[2024年01月] 実際問題を使って1z0-1104-23無料問題集サンプルと問題と練習テストエンジン
合格させるOracle 1z0-1104-23試験問題でテスト復刻エンジンとPDF
質問 # 46
Which components are a part of the OCI Identity and Access Management service?
- A. Compute instances
- B. Policies
- C. Regional subnets
- D. VCN
正解:B
解説:
Explanation
https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm
質問 # 47
your company has hired a consulting firm to audit your oracle cloud infrastructure activity and configuration you have created a set of users who will be performing the audit, you assigned these user to the orgauditgrp group. the auditor required the ability to see the configuration of all resources within tenant and you have agreed to exempt the dev compartment from the audit.
which IAM policy should be created to grant the orgauditgrp the ability to look at configuration for all resources except for those resources inside the dev compartment?
- A. allow group orgauditgrp to inspect all-resources in compartment !=dev
- B. allow group orgauditgrp to inspect all-resources in tenancy where target compartment.name !=dev
- C. allow group orgauditgrp to read all-resources in compartment !=dev
- D. allow group orgauditgrp to read all-resources in tenancy where target.compartment.name !=dev
正解:B
解説:
Explanation
This policy allows the group orgauditgrp to inspect all resources in the tenancy, except for those in the compartment named dev. The inspect verb in Oracle Cloud Infrastructure's Identity and Access Management (IAM) policies allows a group to get the metadata of a resource but does not allow the group to get the resource's content. The condition where target.compartment.name !=dev ensures that resources in the dev compartment are excluded from this policy.
質問 # 48
Which WAF service component must be configured to allow, block, or log network requests when they meet specified criteria?
- A. Origin
- B. Bot Management
- C. Protection rules
- D. Web ApplicationFirewall policy
正解:C
解説:
Explanation
Protection rules
Protection rules can be configured to either allow, block, or log network requests when they meet the specified criteria of a protection rule. The WAF will observe traffic to your web application over time and suggest new rules to apply.
https://www.oracle.com/security/cloud-security/what-is-waf/
質問 # 49
Which of the following is necessary step when creating a secret in vault?
- A. Vault-managed key is necessary to encrypt the secret
- B. Digest Hash shouldbe created of the secret value
- C. Shamir's secret sharing algorithm should be used to unseal the vault
- D. Object Storage must be created to run secret service
正解:A
解説:
Explanation
https://docs.oracle.com/en/database/other-databases/essbase/21/essad/create-vault-and-secrets.html
質問 # 50
With regard to WAF in OCI, which of the following statements are NOT customer's responsibility? Select TWO answers.
- A. Configure WAF policies for websites
- B. Configure Bot Managementstrategies for a website traffic
- C. WAF edge nodes with High Availability
- D. Import latest OWASP Core Rule Sets
正解:C、D
解説:
Explanation
The management of WAF edge nodes and the importation of the latest OWASP Core Rule Sets are handled by Oracle, not the customer. The customer is responsible for configuring WAF policies and Bot Management strategies for their website traffic
質問 # 51
Which of these protects customer data at rest and in transit in a way that allows customers to meet their security and compliance requirements forcryptographic algorithms and key management?
- A. Security controls
- B. Customer isolation
- C. Identity Federation
- D. Data encryption
正解:D
解説:
Explanation
DATA ENCRYPTION
Protect customer data at-rest and in-transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management.
https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htm
質問 # 52
Which parameters customers need to configure while reading secrets by name using CL1 or API? Select TWO correct answers.
- A. Certificates
- B. Secret Name
- C. ASCII Value
- D. Vault Id
正解:B、D
解説:
Explanation
Graphical user interface, text, application, email Description automatically generated
質問 # 53
What information do youget by using the Network Visualizer tool?
- A. Organization of subnets and VLANs across availability domains
- B. Interconnectivity of VCNs
- C. State of subnets in a VCN
- D. Routes defined between subnets and gateways
正解:B
解説:
Explanation
https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/network_visualizer.htm You can view and understand the following from this diagram:
How VCNs are inter-connected
How on-premises networks are connected (using FastConnect or Site-to-Site VPN) Which routing entities (DRGs and so on) control trafficrouting How your transit routing is configured
質問 # 54
Which statement is true about origin management in WAF?
Statement A: Multiple origins can be defined.
Statement B: Only a single origin can be active fora WAF.
- A. Only statement A is true.
- B. Both the statements are true.
- C. Only statement B is true.
- D. Both the statements are false.
正解:A
解説:
Statement A: Multiple origins can be defined1. This is true. In Oracle Cloud Infrastructure's Web Application Firewall (WAF), multiple origins can be defined for a WAF policy using Origin Groups1. When at least two origins are configured, load balancing is enabled1.
Statement B: Only a single origin can be active for a WAF2. This is false. In the Origin Settings of the WAF policy, all origins are active under origin groups2.
質問 # 55
Which Oracle Cloud Service provides restricted accessto target resources?
- A. Bastion
- B. Load balancer
- C. Internet Gateway
- D. SSL certificate
正解:A
解説:
Explanation
Bastion
Oracle Cloud Infrastructure Bastion provides restricted and time-limited access to target resources that don't have public endpoints.
Diagram Description automatically generated
https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_features.htm
質問 # 56
VCN Flow log record details about the traffic that has been denied or approved is based on which of the following statements?
- A. Web Application Firewall (WAF)
- B. Auth tokens
- C. Security Lists orNetwork Security Group Rules
- D. Configuration of route table
正解:C
解説:
Explanation
Graphical user interface, application, Teams Description automatically generated
質問 # 57
Which type of file system does file storage use?
- A. NFSv3
- B. iSCSI
- C. NVMe
- D. Paravirtualized
- E. SSD
正解:A
解説:
Explanation
The File Storage service supports the Network File System version 3.0 (NFSv3) protocol. The service supports the Network Lock Manager (NLM) protocol for file locking functionality.
https://docs.oracle.com/en-us/iaas/Content/File/Concepts/filestorageoverview.htm
質問 # 58
Which type of software do you use to centrally distributeand monitor the patch level of systems throughout the enterprise?
- A. Web Application Firewall
- B. Patch Management software
- C. Network Monitor software
- D. Recovery Manager software
正解:B
解説:
Explanation
https://docs.oracle.com/cd/E11857_01/em.111/e18710/T531901T535649.htm
質問 # 59
Which volume type contains the image used to boot a compute instance?
- A. Boot volume
- B. Block volume
- C. Startup volume
- D. Init 6 volume
正解:A
解説:
Explanation
Boot Volumes
When you launch a virtual machine (VM) or bare metal instance based on a platform image or custom image, a new boot volume for the instance is created in the same compartment. That boot volume is associated with that instanceuntil you terminate the instance. When you terminate the instance, you can preserve the boot volume and its data
https://docs.oracle.com/en-us/iaas/Content/Block/Concepts/bootvolumes.htm
質問 # 60
How can you restrict access to OCI console from unknown IP addresses?
- A. Create tenancy's authentication policy and create WAF rules
- B. Create PAR to restrict access the access
- C. Create tenancy's authentication policy and add a network source
- D. Make OCI resources private instead of public
正解:C
解説:
Explanation
Graphical user interface, text, application, Word Description automatically generated
質問 # 61
......
あなたを合格させる1z0-1104-23お手軽に試験合格リアル1z0-1104-23練習問題集で更新されたのは2024年01月02日:https://jp.fast2test.com/1z0-1104-23-premium-file.html