[Free] 2018(Jan) EnsurePass Testinsides Oracle 1z0-897 Dumps with VCE and PDF 11-20 | Cisco Certifications Dumps Free Real Practice Q&A

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Oracle Official New Released 1z0-897
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/1z0-897.html

Java Platform, Enterprise Edition 6 Web Services Developer Certified Expert Exam

Question No: 11 – (Topic 0)

A developer is creating a web service endpoint using a stateless session EJB for the business logic of an application. Choose two methods to select role based access control for the business logic ? (Choose two)

Using method-permission element in ejb-jar.xml
Using .htaccess file in the application#39;s ear
Using lt;security-rolegt; element in web.xml
By specifying security annotations like @RolesAllowed in the EJB class

Answer: A,D

Question No: 12 – (Topic 0)

Which of the following security technology is not covered in Metro project? (Choose one.)

WS-Trust
WS-SecurityPolicy
WS-SecureConversation
XACML

Answer: D

Question No: 13 – (Topic 0)

A Web service needs to encrypt certain SOAP headers when responding. Which statement

about this encryption is true?

The Web service runtime is the appropriate place for such encryption.
The Web service business logic is the appropriate place for such encryption.
Either the Web service business logic or runtime is appropriate for such encryption.
Neither the Web service business logic nor runtime is appropriate for such encryption.
Transport level security protocol like SSL should be used to meet the requirements without code changes.

Answer: A

Question No: 14 – (Topic 0)

An automobile manufacturer publishes a Web service for use by their suppliers. The manufacturer has stringent security requirements that require suppliers to verify their identity. Data integrity and confidentiality must be maintained between the client and the server. Which two meet all of these requirements? (Choose two.)

X.509 and XKMS
XACML and XKMS
SSL and mutual authentication
XML Encryption and XML Digital Signature
Private network and XML Signature

Answer: C,D

Question No: 15 – (Topic 0)

Which two statements are true about public key digital signatures applied to Web services? (Choose two)

The receiver verifies that the message matches the digital signature using its own private key.
The sender creates a digital signature using its own private key and sends that signature along with the original document.
The sender creates a digital signature using its own public key and sends that signature along with the original document.
The receiver verifies that the message matches the digital signature using the sender#39;s public key.

Answer: B,D

Question No: 16 – (Topic 0)

Which of the following WS-Security token profiles is not supported in Metro?

X509 Token Profile
Kerberos Token Profile
SAML Token Profile
SOAP with Attachments (SWA) profile
Right Expression Language (REL) Token Profile

Answer: E

Question No: 17 – (Topic 0)

Which security technologies are not included in WS-Security?

encryption
handshake for credential exchange and session establishment
security tokens
digital signatures

Answer: B

Question No: 18 – (Topic 0)

XACML and XKMS
SSL with mutual authentication
Message level security with WS-Security
Private network and XML Signature

Answer: B,C

Question No: 19 – (Topic 0)

In designing the security for your enterprise application with multiple Web services, you don#39;t want that each of the services handle user authentication by itself. Then which of the following you can use in your design?

enable secure conversation for each service
a centralized Policy Decision Point (PDP) via XACML
a Security Token Service (STS)
use transport level security with SSL

Answer: C

Question No: 20 – (Topic 0)

A developer wants to use WebServiceContext in the web service endpoint. Which of the following is the correct way to get WebServiceContext object ? (Choose one)

@WebService

public class MyService {

@WebServiceContext WebServiceContext ctxt; public String echo(String str) {

…

}
@WebService

public class MyService { WebServiceContext ctxt; public String echo(String str) {

ctxt = jndi.lookup(quot;java:com/env/WebServiceContextquot;);

}
@WebService

public class MyService {

@Inject WebServiceContext ctxt;

public String echo(String str) {

…

}
@WebService

public class MyService {

@Resource WebServiceContext ctxt; public String echo(String str) {

…

}