Valid 1Z0-574 Dumps shared by ExamDiscuss.com for Helping Passing 1Z0-574 Exam! ExamDiscuss.com now offer the newest 1Z0-574 exam dumps, the ExamDiscuss.com 1Z0-574 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 1Z0-574 dumps with Test Engine here:
Access 1Z0-574 Dumps Premium Version
(176 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 27/176
Which of the following is least effective at deterring man-in-the-middle attacks?
Correct Answer: C
Explanation/Reference:
In order to avoid man-in-the-middle attacks a security framework must have capabilities such as:
* Logging in users without the need to type passwords or PINs (not D)
* Dynamically challenging the user for different information, e.g., asking a random question for which only the user will know the answer
* Encrypting and signing transmissions from the client to the back end server (not A)
* Detecting replays using embedded transaction ids or timestamps (not E)
* Presenting proof to the user that the site they are visiting is authentic Propagating a single proof object, or assertion, can be susceptible to man-in-the-middle attacks and replay attacks. If a rogue entity observes an assertion, it could reuse that assertion for illegitimate requests.
Possible solutions include:
* (not B) Invalidate the assertion after every request. In the case of chained SOA Services, service providers must verify each assertion they receives with the authority. The authority can invalidate assertions in its internal cache. Any future verifications with the same assertion would fail. SOA Service providers would need to obtain a new assertion in order to make subsequent service requests. This solves both types of problems mentioned above.
* (not E) Reduce and enforce the assertion's time to live attribute. This would narrow the window of opportunity to reuse an assertion. The assertion would have to be captured and reused in a short period of time (programmatically vs. manually).
While this limits the potential for man-in-the-middle attacks, it's not as effective for replay attacks
* Require the signature of a trusted service consumer (client application) in addition to the signed assertion. The caller's signature should cover the assertion to bind it to the message. If all service consumers are required to sign their request messages, then service providers can be shielded from rogue clients, thereby preventing man-in-the-middle attacks.
This solution would need to be enhanced to solve replay attacks. One option is to include a unique request id, timestamp, or sequence number in the request. The target resource could maintain a cache of ids and refuse duplicate requests. A common request id service could be created to issue unique request ids and validate all requests that are received within the security domain Reference: Oracle Reference Architecture, Security , Release 3.1
In order to avoid man-in-the-middle attacks a security framework must have capabilities such as:
* Logging in users without the need to type passwords or PINs (not D)
* Dynamically challenging the user for different information, e.g., asking a random question for which only the user will know the answer
* Encrypting and signing transmissions from the client to the back end server (not A)
* Detecting replays using embedded transaction ids or timestamps (not E)
* Presenting proof to the user that the site they are visiting is authentic Propagating a single proof object, or assertion, can be susceptible to man-in-the-middle attacks and replay attacks. If a rogue entity observes an assertion, it could reuse that assertion for illegitimate requests.
Possible solutions include:
* (not B) Invalidate the assertion after every request. In the case of chained SOA Services, service providers must verify each assertion they receives with the authority. The authority can invalidate assertions in its internal cache. Any future verifications with the same assertion would fail. SOA Service providers would need to obtain a new assertion in order to make subsequent service requests. This solves both types of problems mentioned above.
* (not E) Reduce and enforce the assertion's time to live attribute. This would narrow the window of opportunity to reuse an assertion. The assertion would have to be captured and reused in a short period of time (programmatically vs. manually).
While this limits the potential for man-in-the-middle attacks, it's not as effective for replay attacks
* Require the signature of a trusted service consumer (client application) in addition to the signed assertion. The caller's signature should cover the assertion to bind it to the message. If all service consumers are required to sign their request messages, then service providers can be shielded from rogue clients, thereby preventing man-in-the-middle attacks.
This solution would need to be enhanced to solve replay attacks. One option is to include a unique request id, timestamp, or sequence number in the request. The target resource could maintain a cache of ids and refuse duplicate requests. A common request id service could be created to issue unique request ids and validate all requests that are received within the security domain Reference: Oracle Reference Architecture, Security , Release 3.1
- Question List (176q)
- Question 1: Which one of the following security strategies protects data...
- Question 2: Conceptually, the ORA model of a "modern UI" defines which t...
- Question 3: Which of the following are capabilities provided by the Moni...
- Question 4: Which statements arc true about Rich Internet Applications (...
- Question 5: The Mediation Layer in the Logical View of the Service-Orien...
- Question 6: The Oracle Reference Architecture (ORA) includes the central...
- Question 7: Your company has decided to create an Enterprise Architectur...
- Question 8: IT Strategies from Oracle (ITSO) includes many Enterprise So...
- Question 9: Oracle Entitlements Server (OES) provides fine grained autho...
- Question 10: Which of the following statements are true about the XACML s...
- Question 11: The three common goals of Information security are known as ...
- Question 12: Which of the following statements best describes how the dep...
- Question 13: The Conceptual, Logical, and Product Mapping architecture vi...
- Question 14: You are designing a mission-critical application that requir...
