[2023年10月27日]1z0-1104-22サンプルには正確で更新された問題
1z0-1104-22試験情報と無料練習テスト
この認定試験は、OCIでクラウドインフラストラクチャのセキュリティを担当するセキュリティプロフェッショナル、クラウドアーキテクト、クラウド管理者、およびITプロフェッショナルに最適です。この認定を取得することで、候補者はOCIの最新のセキュリティプラクティスと原則に関する専門知識を示すことができます。この認定は、候補者がキャリアを進め、OCIセキュリティのスキルと知識を示すことで、彼らの市場価値を高めることもできます。さらに、この認定を取得することで、OCI上のクラウドインフラストラクチャを保護できる資格のある専門家を特定して採用することができます。
Oracle 1Z0-1104-22試験は、クラウドセキュリティの概念とベストプラクティスを深く理解する必要がある挑戦的な認証です。候補者は、クラウドインフラストラクチャとセキュリティに強力な基盤を持ち、安全なクラウド環境の実装と管理の実践的な経験を持っている必要があります。この認定は、クラウドベースのアプリケーションとインフラストラクチャを確保するための専門知識を実証し、クラウドセキュリティ分野でのキャリアを促進したいITの専門家に最適です。
Oracle 1z0-1104-22 認定試験は、Oracle Cloud Infrastructure Securityにおけるスキルと知識を検証する方法を探しているセキュリティ専門家を対象に設計されています。この認定試験は、クラウドセキュリティにおける専門知識を拡大し、業界での認知度を高めたい個人にとって素晴らしい機会です。
質問 # 14
On which option do you set Oracle Cloud Infrastructure Budget?
- A. Free-form tags
- B. Compartments
- C. Tenancy
- D. Instances
正解:B
解説:
How Budgets Work
Budgets are set on cost-tracking tags or on compartments (including the root compartment) to track all spending in that cost-tracking tag or for that compartment and its children.
https://docs.oracle.com/en-us/iaas/Content/Billing/Concepts/budgetsoverview.htm
質問 # 15
When using Management Agent to collect logs continuously, which is the required configuration for OCI Logging Analytics to retrieve data from numerous logs for an instance?
- A. Source-Entity Association
- B. Agent - Entity Association
- C. Entity - Agent Association
- D. Entity - Source Association
正解:A
解説:
質問 # 16
Which statement is true about Oracle Cloud Infrastructure (OCI) Object Storage server-side encryption?
- A. Encryption is not enabled by default.
- B. Each object in a bucket is always encrypted with the same data encryption key.
- C. All the traffic to and from object storage is encrypted by using Transport Layer Security.
- D. Customer-provided encryption keys are never stored in OCI Vault service.
正解:C
質問 # 17
VCN Flow log record details about the traffic that has been denied or approved is based on which of the following statements?
- A. Configuration of route table
- B. Security Lists or Network Security Group Rules
- C. Auth tokens
- D. Web Application Firewall (WAF)
正解:B
解説:
質問 # 18
You subscribe to a PaaS service that follows the Shared Responsibility model.
Which type of security is your responsibility?
- A. Network
- B. Guest OS
- C. Data
- D. Infrastructure
正解:C
解説:
https://www.oracle.com/a/ocom/docs/cloud/oracle-ctr-2020-shared-responsibility.pdf
質問 # 19
What information do you get by using the Network Visualizer tool?
- A. Routes defined between subnets and gateways
- B. Interconnectivity of VCNs
- C. Organization of subnets and VLANs across availability domains
- D. State of subnets in a VCN
正解:B
解説:
https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/network_visualizer.htm You can view and understand the following from this diagram:
How VCNs are inter-connected
How on-premises networks are connected (using FastConnect or Site-to-Site VPN) Which routing entities (DRGs and so on) control traffic routing How your transit routing is configured
質問 # 20
Which challenge is generally the first level of bot mitigation, but not sufficient with more advanced bot tools?
- A. CAPTCHA challenge
- B. Device fingerprint challenge
- C. JavaScript challenge
- D. Human interaction challenge
正解:C
質問 # 21
As a Security Admin you want to inspect the metadata and actual data in your Oracle databases to discover sensitive data and provide comprehensive results listing the sensitive columns and related information. Which Data Safe feature will help you to achieve the above requirement ?
- A. User Assessment
- B. Security Assessment
- C. Data Discovery
- D. Data Masking
正解:C
解説:
質問 # 22
What are the security recommendations and best practices for Oracle Functions?
- A. Define a policy statement that enables access to functions for requests coming from multiple IP addresses.
- B. Grant privileges to UID and GID 1000, such that the functions running within a container acquire the default root capabilities.
- C. Add applications to network security groups for fine-grained ingress/egress rules.
- D. Ensure that functions in a VCN have restricted access to resources and services.
正解:C
解説:
https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/securitylists.htm
質問 # 23
For how long are API calls audited and available?
- A. 90 days
- B. 30 days
- C. 60 days
- D. 365 days
正解:A
質問 # 24
Logical isolation for resources is provided by which OCI feature?
