[Free] 2018(Jan) EnsurePass Examcollection Oracle 1z0-897 Dumps with VCE and PDF Download 11-20

Ensurepass.com : Ensure you pass the IT Exams 2018 Jan Oracle Official New Released 1z0-897
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/1z0-897.html

Java Platform, Enterprise Edition 6 Web Services Developer Certified Expert Exam

Question No: 11 – (Topic 0)

A developer is creating a web service endpoint using a stateless session EJB for the business logic of an application. Choose two methods to select role based access control for the business logic ? (Choose two)

  1. Using method-permission element in ejb-jar.xml

  2. Using .htaccess file in the application#39;s ear

  3. Using lt;security-rolegt; element in web.xml

  4. By specifying security annotations like @RolesAllowed in the EJB class

Answer: A,D

Question No: 12 – (Topic 0)

Which of the following security technology is not covered in Metro project? (Choose one.)

  1. WS-Trust

  2. WS-SecurityPolicy

  3. WS-SecureConversation

  4. XACML

Answer: D

Question No: 13 – (Topic 0)

A Web service needs to encrypt certain SOAP headers when responding. Which statement

about this encryption is true?

  1. The Web service runtime is the appropriate place for such encryption.

  2. The Web service business logic is the appropriate place for such encryption.

  3. Either the Web service business logic or runtime is appropriate for such encryption.

  4. Neither the Web service business logic nor runtime is appropriate for such encryption.

  5. Transport level security protocol like SSL should be used to meet the requirements without code changes.

Answer: A

Question No: 14 – (Topic 0)

An automobile manufacturer publishes a Web service for use by their suppliers. The manufacturer has stringent security requirements that require suppliers to verify their identity. Data integrity and confidentiality must be maintained between the client and the server. Which two meet all of these requirements? (Choose two.)

  1. X.509 and XKMS

  2. XACML and XKMS

  3. SSL and mutual authentication

  4. XML Encryption and XML Digital Signature

  5. Private network and XML Signature

Answer: C,D

Question No: 15 – (Topic 0)

Which two statements are true about public key digital signatures applied to Web services? (Choose two)

  1. The receiver verifies that the message matches the digital signature using its own private key.

  2. The sender creates a digital signature using its own private key and sends that signature along with the original document.

  3. The sender creates a digital signature using its own public key and sends that signature along with the original document.

  4. The receiver verifies that the message matches the digital signature using the sender#39;s public key.

Answer: B,D

Question No: 16 – (Topic 0)

Which of the following WS-Security token profiles is not supported in Metro?

  1. X509 Token Profile

  2. Kerberos Token Profile

  3. SAML Token Profile

  4. SOAP with Attachments (SWA) profile

  5. Right Expression Language (REL) Token Profile

Answer: E

Question No: 17 – (Topic 0)

Which security technologies are not included in WS-Security?

  1. encryption

  2. handshake for credential exchange and session establishment

  3. security tokens

  4. digital signatures

Answer: B

Question No: 18 – (Topic 0)

An automobile manufacturer publishes a Web service for use by their suppliers. The manufacturer has stringent security requirements that require suppliers to verify their identity. Data integrity and confidentiality must be maintained between the client and the server. Which two technologies can be used to meet the requirements? (Choose two)

  1. XACML and XKMS

  2. SSL with mutual authentication

  3. Message level security with WS-Security

  4. Private network and XML Signature

Answer: B,C

Question No: 19 – (Topic 0)

In designing the security for your enterprise application with multiple Web services, you don#39;t want that each of the services handle user authentication by itself. Then which of the following you can use in your design?

  1. enable secure conversation for each service

  2. a centralized Policy Decision Point (PDP) via XACML

  3. a Security Token Service (STS)

  4. use transport level security with SSL

Answer: C

Question No: 20 – (Topic 0)

A developer wants to use WebServiceContext in the web service endpoint. Which of the following is the correct way to get WebServiceContext object ? (Choose one)

  1. @WebService

    public class MyService {

    @WebServiceContext WebServiceContext ctxt; public String echo(String str) {

    }

  2. @WebService

    public class MyService { WebServiceContext ctxt; public String echo(String str) {

    ctxt = jndi.lookup(quot;java:com/env/WebServiceContextquot;);

    }

  3. @WebService

    public class MyService {

    @Inject WebServiceContext ctxt;

    public String echo(String str) {

    }

  4. @WebService

public class MyService {

@Resource WebServiceContext ctxt; public String echo(String str) {

}

Answer: D

100% Ensurepass Free Download!
Download Free Demo:1z0-897 Demo PDF
100% Ensurepass Free Guaranteed!
1z0-897 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No