- Question 15: Which of the following are capabilities required for the Int...
- Question 16: Which statement best describes how the Oracle Reference Arch...
- Question 17: Which three primary components form IT Strategies from Oracl...
- Question 18: Which of the following statements pertaining to role-based a...
- Question 19: Which statement best describes the mapping of User Interacti...
- Question 20: Which of the following statements are true about asymmetric ...
- Question 21: Which of the following token profiles is not included in the...
- Question 22: Which of the following are types of policy considerations de...
- Question 23: You need to redesign your application to improve performance...
- Question 24: Which of the following is NOT a container capability?...
- Question 25: Interface elements are an important part of modular programm...
- Question 26: The Service-Oriented Integration architecture makes a distin...
- Question 27: Which of the following is least effective at deterring man-i...
- Question 28: Identify the true statements in the following list....
- Question 29: What does the Java EE Management Specification (JSR 77) prov...
- Question 30: What does Lifecycle Management Provisioning refer to?...
- Question 31: Which of the following statements are true about perimeter s...
- Question 32: Which of the following statements is true with respect to di...
- Question 33: Select the most appropriate reason why three-tier architectu...
- Question 34: Which product provides the standard communication protocols ...
- Question 35: Which caching mode does every write to the cache cause a syn...
- Question 36: Much as in modular programming, there are two ways that fede...
- Question 37: Assets may be packaged into deployable units by using a vari...
- Question 38: Which of the following are strategies for alert management w...
- Question 39: Where are the components of the client tier of the ORA UI lo...
- Question 40: Which three primary types of materials form an Enterprise Te...
- Question 41: What are the key differentiating characteristics of Oracle R...
- Question 42: For a large heterogeneous environment with a large number of...
- Question 43: A customer with an existing WebCenter portal wants to expand...
- Question 44: DES, 3DES and AES are types of:...
- Question 45: Which of the following are common uses of an Attribute Servi...
- Question 46: IT Strategies from Oracle (ITSO) Includes multiple Enterpris...
- Question 47: Bottom-up service Identification analyzes existing systems t...
- Question 48: As part of a company-wide IT Initiative to simplify and rati...
- Question 49: Which of the following statements are true about point to po...
- Question 50: Architecturally speaking, why might an organization deploy a...
- Question 51: Which of the following environments are typically clustered?...
- Question 52: What capabilities are provided by Oracle Enterprise Reposito...
- Question 53: Oracle Reference Architecture uses multiple views (as define...
- Question 54: Which WebCenter product Improves efficiency and productivity...
- Question 55: Which of the following standards states that every reusable ...
- Question 56: Which of the following statements are true about an end-to-e...
- Question 57: In order to support rapid development, which one of the foll...
- Question 58: Which of the following is not an objective or function of th...
- Question 59: AAPML and CARML are part of what standards effort?...
- Question 60: Which of the following statements about asset-centric engine...
- Question 61: Service-Oriented Integration creates a catalog of SOA Servic...
- Question 62: The Oracle Reference Architecture (ORA) includes the concept...
- Question 63: What does access to Consolidated Information in Complex Dist...
- Question 64: Which of the following best describes the role of the Manage...
- Question 65: Which of the following statements are true with regard to th...
- Question 66: Audit logging is a form of what type of access control mecha...
- Question 67: The Oracle Reference Architecture provides a specific defini...
- Question 68: Which of the following statements describes the relationship...
- Question 69: What is meant by cache hit rate or ratio?...
- Question 70: Enterprise Architecture consists of Business Architecture, A...
- Question 71: When two or more technology perspectives are combined, which...
- Question 72: What additional functions might an authentication service pe...
- Question 73: The Service-Oriented Integration (SOI) architecture includes...
- Question 74: Which of the following interactions does not occur as part o...
- Question 75: Choose the three statements from the following list that acc...
- Question 76: The Oracle Reference Architecture (ORA) contains both horizo...
- Question 77: What are the three key technical concepts related to Grid co...
- Question 78: Which of the following is NOT defined as a primary ORA compu...
- Question 79: Which of the following statements are true?...
- Question 80: How do you enable risk profiling on the Authentication Servi...
- Question 81: Which statement best describe the benefits of asset dependen...
- Question 82: Which of the following does Policy Management Compliance ref...
- Question 83: Which four components of the following list should be found ...
- Question 84: There are a number of ways to classify applications in order...
- Question 85: Select the two layers of ORA application infrastructure from...
- Question 86: Which of the following is not a key function of an identity ...
- Question 87: You are developing an Integration component that uses custom...
- Question 88: Which of the following are asset packaging best practices?...
- Question 89: What does ORA Engineering refer to as Round-Trip Engineering...
- Question 90: Which of the following options best describes the concept of...
- Question 91: The WebShipAnywhere company currently has a manual Order-to-...
- Question 92: Which principle should be applied when considering display d...
- Question 93: A customer has two separate lines of business and each has i...
- Question 94: Which of the following are the three major tiers of the Logi...
- Question 95: Service Oriented Integration (SOI) exposes capabilities from...
