Oracle Oracle Certifications 1Z0-1104-22 Questions & Answers

• Question 41:

  On which option do you set Oracle Cloud Infrastructure Budget?

  A. Compartments

  B. Instances

  C. Free-form tags

  D. Tenancy

  Correct Answer: A

  How Budgets Work

  Budgets are set on cost-tracking tags or on compartments (including theroot compartment) to track all spending in that cost-tracking tag or for that compartment and its children.

  https://docs.oracle.com/en-us/iaas/Content/Billing/Concepts/budgetsoverview.htm

• Question 42:

  Which statements are CORRECT about Security Zone policy in OCI ? Select TWO correct answers

  A. Block volume canbe moved from a security zone to a standard compartment

  B. Bucket can't be moved from a security zone to a standard compartment

  C. Resources in a security zone must be accessible from internet

  D. Resources in a security zone must be encrypted using customer-managed keys

  Correct Answer: BD

• Question 43:

  

  Which tasks can you perform on a dedicated virtual machine host?

  A. Manual scaling

  B. Creating instance pools

  C. Instance configurations

  D. Capacity reservations

  Correct Answer: A

  Supported features: Most of the Compute features for VM instances are supported for instances running on dedicated virtual machine hosts. However, the following features arenot supported: Autoscaling Capacity reservations Instance configurations Instance pools Burstable instances Reboot migration. You can use manual migration instead

  https://docs.oracle.com/en-us/iaas/Content/Compute/Concepts/dedicatedvmhosts.htm#Dedicated_Virtual_Machine_H osts

• Question 44:

  A company has OCI tenancy which has mount target associated with two File Systems, CG_1 and CG_2. These FileSystems are accessed by IP-based clients AB_1 and AB_2 respectively. As a security administrator, how can you provide access to both clients such that CGI has Read only access on AB1 and CG_2 has Read/Write access on AB_2?

  A. NFS Export Option

  B. Access Control Lists

  C. NFS v3 Unix Security

  D. Vault

  Correct Answer: AC

  

• Question 45:

  You subscribe to a PaaS service that follows the Shared Responsibility model. Which type of security is your responsibility?

  A. Network

  B. Infrastructure

  C. Data

  D. Guest OS

  Correct Answer: C

  https://www.oracle.com/a/ocom/docs/cloud/oracle-ctr-2020-shared- responsibility.pdf

• Question 46:

  Which challenge is generally the first level of bot mitigation, but not sufficient with more advanced bot tools?

  A. CAPTCHA challenge

  B. JavaScript challenge

  C. Device fingerprint challenge

  D. Human interaction challenge

  Correct Answer: B

• Question 47:

  Which type of firewalls are designed to protect against web application attacks, such as SQL injection and cross-site scripting?

  A. Stateful inspection firewall

  B. Web Application Firewall

  C. Incident firewall

  D. Packet filtering firewall

  Correct Answer: B

  SQL injections. Cross-site scripting. Distributed denial of service(DDoS) attacks. Botnets. These are just some of the cyber-weapons increasingly being used by malicious actors to target web applications, cause data breaches, and expose

  sensitive business information.

  Oracle WAF uses a multilayered approach to protect web applications from a host of cyberthreats including malicious bots, application layer (L7) DDoS attacks, cross-site scripting, SQL injection, and vulnerabilities defined by the Open Web

  Application Security Project (OWASP). When a threat is identified, Oracle WAF automatically blocks it and alerts security operations teams so they can investigate further.

  https://www.oracle.com/a/ocom/docs/security/oci-web-application-firewall.pdf

• Question 48:

  Which component helps move logging data to other services, such as archiving log data in object storage?

  A. Agent Configuration

  B. Unified Monitoring Agent

  C. Service Connector Hub

  D. Service Log Category

  Correct Answer: C

  Service Connector Hub Service Connector Hub moves logging data to other services in Oracle Cloud Infrastructure. For example, use Service Connector Hub to alarm on log data, send log data to databases, and archive log data to Object Storage. For more information, see Service Connector Hub. https://docs.oracle.com/en-us/iaas/Content/Logging/Concepts/loggingoverview.htm

• Question 49:

  With regard to WAF in OCI, which of the following statements are NOT customer's responsibility? Select TWO answers.

  A. Configure WAF policies for websites

  B. WAF edge nodes with High Availability

  C. Configure Bot Managementstrategies for a website traffic

  D. Import latest OWASP Core Rule Sets

  Correct Answer: BD

• Question 50:

  What are the security recommendations and best practices for Oracle Functions?

  A. Grant privileges to UID and GID 1000, such that the functions running within a container acquire the default rootcapabilities.

  B. Add applications to network security groups for fine-grained ingress/egress rules.

  C. Define a policy statement that enables access to functions for requests coming from multiple IP addresses.

  D. Ensure that functions in a VCN have restricted access to resources and services.

  Correct Answer: B

  https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/securitylists.htm