最新のOracle 1z0-1104-23のPDFと問題集で(2024)無料試験問題解答
あなたを合格させるOracle Cloud 1z0-1104-23試験問題集で2024年04月19日には172問あります
質問 # 47
Which cache rules criterion matches if the concatenation of the requested URL path and query are identical to the contents of the value field?
- A. URL_STARTS_WITH
- B. URL_PART_CONTAINS
- C. URL_IS
- D. URL_PART_ENDS_WITH
正解:C
解説:
Explanation
URL_IS: Matches if the concatenation of request URL path and query is identical to the contents of the value field. URL must start with a /.
https://docs.oracle.com/en-us/iaas/tools/terraform-provider-oci/4.57.0/docs/d/waas_waas_policy.html
質問 # 48
What is the use case for Oracle Cloud Infrastructure (OCI) Logging Analytics service? (Choose the best Answer.)
- A. Correlate, visualize, and monitor all log data.
- B. Label data packets that pass through the Internet gateway
- C. Create instances automatically to collect logs, analyze, and send reports
- D. Automate and manage any logs based on a subscription model
正解:A
質問 # 49
A member of operations team has set Pre-Authenticated Request (PAR) associated with a bucket to an incorrect date and now wants to edit the PARrequest. How can this be achieved?
- A. Delete the PAR and recreate it with the required date
- B. Delete the bucket associated with PAR and recreate it
- C. Delete both PAR as well as the bucket then recreate both
- D. Don't set an expiration time for PAR
正解:A
解説:
Explanation
Graphical user interface, text, application, email Description automatically generated
質問 # 50
A http web server hosted on an Oracle cloud infrastructure compute instance in a public subnet of the vcsl virtual cloudnetwork has a stateless security ingress rule for port 80 access through internet gateway stateful network security group notification for port 80 how will the Oci vcn handle request response traffic to the compute instance for a web page from the http server with port 80?
- A. Because there is no Egress ruled defined in Security List, The Response would not pass through Internet Gateway.
- B. due to the conflict in security configuration inbound request traffic would not be allowed
- C. network security group would supersede the security utility list and allow both inbound and outbound traffic
- D. the union of both configuration would happen and allow both inbound and outbound traffic
正解:D
解説:
In OCI, if there's a stateless rule in the security list and a stateful rule in the network security group, both rules are evaluated. The union of both configurations would happen, allowing both inbound and outbound traffic. This means that if an incoming packet is allowed by either the security lists or the network security groups, then it's allowed into the instance. Similarly, if an outgoing packet is allowed by either, then it's allowed out of the instance
質問 # 51
How can you increase the expiration of a pre-authenticated request (PAR) associated with a bucket? (Choose the best Answer.)
- A. Edit the pre-authenticated request and define the desired expiration
- B. You cannot edit a pre-authenticated request. Delete the pre-authenticated request and recreate with the desired expiration
- C. Edit the bucket metadata and change the expiration date.
- D. Find the Identity and Access Management (IAM) policy associated with the PAR. De-fine the desired expiration in the policy
正解:B
質問 # 52
Which statement is not true about Cloud Security Posture?
- A. Problems can be resolved, dismissed, or remediated.
- B. Problems are defined by the type of detector that creates them: activity or configuration.
- C. Problems are created when Cloud Guard discovers a deviation from a responder rule.
- D. Problems contain data about the specific type of issue that was found.
正解:C
解説:
https://www.oracle.com/security/cloud-security/what-is-cspm/
質問 # 53
Cloud Guard detected a risk score of zeroin the dashboard, what does this mean ?
- A. Larger number of problems that have high risk levels ( HIGH or CRITICAL )
- B. LOW or MINOR issues
- C. Risk score doesn't say anything. These are just numbers
- D. No problem detected for any resource
正解:D
解説:
質問 # 54
An automobile company needs to configure Bastion Managed SSH session to a compute instance in a private subnet. What are the TWO prerequisites to configure successfully?
- A. NAT or Service Gateway should be attached to the private subnet
- B. There is no need for any gateway in private subnet
- C. SSH port forwarding should be enabled
- D. Route rule to a NAT or Service Gateway should be associated with the subnet of the route table
正解:A、D
解説:
For a Bastion Managed SSH session to a compute instance in a private subnet, the instance must have access to the internet, which can be provided by a NAT Gateway or a Service Gateway34. Additionally, a route rule directing traffic to the NAT or Service Gateway should be associated with the subnet's route table34.