- A. Compartments
- B. Tenancy
- C. Availability Zone
- D. Region
正解:A
質問 # 25
Bot Management in OCI provides which of the features? Select TWO correct answers.
- A. CAPTCHA Challenge
- B. Bad Bot Denylist
- C. IP Prefix Steering
- D. Good Bot Allowlist
正解:A、D
解説:
質問 # 26
What is the minimum active storage duration for logs used by Logging Analytics to be archived?
- A. 30 days
- B. 10 days
- C. 15 days
- D. 60 days
正解:A
解説:
https://docs.oracle.com/en-us/iaas/logging-analytics/doc/manage-storage.html#:~:text=The%20minimum%20Active%20Storage%20Duration,be%20archived%20is%2030%20days.
The minimum Active Storage Duration (Days) for logs before they can be archived is 30 days.
質問 # 27
Which is NOT a part of Observability and Management Services?
- A. Event Services
- B. OCI Management Service
- C. Logging Analytics
- D. Logging
正解:B
解説:
https://www.oracle.com/in/manageability/
質問 # 28
Which Security Zone policy is NOT valid?
- A. Resources in a security zone must be automatically backed up regularly.
- B. A boot volume can be moved from a security zone to a standard compartment.
- C. Resources in a security zone should not be accessible from the public internet.
- D. A compute instance cannot be moved from a security zone to a standard compartment.
正解:B
質問 # 29
what is the use case for Oracle cloud infrastructure logging analytics service?
- A. labels data packets that pass through the internet gateway
- B. monitors, aggregates, indexes and analyzes all log data from on-premises.
- C. automatically and manage any log based on a subscription model
- D. automatically create instances to collect logs analysis and send reports
正解:B
解説:
Oracle Cloud Infrastructure Logging Analytics is a machine learning-based cloud service that monitors, aggregates, indexes, and analyzes all log data from on-premises and multicloud environments. Enabling users to search, explore, and correlate this data to troubleshoot and resolve problems faster and derive insights to make better operational decisions.
https://www.oracle.com/manageability/logging-analytics/
質問 # 30
You want to make API calls against other OCI services from your instance without configuring user credentials. How would you achieve this?
- A. Create a dynamic group and add your instance.
- B. Create a group and add a policy.
- C. No configuration is required for making API calls.
- D. Create a dynamic group and add a policy.
正解:D
解説:
DYNAMIC GROUP
Dynamic groups allow you to group Oracle Cloud Infrastructure instances as principal actors, similar to user groups. You can then create policies to permit instances in these groups to make API calls against Oracle Cloud Infrastructure services. Membership in the group is determined by a set of criteria you define, called matching rules. https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
質問 # 31
Which of the following services are NOT Security Services in OCI ? Select TWO answers.
- A. Block Volume
- B. Vault
- C. Cloud Guard
- D. Data Guard
正解:A、D
質問 # 32
As a solutions architect, you need to assist operations team to write an I AM policy to give users in group-uat1 and group- uat2 access to manage all resources in the compartment Uat. Which is the CORRECT IAM policy ?
- A. Allow group group-uat1 group-uat2 to manage all resources in compartment Uat
- B. Allow any-user to manage all resources in tenancy where target.compartment= Uat
- C. Allow group /group-uat*/ to manage all resources in compartment Uat
- D. Allow any-user to manage all resources in compartment Uat where request.group=/group-uat/*
正解:A
質問 # 33
What does an audit log event include?
- A. Audit type
- B. Footer
- C. Type of input
- D. Header
正解:D
解説:
The HTTP header fields and values in the request.
https://docs.oracle.com/en-us/iaas/Content/Audit/Reference/logeventreference.htm
質問 # 34
A number of malicious requests for a web application is coming from a set of IP addresses originating from Antartica.
Which of the following statement will help to reduce these types of unauthorized requests ?
- A. Use WAF policy using Access Control Rules
- B. Change your home region in which your resources are currently deployed
- C. List specific set of IP addresses then deny rules in Virtual Cloud Network Security Lists
- D. Delete NAT Gateway from Virtual Cloud Network
正解:A
質問 # 35
How can you establish private connectivity over two VCN within same OCI region without traversing the traffic over public internet ?
- A. Data Guard
- B. NAT Gateway
- C. Local VCN Peering
- D. Remote VCN Peering
正解:C
解説:
質問 # 36
You create a new compartment, "apps," to host some production apps and you create an apps_group and added users to it.
What would you do to ensure the users have access to the apps compartment?
- A. Add an IAM policy for apps_group granting access to the apps compartment.
- B. No action is required.
- C. Add an lAM policy to attach tenancy to the apps group.
- D. Add an IAM policy for the individual users to access the apps compartment.
正解:A
質問 # 37
......
合格させるOracle 1z0-1104-22プレミアムお試しセットテストエンジンPDFで無料問題集セット:https://jp.fast2test.com/1z0-1104-22-premium-file.html
2023年最新の実際に出る1z0-1104-22問題集テストエンジン試験問題はここにある:https://drive.google.com/open?id=1-ZWo0hmz49hUP-sS5V1iM4s8asL3Aw4t