- Question 96: Which statement best describes the role of the Data Movement...
- Question 97: Which of the following are benefits of three-tier distribute...
- Question 98: Which of the following are the key drivers for Grid computin...
- Question 99: What are the three primary delivery models of Cloud computin...
- Question 100: Which of the following is not a characteristic of Cloud comp...
- Question 101: Which of the following statements are true about defense-in-...
- Question 102: Which statements are correct for service versioning within S...
- Question 103: You are working with an IT department that has embraced Serv...
- Question 104: Which statement best describes the role of the Data Normaliz...
- Question 105: Which of the following Oracle products provides a comprehens...
- Question 106: Which of the following statements are true about applying se...
- Question 107: Conceptually, management and monitoring capabilities consist...
- Question 108: What one the three primary concerns that developers followin...
- Question 109: Which statements best describe how architecture principles a...
- Question 110: Which statement best describes the relationship between a Se...
- Question 111: Which of the following capabilities are provided by containe...
- Question 112: Which statements are true with regard to authorization check...
- Question 113: Service composition is the creating of a new SOA Service by ...
- Question 114: Which of the following statements is true with respect to vi...
- Question 115: When mapping Oracle Products onto the Logical view, what is ...
- Question 116: Service-Oriented Integration is based on creating a catalogu...
- Question 117: Web Services are a natural fit for building distributed comp...
- Question 118: What shortcomings of the Version Control Systems drive the n...
- Question 119: Which of the following statements are true?...
- Question 120: Conventional Management and Monitoring tools focus and produ...
- Question 121: Which one of the following statements best describes authent...
- Question 122: What best describes the best practice deployment of Metadata...
- Question 123: Which of the following statements are true concerning, data ...
- Question 124: (Exhibit) The sequence diagram (attached) maps to the Model-...
- Question 125: Which statement best describes the reason why the Oracle Ref...
- Question 126: Which of the following are the implications of the architect...
- Question 127: The Product Mapping view of the Service-Oriented Integration...
- Question 128: The Service-Oriented Integration (SOI) architecture can be d...
- Question 129: Which statement best describes how Service-Oriented Integrat...
- Question 130: Which statement best describes the relationship between a SO...
- Question 131: Which of the following are phases of Service Management?...
- Question 132: What does the Identity Asserter do in a J2EE framework?...
- Question 133: Which statement best describes the relationship between the ...
- Question 134: BPM and SOA are frequently combined to provide greater busin...
- Question 135: Which of the following is not a valid type of SAML assertion...
- Question 136: Which of the following are true statements about the benefit...
- Question 137: Which statement best describes the relationship between Orac...
- Question 138: Which of the following are examples of dynamic modeling?...
- Question 139: Which statement most accurately describes the purpose of the...
- Question 140: Why is it necessary to have Integration of Metadata Reposito...
- Question 141: Which of the following statements best describes the ideal r...
- Question 142: Data is often said to exist in one of three states: 1. In mo...
- Question 143: How is state typically managed in the browser interface?...
- Question 144: There are various network topologies that can be used when d...
- Question 145: A longer term goal of Service-Oriented Integration (SOI) is ...
- Question 146: What is the main benefit of Utility Computing?...
- Question 147: Which of the following are ORA Engineering logical categorie...
- Question 148: Which statement best describes the use of point-to-point int...
- Question 149: ORA defines the concept of Data Grid. Which of the following...
- Question 150: Oracle Web Services Manager uses an agent-based approach to ...
- Question 151: A company is building a new customer self-service website. T...
- Question 152: Identify the true statements in the following list....
- Question 153: What are the benefits of the browser over traditional user I...
- Question 154: Which one of the following user classification schemes best ...
- Question 155: A modular approach has been taken to document the Oracle Ref...
- Question 156: Which statements are correct with regard to the layers in th...
- Question 157: Which of the following statements are true?...
- Question 158: Which statement best describes synchronous versus asynchrono...
- Question 159: Which of the following combinations represent a true multi-f...
- Question 160: Which of the following are examples of the management and vi...
- Question 161: Which are the major categories of ORA Engineering capabiliti...
- Question 162: Which of the following are primary parts of a SOA Service as...
- Question 163: What are the two primary approaches of visualization?...
- Question 164: Which of the following are architecture principles that pert...
- Question 165: Because each back-end system is running in a separate proces...
- Question 166: The principle of "Security as a Service" states that busines...
- Question 167: Which statement best describes the relationship between the ...
- Question 168: Credential mapping is done in order to create the proper cre...
- Question 169: Which of the following are common management and monitoring ...
- Question 170: How is Oracle Database Firewall (ODF) used to protect applic...
- Question 171: Which of the following is the most correct definition of Gri...
- Question 172: Which statement best describes the relationship between the ...
- Question 173: Which statement is true with respect to Metadata Repository ...
- Question 174: Which statements are correct for service contracts?...
- Question 175: Which one of the following types of access control should be...
- Question 176: Which of the following is not a part of the Oracle Reference...
