- Home
- Oracle
- Oracle IT Architecture Release 3 Essentials
- Oracle.1Z0-574.v2018-04-13.q176
- Question 136
Valid 1Z0-574 Dumps shared by ExamDiscuss.com for Helping Passing 1Z0-574 Exam! ExamDiscuss.com now offer the newest 1Z0-574 exam dumps, the ExamDiscuss.com 1Z0-574 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 1Z0-574 dumps with Test Engine here:
Access 1Z0-574 Dumps Premium Version
(176 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 136/176
Which of the following are true statements about the benefits of standardizing on a common security framework?
Correct Answer: A,B,E
Explanation/Reference:
In order to provide security in a consistent manner, a common set of infrastructure, e.g. a security framework, must be used. The purpose of this framework is to rationalize security across the enterprise by:
* Establishing a master set of security data that reflect the policies, IT resources, participants and their attributes across the entire domain of security
* Mapping organizational structures, computing resources, and users to roles in a way that clearly depicts access privileges for the organization
* Maintaining fine-grained access rules based on roles that have been established for the organization
* Propagating the master security data to individual applications and systems that enforce security (A)
* Detecting changes to security data residing on systems that have not been propagated from the master source of record, and sending alerts regarding these inconsistencies
* Providing common security services, such as authentication, authorization, credential mapping, auditing, etc. that solutions can leverage going forward in place of custom-developed and proprietary functions (B)
* Facilitating interoperability between systems and trust between security domains by acting as a trusted authority and brokering credentials as needed (E)
* Centrally managing security policies for SOA Service interactions
The security framework should provide these types of capabilities as a value-add to the existing infrastructure. The intent is not to discard the capabilities built into current applications, but rather to provide a common foundation that enhances security across the enterprise. Security enforcement can still be performed locally, but security data should be modeled and managed holistically.
Incorrect:
C: Not a main goal.
D: Ease of administration and auditing is not a main goal here.
Reference: Oracle Reference Architecture, Security , Release 3.1, 4.1.1 Purpose of a Security Framework
In order to provide security in a consistent manner, a common set of infrastructure, e.g. a security framework, must be used. The purpose of this framework is to rationalize security across the enterprise by:
* Establishing a master set of security data that reflect the policies, IT resources, participants and their attributes across the entire domain of security
* Mapping organizational structures, computing resources, and users to roles in a way that clearly depicts access privileges for the organization
* Maintaining fine-grained access rules based on roles that have been established for the organization
* Propagating the master security data to individual applications and systems that enforce security (A)
* Detecting changes to security data residing on systems that have not been propagated from the master source of record, and sending alerts regarding these inconsistencies
* Providing common security services, such as authentication, authorization, credential mapping, auditing, etc. that solutions can leverage going forward in place of custom-developed and proprietary functions (B)
* Facilitating interoperability between systems and trust between security domains by acting as a trusted authority and brokering credentials as needed (E)
* Centrally managing security policies for SOA Service interactions
The security framework should provide these types of capabilities as a value-add to the existing infrastructure. The intent is not to discard the capabilities built into current applications, but rather to provide a common foundation that enhances security across the enterprise. Security enforcement can still be performed locally, but security data should be modeled and managed holistically.
Incorrect:
C: Not a main goal.
D: Ease of administration and auditing is not a main goal here.
Reference: Oracle Reference Architecture, Security , Release 3.1, 4.1.1 Purpose of a Security Framework
- Question List (176q)
- Question 1: Which one of the following security strategies protects data...
- Question 2: Conceptually, the ORA model of a "modern UI" defines which t...
- Question 3: Which of the following are capabilities provided by the Moni...
- Question 4: Which statements arc true about Rich Internet Applications (...
- Question 5: The Mediation Layer in the Logical View of the Service-Orien...
- Question 6: The Oracle Reference Architecture (ORA) includes the central...
- Question 7: Your company has decided to create an Enterprise Architectur...
- Question 8: IT Strategies from Oracle (ITSO) includes many Enterprise So...
- Question 9: Oracle Entitlements Server (OES) provides fine grained autho...
- Question 10: Which of the following statements are true about the XACML s...
- Question 11: The three common goals of Information security are known as ...
- Question 12: Which of the following statements best describes how the dep...
- Question 13: The Conceptual, Logical, and Product Mapping architecture vi...
- Question 14: You are designing a mission-critical application that requir...
- Question 15: Which of the following are capabilities required for the Int...
- Question 16: Which statement best describes how the Oracle Reference Arch...
- Question 17: Which three primary components form IT Strategies from Oracl...
- Question 18: Which of the following statements pertaining to role-based a...
- Question 19: Which statement best describes the mapping of User Interacti...
- Question 20: Which of the following statements are true about asymmetric ...
- Question 21: Which of the following token profiles is not included in the...
