Latest [Nov 20, 2023] 1z0-1104-22 Exam with Accurate Oracle Cloud Infrastructure 2022 Security Professional PDF Questions
Take a Leap Forward in Your Career by Earning Oracle 95 Questions
NEW QUESTION # 22
Which OCI service can index, enrich, aggregate, explore, search, analyze, correlate, visualize and monitor data?
- A. Data Safe
- B. Logging Analytics
- C. WAF
- D. Data Guard
Answer: B
Explanation:
NEW QUESTION # 23
Which OCI cloud service lets you centrally manage the encryption keys that protect your data and the secret credentials that you use to securely access resources?
- A. Data Safe
- B. Cloud Guard
- C. Vault
- D. Data Guard
Answer: C
Explanation:
Oracle Cloud Infrastructure Vault is a managed service that lets you centrally manage the encryption keys that protect your data and the secret credentials that you use to securely access resources. Vaults securely store master encryption keys and secrets that you might otherwise store in configuration files or in code. Specifically, depending on the protection mode, keys are either stored on the server or they are stored on highly available and durable hardware security modules (HSM) that meet Federal Information Processing Standards (FIPS) 140-2 Security Level 3 security certification.
https://docs.oracle.com/en-us/iaas/Content/KeyManagement/Concepts/keyoverview.htm
NEW QUESTION # 24
A company needs to have some buckets as public in the compartment. You want Cloud Guard to ignore the problem associated with public bucket. Select TWO correct answers
- A. Configure Conditional groups for the detector to fix base line
- B. Make the bucket private so that Cloud Guard won't detect it
- C. Dismiss the issues associated with these resources
- D. First make the bucket private and after few days make the bucket public again
Answer: A,C
NEW QUESTION # 25
Which statements are CORRECT about Security Zone policy in OCI ? Select TWO correct answers
- A. Resources in a security zone must be accessible from internet
- B. Bucket can't be moved from a security zone to a standard compartment
- C. Resources in a security zone must be encrypted using customer-managed keys
- D. Block volume can be moved from a security zone to a standard compartment
Answer: B,C
Explanation:
NEW QUESTION # 26
Which type of firewalls are designed to protect against web application attacks, such as SQL injection and cross-site scripting?
- A. Incident firewall
- B. Stateful inspection firewall
- C. Packet filtering firewall
- D. Web Application Firewall
Answer: D
Explanation:
SQL injections. Cross-site scripting. Distributed denial of service (DDoS) attacks. Botnets. These are just some of the cyber-weapons increasingly being used by malicious actors to target web applications, cause data breaches, and expose sensitive business information.
Oracle WAF uses a multilayered approach to protect web applications from a host of cyberthreats including malicious bots, application layer (L7) DDoS attacks, cross-site scripting, SQL injection, and vulnerabilities defined by the Open Web Application Security Project (OWASP). When a threat is identified, Oracle WAF automatically blocks it and alerts security operations teams so they can investigate further.
https://www.oracle.com/a/ocom/docs/security/oci-web-application-firewall.pdf
NEW QUESTION # 27
Which of these protects customer data at rest and in transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management?
- A. Identity Federation
- B. Data encryption
- C. Security controls
- D. Customer isolation
Answer: B
Explanation:
DATA ENCRYPTION
Protect customer data at-rest and in-transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management.
https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htm
NEW QUESTION # 28
Operations team has made a mistake in updating the secret contents and immediately need to resume using older secret contents in OCI Secret Management within a Vault.
As a Security Administrator, what step should you perform to rollback to last version? Select TWO correct answers.
- A. Mark the secret version as 'Rewind'
- B. Mark the secret version as 'Previous'
- C. Upload new secret and mark as 'Pending'. Promote this secret version as 'Current'
- D. Mark the secret version as 'deprecated'
Answer: B,C
Explanation:
NEW QUESTION # 29
What is the configuration to avoid publishing messages during the specified time range known as?
- A. Trigger rule
- B. Statistic
- C. Resource group
- D. Suppression
Answer: D
Explanation:
NEW QUESTION # 30
Which is NOT a part of Observability and Management Services?
- A. OCI Management Service
- B. Logging Analytics
- C. Logging
- D. Event Services
Answer: A
Explanation:
https://www.oracle.com/in/manageability/
NEW QUESTION # 31
Which statement is true about Oracle Cloud Infrastructure (OCI) Object Storage server-side encryption?
- A. All the traffic to and from object storage is encrypted by using Transport Layer Security.
- B. Encryption is not enabled by default.
- C. Each object in a bucket is always encrypted with the same data encryption key.
- D. Customer-provided encryption keys are never stored in OCI Vault service.
Answer: A
NEW QUESTION # 32
Which statement is true about standards?
- A. They are methods and instructions on how to maintain or accomplish the directives of the policy.
- B. They are result of a regulation or contractual requirement or an industry requirement.
- C. They are the foundation of corporate governance.
- D. They may be audited.
Answer: B
NEW QUESTION # 33
With regard to WAF in OCI, which of the following statements are NOT customer's responsibility? Select TWO answers.
- A. Import latest OWASP Core Rule Sets
- B. Configure WAF policies for websites
- C. Configure Bot Management strategies for a website traffic
- D. WAF edge nodes with High Availability
Answer: A,D
NEW QUESTION # 34
Which statements are CORRECT about Multi-Factor Authentication in OCI ? Select TWO correct answers
- A. Users cannot enable MFA for themselves
- B. A user can register multiple devices to use for MFA.
- C. Members of the Administrators group cannot enable MFA for another user
- D. Members of the Administrators group can disable MFA for other users
Answer: C,D
Explanation:
NEW QUESTION # 35
Which storage type is most effective when you want to move some unstructured data, consisting of images and videos, to cloud storage?
- A. File storage
- B. Block volume
- C. Archive storage
- D. Standard storage
Answer: D
Explanation:
Use Oracle Cloud Infrastructure Object Storage for data to which you need fast, immediate, and frequent access. Data accessibility and performance justifies a higher price point to store data in the Object Storage tier.
The Object Storage service can store an unlimited amount of unstructured data of any content type, including analytic data and rich content, like images and videos.
https://docs.oracle.com/en/solutions/learn-migrate-app-data-to-cloud/considerations-object-storage.html#GUID-AC192B08-5160-4DA7-B43E-001753D99CF1
NEW QUESTION # 36
Which OCI services can encrypt all data-at-rest ? Select TWO correct answers
- A. File Storage
- B. NAT Gateway
- C. Block Volumes
- D. Geolocation Steering
Answer: A,C
Explanation:
NEW QUESTION # 37
For how long are API calls audited and available?
- A. 30 days
- B. 90 days
- C. 365 days
- D. 60 days
Answer: B
NEW QUESTION # 38
......
Authentic Best resources for 1z0-1104-22 Online Practice Exam: https://testoutce.pass4leader.com/Oracle/1z0-1104-22-exam.html