weblogic interview questions and answers
The Lightweight Directory Access Protocol:
160.What Is LDAP?
The Lightweight Directory Access Protocol:
- Is derived from X.500
- Provides a hierarchical lookup
service
- Supports sophisticated searching
- Can be secured via SSL
161.Explain Security Realms?
- A security realm is a collection
of system resources and security service providers.
- Only one security realm can be
active at a given time.
- A single security policy is used
in any realm.
- Users must be recognized by an
authentication provider of the security realm.
- Administration tasks include
creating security realms.
162.What Is SSL?
Secure Sockets Layer (SSL) is a protocol that enables:
- Connection security through
encryption
- A server to authenticate to a
client
- A client to authenticate to a
server (optional)
- Data integrity such that the data
that flows between a client and server is protected from tampering by a
third party
163.What
Is a Deployment Plan?
§ It is
an optional XML document that resides outside an application archive.
§ It
configures an application for deployment to a specific WLS environment.
It is
created and owned by administrators or developers for a particular environment.
A JavaEE
deployment plan:
§ Is an
XML file that is associated with an application
§ Resides
outside an application archive
§ Sets or
overrides the values in the JavaEE deployment descriptors
Allows
a single application to be easily customized to multiple deployment
environments
164.What are the Advantages of Production Redeployment?
Saves the trouble of:
§ Scheduling
application downtime
§ Setting
up redundant servers to host new application versions
§ Managing
client access to multiple application versions manually
§ Retiring
older versions of an application manually
§ Explain about Packaging Applications?
§ When
you deploy applications to a single Managed Server, you can deploy the
applications in an exploded format.
§ Oracle
recommends deploying packaged applications to a cluster of Managed Servers as
.war, .ear, or .jar file
165.What are the Oracle WebLogic Server SSL Requirements?
§
To
enable Oracle WebLogic Server SSL, you must:
§ Obtain
an appropriate digital certificate
§ Install
the certificate
§ Configure
SSL properties
§ Configure
two-way authentication (if desired)
§ SSL
impacts performance.
166.What is the user of keytool Utility in WLS?
§ keytool
is a standard J2SE SDK utility for managing:
§ The
generation of private keys and the corresponding digital certificates
§ Keystores
(databases) of private keys and the associated certificates
§ The
keytool utility can the display certificate and keystore contents.
167.How WLS Protecting Against Attacks? What kinds of Attacks
are there?
§
WLS can
help protect applications against several attacks:
§ Man-in-the-middle
attacks
§ Denial
of service (DoS) attacks
§ Large
buffer attacks
§ Connection
starvation attacks
§ The
slides that follow detail the countermeasures that WLS provides to address
these attacks.
168.Explain about Man-in-the-Middle Attacks?
§ In the
“man-in-the-middle” attack, a third party poses as a destination host
intercepting messages between the client and the real host.
§ Instead
of issuing the real destination host’s SSL certificate, the attacker issues his
or her own hoping that the client would accept it as being from the real
destination host.
§ The
“man-in-the-middle” attacks can be resisted by using
a Host Name Verifier.
§ A Host
Name Verifier validates that the host to which an SSL connection is made is the
intended or authorized party.
§ WLS
provides a Host Name Verifier by default.
§ A
custom Host Name Verifier can be created by implementing the interface
weblogic.security.SSL.HostnameVerifier
169.Explain about Denial of Service Attacks (DOS)?
§ DoS attacks are attempts by attackers to prevent legitimate
users of a service from using that service.
§ There are three basic types of attack:
§ Consumption of scarce, limited, or nonrenewable resources
§ Destruction or alteration of configuration information
§ Physical destruction or alteration of network components
Harden WLS against “denial of service” attacks by:
§ Filtering incoming network connections
§ Configuring consumable WLS resources with the appropriate
threshold and quotas
§ Limiting access to configuration information and backing up
configuration files
§ Preventing unauthorized access by protecting passwords against
password-guessing attacks
170.Explain about Filtering Network Connections?
§
WLS can
be configured to accept or deny network connections based on the origin of the
client.
This
feature can be used to:
Restrict
the location from which connections to WLS are made
Restrict
the type of connection made, that is, allow only SSL connections and reject all
others
§ To
filter network connections, create a class that implements the ConnectionFilter
interface and install it using the Administration Console.
171.Explain about Large Buffer Attacks?
- Individuals can try to bring down
a Web site by sending a large buffer of data, which starves the system of
memory.
- Administrators can combat this
attack by setting a threshold for incoming data.
172.Explain about Connection Starvation?
- Individuals can try to take down
a Web site by sending small, incomplete messages that cause the server to
wait.
- Administrators can combat this
attack by setting a threshold.
- Connections time out while
waiting for the remainder of the data if they have reached the threshold
set by the administrator.
173.Explain about User Lockout?
- Individuals attempt to hack into
a computer using various combinations of usernames and passwords.
- Administrators can protect
against this security attack by setting the lockout attributes.
- The administrator can unlock a
locked user using the console.
174.How will you Protecting the Administration Console?
- You can configure a separate
administration port for all administration traffic.
- You can change the Context path
of the console.
- You can disable the console
(application).
175.What are the advantages of Deployment Plan?
- Works by setting or overriding
the deployment property values that are defined in an application’s WLS
deployment descriptor
- Helps
to easily modify an application’s WLS configuration for deployment into
different multiple WLS environments without modifying the deployment
descriptor files that are included in the application archive
Enables an application to be deployed to multiple domains or to
multiple target servers and clusters that have a different configuration within
the same
1. domain
176.What is the user of weblogic.PlanGenerator?
1. Is a
Java-based deployment configuration tool
2. Is
primarily intended for developers who want to export portions of an Oracle
WebLogic Server deployment configuration into an XML deployment plan
3. Enables
you to generate a basic Oracle WebLogic Server configuration for applications
that have only J2EE deployment descriptors
177.How will you generate a Deployment Plan Using the
Administration Console?
1. The
Administration Console automatically generates or updates the deployment plan.
2. You can generate a deployment plan using the Administration
Console using the following steps:
§ Prepare
the deployment files.
§ Install
the application archive.
§ Save
the configuration changes to a deployment plan.
178.How many types of Staged Deployment are available in WLS?
You can configure deployment per server or for each application
as:
1. staged (default): Files are copied to the preconfigured staging directory for
preparation and activation.
2. nostage: Files are deployed from a static location.
3. external_stage: Files are copied by a
user or a third-party tool before deployment.
179.Explain about Production Redeployment?
1. You can redeploy a revised version of a production application
alongside the older version:
§ Without
affecting the existing clients to the application
§ Without
interrupting the availability of the application to the new client request
2. Oracle WebLogic Server automatically manages client connections
so that:
§ Existing
clients continue to use the older application
§ New
client requests are directed to the newer application
The
older version is undeployed after all current clients complete their work.
180.Explain about Application Availability, after
deploying/install to WLS?
1. By
default, when an application is redeployed:
§ It is
unavailable to clients for a brief time
§ Existing
clients lose any conversational state
2. Some
types of applications require availability 24 hours a day, seven days a week.
3. Third-party
proxy solutions are possible, but they require multiple servers.
.jpg)
0 comments:
Post a Comment