163.What Is a Deployment Plan?
- It is an optional XML document that resides outside an application archive.
- It configures an application for deployment to a specific WLS environment.
- It is created and owned by administrators or developers for a particular environment.
A JavaEE deployment plan:
- Is an XML file that is associated with an application
- Resides outside an application archive
- Sets or overrides the values in the JavaEE deployment descriptors
Allows a single application to be easily customized to multiple deployment environments
164.What are the Advantages of Production Redeployment?
Saves the trouble of:
- Scheduling application downtime
- Setting up redundant servers to host new application versions
- Managing client access to multiple application versions manually
- Retiring older versions of an application manually
- Explain about Packaging Applications?
- When you deploy applications to a single Managed Server, you can deploy the applications in an exploded format.
- Oracle recommends deploying packaged applications to a cluster of Managed Servers as .war, .ear, or .jar file
165.What are the Oracle WebLogic Server SSL Requirements?
- To enable Oracle WebLogic Server SSL, you must:
- Obtain an appropriate digital certificate
- Install the certificate
- Configure SSL properties
- Configure two-way authentication (if desired)
166.What is the user of keytool Utility in WLS?
- keytool is a standard J2SE SDK utility for managing:
- The generation of private keys and the corresponding digital certificates
- Keystores (databases) of private keys and the associated certificates
- The keytool utility can the display certificate and keystore contents.
167.How WLS Protecting Against Attacks? What kinds of Attacks are there?
- WLS can help protect applications against several attacks:
- Man-in-the-middle attacks
- Denial of service (DoS) attacks
- Large buffer attacks
- Connection starvation attacks
- The slides that follow detail the countermeasures that WLS provides to address these attacks.
168.Explain about Man-in-the-Middle Attacks?
- In the “man-in-the-middle” attack, a third party poses as a destination host intercepting messages between the client and the real host.
- Instead of issuing the real destination host’s SSL certificate, the attacker issues his or her own hoping that the client would accept it as being from the real destination host.
- The “man-in-the-middle” attacks can be resisted by using
a Host Name Verifier.
- A Host Name Verifier validates that the host to which an SSL connection is made is the intended or authorized party.
- WLS provides a Host Name Verifier by default.
- A custom Host Name Verifier can be created by implementing the interface weblogic.security.SSL.HostnameVerifier
169.Explain about Denial of Service Attacks (DOS)?
- DoS attacks are attempts by attackers to prevent legitimate users of a service from using that service.
- There are three basic types of attack:
- Consumption of scarce, limited, or nonrenewable resources
- Destruction or alteration of configuration information
- Physical destruction or alteration of network components
Harden WLS against “denial of service” attacks by:
- Filtering incoming network connections
- Configuring consumable WLS resources with the appropriate threshold and quotas
- Limiting access to configuration information and backing up configuration files
- Preventing unauthorized access by protecting passwords against password-guessing attacks
170.Explain about Filtering Network Connections?
- WLS can be configured to accept or deny network connections based on the origin of the client.
- This feature can be used to:
- Restrict the location from which connections to WLS are made
- Restrict the type of connection made, that is, allow only SSL connections and reject all others
- To filter network connections, create a class that implements the ConnectionFilter interface and install it using the Administration Console.