- Question 22: Which of the following are types of policy considerations de...
- Question 23: You need to redesign your application to improve performance...
- Question 24: Which of the following is NOT a container capability?...
- Question 25: Interface elements are an important part of modular programm...
- Question 26: The Service-Oriented Integration architecture makes a distin...
- Question 27: Which of the following is least effective at deterring man-i...
- Question 28: Identify the true statements in the following list....
- Question 29: What does the Java EE Management Specification (JSR 77) prov...
- Question 30: What does Lifecycle Management Provisioning refer to?...
- Question 31: Which of the following statements are true about perimeter s...
- Question 32: Which of the following statements is true with respect to di...
- Question 33: Select the most appropriate reason why three-tier architectu...
- Question 34: Which product provides the standard communication protocols ...
- Question 35: Which caching mode does every write to the cache cause a syn...
- Question 36: Much as in modular programming, there are two ways that fede...
- Question 37: Assets may be packaged into deployable units by using a vari...
- Question 38: Which of the following are strategies for alert management w...
- Question 39: Where are the components of the client tier of the ORA UI lo...
- Question 40: Which three primary types of materials form an Enterprise Te...
- Question 41: What are the key differentiating characteristics of Oracle R...
- Question 42: For a large heterogeneous environment with a large number of...
- Question 43: A customer with an existing WebCenter portal wants to expand...
- Question 44: DES, 3DES and AES are types of:...
- Question 45: Which of the following are common uses of an Attribute Servi...
- Question 46: IT Strategies from Oracle (ITSO) Includes multiple Enterpris...
- Question 47: Bottom-up service Identification analyzes existing systems t...
- Question 48: As part of a company-wide IT Initiative to simplify and rati...
- Question 49: Which of the following statements are true about point to po...
- Question 50: Architecturally speaking, why might an organization deploy a...
- Question 51: Which of the following environments are typically clustered?...
- Question 52: What capabilities are provided by Oracle Enterprise Reposito...
- Question 53: Oracle Reference Architecture uses multiple views (as define...
- Question 54: Which WebCenter product Improves efficiency and productivity...
- Question 55: Which of the following standards states that every reusable ...
- Question 56: Which of the following statements are true about an end-to-e...
- Question 57: In order to support rapid development, which one of the foll...
- Question 58: Which of the following is not an objective or function of th...
- Question 59: AAPML and CARML are part of what standards effort?...
- Question 60: Which of the following statements about asset-centric engine...
- Question 61: Service-Oriented Integration creates a catalog of SOA Servic...
- Question 62: The Oracle Reference Architecture (ORA) includes the concept...
- Question 63: What does access to Consolidated Information in Complex Dist...
- Question 64: Which of the following best describes the role of the Manage...
- Question 65: Which of the following statements are true with regard to th...
- Question 66: Audit logging is a form of what type of access control mecha...
- Question 67: The Oracle Reference Architecture provides a specific defini...
- Question 68: Which of the following statements describes the relationship...
- Question 69: What is meant by cache hit rate or ratio?...
- Question 70: Enterprise Architecture consists of Business Architecture, A...
- Question 71: When two or more technology perspectives are combined, which...
- Question 72: What additional functions might an authentication service pe...
- Question 73: The Service-Oriented Integration (SOI) architecture includes...
- Question 74: Which of the following interactions does not occur as part o...
- Question 75: Choose the three statements from the following list that acc...
- Question 76: The Oracle Reference Architecture (ORA) contains both horizo...
- Question 77: What are the three key technical concepts related to Grid co...
- Question 78: Which of the following is NOT defined as a primary ORA compu...
- Question 79: Which of the following statements are true?...
- Question 80: How do you enable risk profiling on the Authentication Servi...
- Question 81: Which statement best describe the benefits of asset dependen...
- Question 82: Which of the following does Policy Management Compliance ref...
- Question 83: Which four components of the following list should be found ...
- Question 84: There are a number of ways to classify applications in order...
- Question 85: Select the two layers of ORA application infrastructure from...
- Question 86: Which of the following is not a key function of an identity ...
- Question 87: You are developing an Integration component that uses custom...
- Question 88: Which of the following are asset packaging best practices?...
- Question 89: What does ORA Engineering refer to as Round-Trip Engineering...
- Question 90: Which of the following options best describes the concept of...
- Question 91: The WebShipAnywhere company currently has a manual Order-to-...
- Question 92: Which principle should be applied when considering display d...
- Question 93: A customer has two separate lines of business and each has i...
- Question 94: Which of the following are the three major tiers of the Logi...
- Question 95: Service Oriented Integration (SOI) exposes capabilities from...
- Question 96: Which statement best describes the role of the Data Movement...
- Question 97: Which of the following are benefits of three-tier distribute...
- Question 98: Which of the following are the key drivers for Grid computin...
