Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Oracle
  3. Oracle Cloud Infrastructure Certification
  4. 1z0-1104-23 - Oracle Cloud Infrastructure 2023 Security Professional

1z0-1104-23 Exam Dumps - Oracle Cloud Infrastructure 2023 Security Professional

Go to page:
Question # 9

Which two reasons would a crytpo admin have to select the Virtual Private Vault option when creating an Oracle Cloud Infrastructure Vault? (Choose two.)

A.

to scale to over 10,000 keys

B.

ability to back up and restore the Vault for redundancy.

C.

ability to export keys from the vault

D.

banking requirements, including chip card reloading and PIN Processing

E.

more isolation for encryption keys with a dedicated HSM partition

Full Access
Question # 10

A company needs to have somebuckets as public in the compartment. You want Cloud Guard to ignore the problem associated with public bucket. Select TWO correct answers

A.

Dismiss the issues associated with these resources

B.

Make the bucket private so that Cloud Guard won't detectit

C.

Configure Conditional groups for the detector to fix base line

D.

First make the bucket private and after few days make the bucket public again

Full Access
Question # 11

How can you limit access to an Oracle Cloud Infrastructure (OCI) Object Storage bucket to only the users Hark for within the corporate network? (Choose the best Answer.)

A.

Create pre authenticated request (PAR) that limits access to the corporate network CIDRS.

B.

Create an Identity and Access Management (TAM) policy and add a group that contains all the Internal computers

C.

Create an identity and Access Management (IAM) policy and add a network source that has the corporate network classless inter-domain routings (CIDR).

D.

Make the bucket private and limit the access using Security Lists

Full Access
Question # 12

What are Virtual Cloud Network (VCN) flow logs record details about traffic that has been accepted or rejected, based on? (Choose the best Answer.)

A.

Route Rules in the VCN default Route Table

B.

Instance Principals governing all compute Distances in a given compartment

C.

Security Rules on Security List and Network Security Groups (NSGA)

Full Access
Question # 13

How do you enable server-side encryption in an Oracle Cloud Infrastructure (OCI) Object Storage bucket? (Choose the best Answer.)

A.

By uploading your encryption key to OCI Vault and associating it with the bucket you want to encrypt.

B.

By updating the buckets metadata value for encrypted_bucket to "true"

C.

By default, server-side encryption is enabled and requires no user action.

D.

By uploading encrypted objects will enable the encryption in the objects.

Full Access
Question # 14

Your company will transfer a fleet of 12 servers from on-premises to Oracle Cloud Infra-structure (OCI). The fleet will include two webservers. All 12 servers will be in the same sub-net, and share the exact same security permissions, with the only exception being the two web servers. In addition to the same permissions of the other 10 servers, they will have ports 80 and 443 enabled. The security policy must be hardened to ensure that only those two servers have those ports open. What should your configuration actions be for this scenario? (Choose the best Answer.)

A.

Configure a Network Security Group that includes all necessary permissions for all 12 servers Then configure the Security List that grants access to ports 80 and 443. Assign the Security List to the VNICS of the web servers.

B.

Configure a Security List that includes all necessary permissions for all 12 servers. Then configure a Network Security Group that grants access to ports 80 and 443. As-sign the. Network Security Group to the VNICs of the two web servers.

C.

Configure an OCI Load Balancer that has the two web servers as the backend servers with a health check policy that constantly monitors port 80 and port 443.

D.

In the OCI Web Application Firewall, configure a traffic steering policy that grants access to ports 80 and 443 to the two web servers.

Full Access
Question # 15

Which statement is true about using custom BYOI instances in Windows Servers that are managed by OS Management Service?

A.

Windows Servers that does not have the minimum agent version does not require an agent update or installation.

B.

Windows Servers that already has the minimum agent version does not require an agent update or installation.

C.

Windows Servers that already has the minimum agent version requires an agent update or installation.

D.

Windows Servers that does not have the minimum agent version requires an agent update or installation.

Full Access
Question # 16

With regard to vulnerability and cloud penetration testing, which rules of engagement apply? Select TWO correct answers.

A.

Any port scanning must be performed in an aggressive mode

B.

Physical penetration and vulnerability testing of Oraclefacilities is prohibited

C.

Testing should target any other subscription or any other Oracle Cloud customer resources

D.

You are responsible for any damages to Oracle Cloud customers that are caused by your testing activities

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps