Monday, 18 June 2012

WEBLOGIC SERVER FAQ(ANS)--11

weblogic interview questions and answers

160.What Is LDAP? 

The Lightweight Directory Access Protocol:
    • Is derived from X.500
    • Provides a hierarchical lookup service
    • Supports sophisticated searching
    • Can be secured via SSL
161.Explain Security Realms?
    • A security realm is a collection of system resources and security service providers.
    • Only one security realm can be active at a given time.
    • A single security policy is used in any realm.
    • Users must be recognized by an authentication provider of the security realm.
    • Administration tasks include creating security realms.
162.What Is SSL? 

Secure Sockets Layer (SSL) is a protocol that enables:
    • Connection security through encryption
    • A server to authenticate to a client
    • A client to authenticate to a server (optional)
    • Data integrity such that the data that flows between a client and server is protected from tampering by a third party
163.What Is a Deployment Plan?

§                           It is an optional XML document that resides outside an application archive.
§                            It configures an application for deployment to a specific WLS environment.
     It is created and owned by administrators or developers for a particular environment.
A JavaEE deployment plan:
§  Is an XML file that is associated with an application
§  Resides outside an application archive
§  Sets or overrides the values in the JavaEE deployment descriptors
Allows a single application to be easily customized to multiple deployment environments

164.What are the Advantages of Production Redeployment?



Saves the trouble of:

§  Scheduling application downtime
§  Setting up redundant servers to host new application versions
§  Managing client access to multiple application versions manually
§  Retiring older versions of an application manually
§  Explain about Packaging Applications?
§  When you deploy applications to a single Managed Server, you can deploy the applications in an exploded format.
§  Oracle recommends deploying packaged applications to a cluster of Managed Servers as .war, .ear, or .jar file

165.What are the Oracle WebLogic Server SSL Requirements?
§  
To enable Oracle WebLogic Server SSL, you must:
§  Obtain an appropriate digital certificate
§  Install the certificate
§  Configure SSL properties
§  Configure two-way authentication (if desired)
§  SSL impacts performance.

166.What is the user of keytool Utility in WLS?

§  keytool is a standard J2SE SDK utility for managing:
§  The generation of private keys and the corresponding digital certificates
§  Keystores (databases) of private keys and the associated certificates
§  The keytool utility can the display certificate and keystore contents.

167.How WLS Protecting Against Attacks? What kinds of Attacks are there?
§  
WLS can help protect applications against several attacks:
§  Man-in-the-middle attacks
§  Denial of service (DoS) attacks
§  Large buffer attacks
§  Connection starvation attacks
§  The slides that follow detail the countermeasures that WLS provides to address these attacks.

168.Explain about Man-in-the-Middle Attacks?

§  In the “man-in-the-middle” attack, a third party poses as a destination host intercepting messages between the client and the real host.
§  Instead of issuing the real destination host’s SSL certificate, the attacker issues his or her own hoping that the client would accept it as being from the real destination host.
§  The “man-in-the-middle” attacks can be resisted by using 

a Host Name Verifier.

§  A Host Name Verifier validates that the host to which an SSL connection is made is the intended or authorized party.
§  WLS provides a Host Name Verifier by default.
§  A custom Host Name Verifier can be created by implementing the interface weblogic.security.SSL.HostnameVerifier

169.Explain about Denial of Service Attacks (DOS)?

§  DoS attacks are attempts by attackers to prevent legitimate users of a service from using that service.
§  There are three basic types of attack:
§  Consumption of scarce, limited, or nonrenewable resources
§  Destruction or alteration of configuration information
§  Physical destruction or alteration of network components
Harden WLS against “denial of service” attacks by:
§  Filtering incoming network connections
§  Configuring consumable WLS resources with the appropriate threshold and quotas
§  Limiting access to configuration information and backing up configuration files
§  Preventing unauthorized access by protecting passwords against password-guessing attacks

170.Explain about Filtering Network Connections?
§                     
          WLS can be configured to accept or deny network connections based on the origin of the client.
      This feature can be used to:
      Restrict the location from which connections to WLS are made
      Restrict the type of connection made, that is, allow only SSL connections and reject all others
§                              To filter network connections, create a class that implements the ConnectionFilter interface and install it        using the Administration Console.

171.Explain about Large Buffer Attacks?
    • Individuals can try to bring down a Web site by sending a large buffer of data, which starves the system of memory.
    • Administrators can combat this attack by setting a threshold for incoming data.
172.Explain about Connection Starvation?
    • Individuals can try to take down a Web site by sending small, incomplete messages that cause the server to wait.
    • Administrators can combat this attack by setting a threshold.
    • Connections time out while waiting for the remainder of the data if they have reached the threshold set by the administrator.
173.Explain about User Lockout?
    • Individuals attempt to hack into a computer using various combinations of usernames and passwords.
    • Administrators can protect against this security attack by setting the lockout attributes.
    • The administrator can unlock a locked user using the console.
174.How will you Protecting the Administration Console?
    • You can configure a separate administration port for all administration traffic.
    • You can change the Context path of the console.
    • You can disable the console (application).
175.What are the advantages of Deployment Plan?
    • Works by setting or overriding the deployment property values that are defined in an application’s WLS deployment descriptor
    • Helps to easily modify an application’s WLS configuration for deployment into different multiple WLS environments without modifying the deployment descriptor files that are included in the application archive
Enables an application to be deployed to multiple domains or to multiple target servers and clusters that have a different configuration within the same
1.     domain

176.What is the user of weblogic.PlanGenerator?

1.     Is a Java-based deployment configuration tool
2.     Is primarily intended for developers who want to export portions of an Oracle WebLogic Server deployment configuration into an XML deployment plan
3.     Enables you to generate a basic Oracle WebLogic Server configuration for applications that have only J2EE deployment descriptors

177.How will you generate a Deployment Plan Using the Administration Console?

1.     The Administration Console automatically generates or updates the deployment plan.
2.     You can generate a deployment plan using the Administration Console using the following steps:
§  Prepare the deployment files.
§  Install the application archive.
§  Save the configuration changes to a deployment plan.

178.How many types of Staged Deployment are available in WLS?

You can configure deployment per server or for each application as:
1.     staged (default): Files are copied to the preconfigured staging directory for preparation and activation.
2.     nostage: Files are deployed from a static location.
3.     external_stage: Files are copied by a user or a third-party tool before deployment.

179.Explain about Production Redeployment?

1.     You can redeploy a revised version of a production application alongside the older version:
§  Without affecting the existing clients to the application
§  Without interrupting the availability of the application to the new client request
2.     Oracle WebLogic Server automatically manages client connections so that:
§  Existing clients continue to use the older application
§  New client requests are directed to the newer application
The older version is undeployed after all current clients complete their work.

180.Explain about Application Availability, after deploying/install to WLS?

1.     By default, when an application is redeployed:
§  It is unavailable to clients for a brief time
§  Existing clients lose any conversational state
2.     Some types of applications require availability 24 hours a day, seven days a week.
3.     Third-party proxy solutions are possible, but they require multiple servers.


Reactions:

0 comments:

Post a Comment