of the CMS tool? 

A. Proxy 

B. Bridge 

C. Adapter 

D. Service Locator 

E. Business Delegate 

Answer: C 


Q59. What is an advantage of XML over HTTP, as compared to SOAP over HTTP, for web services? 

A. guaranteed delivery B. more security options C. smaller message size 

D. strongly typed parameters 

Answer: C 


Q60. A company has been using servlet and JSP technology for over seven years. The company's IT department is considering migrating to JSF technology. Which two drawbacks must the IT department consider during this migration? (Choose two.) 

A. JSF provides only a static set of built-in components. 

B. JSF reduces scalability because it synchronizes the creation of the form's component tree. 

C. JSF reduces scalability because it must store the view's component tree between requests. 

D. JSF reduces scalability because of the additional computational overhead of the JSF life cycle. 

E. JSF provides no built-in components forcing the development team to build everything from scratch. 

Answer: C,D