- Question 99: What are the three primary delivery models of Cloud computin...
- Question 100: Which of the following is not a characteristic of Cloud comp...
- Question 101: Which of the following statements are true about defense-in-...
- Question 102: Which statements are correct for service versioning within S...
- Question 103: You are working with an IT department that has embraced Serv...
- Question 104: Which statement best describes the role of the Data Normaliz...
- Question 105: Which of the following Oracle products provides a comprehens...
- Question 106: Which of the following statements are true about applying se...
- Question 107: Conceptually, management and monitoring capabilities consist...
- Question 108: What one the three primary concerns that developers followin...
- Question 109: Which statements best describe how architecture principles a...
- Question 110: Which statement best describes the relationship between a Se...
- Question 111: Which of the following capabilities are provided by containe...
- Question 112: Which statements are true with regard to authorization check...
- Question 113: Service composition is the creating of a new SOA Service by ...
- Question 114: Which of the following statements is true with respect to vi...
- Question 115: When mapping Oracle Products onto the Logical view, what is ...
- Question 116: Service-Oriented Integration is based on creating a catalogu...
- Question 117: Web Services are a natural fit for building distributed comp...
- Question 118: What shortcomings of the Version Control Systems drive the n...
- Question 119: Which of the following statements are true?...
- Question 120: Conventional Management and Monitoring tools focus and produ...
- Question 121: Which one of the following statements best describes authent...
- Question 122: What best describes the best practice deployment of Metadata...
- Question 123: Which of the following statements are true concerning, data ...
- Question 124: (Exhibit) The sequence diagram (attached) maps to the Model-...
- Question 125: Which statement best describes the reason why the Oracle Ref...
- Question 126: Which of the following are the implications of the architect...
- Question 127: The Product Mapping view of the Service-Oriented Integration...
- Question 128: The Service-Oriented Integration (SOI) architecture can be d...
- Question 129: Which statement best describes how Service-Oriented Integrat...
- Question 130: Which statement best describes the relationship between a SO...
- Question 131: Which of the following are phases of Service Management?...
- Question 132: What does the Identity Asserter do in a J2EE framework?...
- Question 133: Which statement best describes the relationship between the ...
- Question 134: BPM and SOA are frequently combined to provide greater busin...
- Question 135: Which of the following is not a valid type of SAML assertion...
- Question 136: Which of the following are true statements about the benefit...
- Question 137: Which statement best describes the relationship between Orac...
- Question 138: Which of the following are examples of dynamic modeling?...
- Question 139: Which statement most accurately describes the purpose of the...
- Question 140: Why is it necessary to have Integration of Metadata Reposito...
- Question 141: Which of the following statements best describes the ideal r...
- Question 142: Data is often said to exist in one of three states: 1. In mo...
- Question 143: How is state typically managed in the browser interface?...
- Question 144: There are various network topologies that can be used when d...
- Question 145: A longer term goal of Service-Oriented Integration (SOI) is ...
- Question 146: What is the main benefit of Utility Computing?...
- Question 147: Which of the following are ORA Engineering logical categorie...
- Question 148: Which statement best describes the use of point-to-point int...
- Question 149: ORA defines the concept of Data Grid. Which of the following...
- Question 150: Oracle Web Services Manager uses an agent-based approach to ...
- Question 151: A company is building a new customer self-service website. T...
- Question 152: Identify the true statements in the following list....
- Question 153: What are the benefits of the browser over traditional user I...
- Question 154: Which one of the following user classification schemes best ...
- Question 155: A modular approach has been taken to document the Oracle Ref...
- Question 156: Which statements are correct with regard to the layers in th...
- Question 157: Which of the following statements are true?...
- Question 158: Which statement best describes synchronous versus asynchrono...
- Question 159: Which of the following combinations represent a true multi-f...
- Question 160: Which of the following are examples of the management and vi...
- Question 161: Which are the major categories of ORA Engineering capabiliti...
- Question 162: Which of the following are primary parts of a SOA Service as...
- Question 163: What are the two primary approaches of visualization?...
- Question 164: Which of the following are architecture principles that pert...
- Question 165: Because each back-end system is running in a separate proces...
- Question 166: The principle of "Security as a Service" states that busines...
- Question 167: Which statement best describes the relationship between the ...
- Question 168: Credential mapping is done in order to create the proper cre...
- Question 169: Which of the following are common management and monitoring ...
- Question 170: How is Oracle Database Firewall (ODF) used to protect applic...
- Question 171: Which of the following is the most correct definition of Gri...
- Question 172: Which statement best describes the relationship between the ...
- Question 173: Which statement is true with respect to Metadata Repository ...
- Question 174: Which statements are correct for service contracts?...
- Question 175: Which one of the following types of access control should be...
- Question 176: Which of the following is not a part of the Oracle Reference...
