Oracle Oracle Certifications 1Z0-1104-22 Questions & Answers

• Question 51:

  As a security administrator, you want to create cloud resources that alignwith Oracle's security principles and best practices. Which security service should you use?

  A. Identity and Access Management

  B. Cloud Guard

  C. Security Advisor

  D. Web Application Firewall (WAF)

  Correct Answer: C

• Question 52:

  

  Which OCI service canindex, enrich, aggregate, explore, search, analyze, correlate, visualize and monitor data?

  A. Data Guard

  B. Data Safe

  C. WAF

  D. Logging Analytics

  Correct Answer: D

  

• Question 53:

  You want to include all instances in any of two or morecompartments, which syntax should you use for dynamic policy you want to create for "Prod" compartment and "SIT" compartment?

  Prod OCID : `JON.Prod'

  SIT OCID : 'JON.SIT'

  A. Any { instance in compartment `Prod' and Compartment 'SIT' }

  B. Any { instance.compartment.id = 'JON.Prod', instance.compartment.id = 'JON.SIT'

  C. All { instance.compartment.id = 'JON.Prod', instance.compartment.id = 'JON.SIT'

  D. All { instance in compartment 'Prod' and Compartment 'SIT' }

  Correct Answer: B

  

• Question 54:

  As a security architect, how can you preventunwanted bots while desirable bots are allowed to enter?

  A. Data Guard

  B. Vault

  C. Compartments

  D. Web Application Firewall (WAF)

  Correct Answer: D

• Question 55:

  What information do youget by using the Network Visualizer tool?

  A. State of subnets in a VCN

  B. Interconnectivity of VCNs

  C. Routes defined between subnets and gateways

  D. Organization of subnets and VLANs across availability domains

  Correct Answer: B

  https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/network_visualizer.htm You can view and understand the following from this diagram:

  How VCNs are inter-connected

  How on-premises networks are connected (using FastConnect or Site-to-Site VPN)

  Which routing entities (DRGs and so on) control trafficrouting How your transit routing is configured

• Question 56:

  Which OCI services can encrypt all data-at-rest ? Select TWO correct answers

  A. File Storage

  B. NAT Gateway

  C. Block Volumes

  D. Geolocation Steering

  Correct Answer: AC

• Question 57:

  

  With regard to OCI Audit Log Service, which of the statement is INCORRECT?

  A. Retention period for audit events cannot be modified

  B. REST API calls can be recorded by Audit service

  C. Audit Events gets collected when modification within objects stored inan Object Storage bucket

  D. Events logged by the Audit service can be viewed by using the Console, API, or the SDK for Java

  Correct Answer: C

• Question 58:

  As a solutions architect, you need to assist operations team to write an I AM policy to give users in group-uat1 and group- uat2 access to manage all resources in the compartment Uat. Which is the CORRECT IAM policy ?

  A. Allow any-user to manage all resources in tenancy where target.compartment= Uat

  B. Allow any-user to manage all resources in compartment Uat where request.group=/group-uat/*

  C. Allow group /group-uat*/ to manage all resources in compartment Uat

  D. Allow group group-uat1 group-uat2 tomanage all resources in compartment Uat

  Correct Answer: D

• Question 59:

  Which resources can be used to create and manage from Vault Service ? Select TWO correct answers

  A. Secret

  B. IAM

  C. Keys

  D. Cloud Guard

  Correct Answer: AC

  

• Question 60:

  Which architecture is based on the principle of "never trust, always verify"?

  A. Federated identity

  B. Zero trust

  C. Fluidperimeter

  D. Defense in depth

  Correct Answer: B

  Enterprise Interest in Zero Trust is GrowingRansomware and breaches are top of the news cycle and a major concern for organizations big and small. So, many are now looking at the Zero Trust architecture and its primary principle "never trust, always verify" to provide greater protection. According to Report Linker, the Zero Trust security market is projected to grow from USD 15.6 billion in 2019 to USD 38.6 billion by 2024 and that sounds right based on the large number of companies pitching their Zero Trustwares at RSA 2020. The enterprise was well represented at the conference and there was a tremendous amount of interest in Zero Trust. Interestingly, even though Zero Trust environments are often made up of several solutions from multiple vendors it hasn'tprevented each of the vendors from evangelizing their flavors of Zero Trust. This left the thousands of attendees to attempt to cut through the Zero Trust buzz and noise and make their own conclusions to the best approach.

  https://blogs.oracle.com/cloudsecurity/post/rsa-2020-recap-cloud-security-moves-to-the- front