質問 # 55
In your Oracle Cloud Infrastructure environment you have created a VaultAdmins group and a VaultCompartment compartment. Now, you want Vault administrators who are members of the VaultAdmins group to be able to create keys in VaultCompartment. Which policy statement would be valid to provide the necessary privileges to the Vault administrators? (Choose the best Answer.)
- A. allow group VaultAdmins to inspect vaults in compartment VaultCompartment
- B. allow group VaultAdmins to manage vaults in compartment VaultCompartment
- C. allow group VaultAdmins to create vaults in compartment VaultCompartment
- D. allow group VaultAdmins to read vaults in compartment VaultCompartment
正解:B
質問 # 56
With regard to vulnerability and cloud penetration testing, which rules of engagement apply? Select TWO correct answers.
- A. Physical penetration and vulnerability testing of Oraclefacilities is prohibited
- B. Any port scanning must be performed in an aggressive mode
- C. You are responsible for any damages to Oracle Cloud customers that are caused by your testing activities
- D. Testing should target any other subscription or any other Oracle Cloud customer resources
正解:A、C
解説:
質問 # 57
What must be configured for a load balancer to accept incoming traffic?
- A. Route table entry pointing to the listener IP address
- B. Listener
- C. SSL certificate
- D. Service Gateway
正解:B
解説:
A listener is an entity that checks for connection requests. The load balancerlistener listens for ingress client traffic using the port you specify within the listener and the load balancer's public IP.
https://docs.oracle.com/en-us/iaas/Content/GSG/Tasks/loadbalancing.htm
To create a listener:
On your Load Balancer Details page, click Listeners.
Click Create Listener.
Enter the following:
Name: Enter afriendly name. Avoid entering confidential information.
Protocol: Select HTTP.
Port: Enter 80 as the port on which to listen for incoming traffic.
Backend Set: Select the backend set you created.
Click Create.
質問 # 58
A company, ABC, is planning to launch a new web application on OCI. Based on past experiences, they expect a significant surge in traffic after the launch. You are responsible for ensuring that the application is highly available. Which step would you perform to achieve this goal? (Choose the best Answer.)
- A. Implement security controls, such as web application firewalls, to protect against com-mon attack vectors.
- B. Use a Virtual Cloud Network (VCN) with subnets, security lists, and routing rules to isolate the web application from the Internet and other resources.
- C. Use a load balancer to distribute incoming traffic evenly across multiple instances of the web application.
- D. Configure Cloud Guard to prevent large amounts of traffic from reaching the web application.
正解:C
質問 # 59
As a solutions architect, you need to assist operations team to write an I AM policy to give users in group-uat1 and group- uat2 access to manage all resources in the compartment Uat. Which is the CORRECT IAM policy ?
- A. Allow group /group-uat*/ to manage all resources in compartment Uat
- B. Allow any-user to manage all resources in tenancy where target.compartment= Uat
- C. Allow any-user to manage all resources in compartment Uat where request.group=/group-uat/*
- D. Allow group group-uat1 group-uat2 tomanage all resources in compartment Uat
正解:A
解説:
This policy allows users in groups whose names start with "group-uat" to manage all resources in the compartment named "Uat"12.
質問 # 60
You want to include all instances in any of two or morecompartments, which syntax should you use for dynamic policy you want to create for "Prod" compartment and "SIT" compartment?
Prod OCID : 'JON.Prod'
SIT OCID : 'JON.SIT'
- A. Any { instance.compartment.id = 'JON.Prod', instance.compartment.id = 'JON.SIT'
- B. All { instance in compartment 'Prod' and Compartment 'SIT' }
- C. All { instance.compartment.id = 'JON.Prod', instance.compartment.id = 'JON.SIT'
- D. Any { instance in compartment 'Prod' and Compartment 'SIT' }
正解:A
解説:
Explanation
Graphical user interface, text, application, email Description automatically generated
質問 # 61
Which statement is true about using custom BYOI instances in Windows Servers that are managed by OS Management Service?
- A. Windows Servers that does not have the minimum agent version does not require an agent update or installation.
- B. Windows Servers that already has the minimum agent version does not require an agent update or installation.
- C. Windows Servers that already has the minimum agent version requires an agent update or installation.
- D. Windows Servers that does not have the minimum agent version requires an agent update or installation.
正解:D
解説:
Explanation
https://docs.oracle.com/cd/E11857_01/install.111/e15311/agnt_install_windows.htm
質問 # 62
......
1z0-1104-23問題集はOracle Cloud認証済み試験問題と解答:https://jp.fast2test.com/1z0-1104-23-premium-file.html