Oracle 1z0-1104-23試験情報と無料練習テストはこちら [Q39-Q57]

Share

Oracle 1z0-1104-23試験情報と無料練習テストはこちら

合格させるOracle 1z0-1104-23プレミアムお試しセットテストエンジンPDFで無料問題集セット

質問 # 39
Which securityissues can be identified by Oracle Vulnerability Scanning Service? Select TWO correct answers

  • A. Distributed Denial of Service (DDoS)
  • B. Ports that are unintentionally left open can be a potential attack vector for cloud resources
  • C. SQL Injection
  • D. CISpublished Industry-standard benchmarks

正解:B、D

解説:
Explanation
Graphical user interface, text, application, email Description automatically generated


質問 # 40
An e-commerce company needs to authenticate with third-party API that don't support OCI's signature-based authentication.
What can be the solution for the above scenario?

  • A. Security Token
  • B. Asymmetric keys
  • C. Auth Token/Swift Password
  • D. API Key Authentication

正解:C

解説:
Explanation
Graphical user interface, text, application, email Description automatically generated


質問 # 41
With regard to OCI Audit Log Service, which of the statement is INCORRECT?

  • A. Retention period for audit events cannot be modified
  • B. Events logged by the Audit service can be viewed by using the Console, API, or the SDK for Java
  • C. REST API calls can be recorded by Audit service
  • D. Audit Events gets collected when modification within objects stored inan Object Storage bucket

正解:A

解説:
Explanation
The retention period for audit events in OCI Audit Log Service is 365 days and currently, it cannot be modified. The Audit service automatically retains logged events for 365 days (1 year). After that, they're automatically deleted. You can't modify this retention period.


質問 # 42
Oracle Object Storage achieves data durability by which of the mechanisms ? Select TWO correct answers

  • A. Redundant Storage across availability domains
  • B. Object Versioning
  • C. Service Gateway
  • D. Redundant Array of IndependentDisks

正解:A、B

解説:
Explanation
Graphical user interface, text, application, email Description automatically generated


質問 # 43
In which two ways can you improve data durability in Oracle Cloud Infrastructure Object Storage?

  • A. Enable Versioning
  • B. Limit delete permissions
  • C. Enable server-sideencryption
  • D. Enable client-side encryption
  • E. Setup volumes in a RAID1 configuration

正解:A、B

解説:
Enabling versioning can improve data durability in OCI Object Storage by keeping multiple versions of an object in the same bucket5.
Limiting delete permissions can also improve data durability by preventing unauthorized users from deleting data


質問 # 44
Which type of file system does file storage use?

  • A. NVMe
  • B. iSCSI
  • C. SSD
  • D. NFSv3
  • E. Paravirtualized

正解:D

解説:
Explanation
The File Storage service supports the Network File System version 3.0 (NFSv3) protocol. The service supports the Network Lock Manager (NLM) protocol for file locking functionality.
https://docs.oracle.com/en-us/iaas/Content/File/Concepts/filestorageoverview.htm


質問 # 45
You have configured the Management Agent on an Oracle Cloud Infrastructure (OCI) Linux instance for log ingestion purposes.
Which is a required configuration for OCI Logging Analytics service to collect data from multiple logs of this Instance?

  • A. Entity - Log Association
  • B. Source - Entity Association
  • C. Log - Log Group Association
  • D. Log Group - Source Association

正解:B

解説:
For OCI Logging Analytics service to collect data from multiple logs of an instance, a Source - Entity Association is required1. A source in Logging Analytics defines the metadata about the log data you want to collect, and an entity represents the source of the log data1. You associate sources with entities, and these associations instruct the Management Agent on your instance what log data to collect1.


質問 # 46
As a security administrator, you found out that there are users outside your co network who are accessing OCI Object Storage Bucket. How can you prevent these users from accessing OCI resources in corporate network?

  • A. Create an 1AM policy and add a network source
  • B. Create PAR to restrict access the access
  • C. Create an 1AM policy and create WAF rules
  • D. Make OCI resources private instead of public

正解:A

解説:
Explanation
Graphical user interface, text, application Description automatically generated


質問 # 47
Select the component that encompasses the overall configuration of your WAF service on OCI.

  • A. Web Application Firewall policy
  • B. Bot Management
  • C. Origin
  • D. Protection rules

正解:A

解説:
Explanation
WAF Policy Management
Provides an overview of web application firewall (WAF) policies, including their creation, updating, and deletion.
WAF policies encompass the overall configuration of your WAF service, includingaccess rules, rate limiting rules, and protection rules.
https://docs.oracle.com/en-us/iaas/Content/WAF/Policies/waf-policy_management.htm


質問 # 48
You want to make API calls against other OCI services from your instance without configuring user credentials. How would you achieve this?

  • A. Create a dynamic group and add apolicy.
  • B. No configuration is required for making API calls.
  • C. Create a dynamic group and add your instance.
  • D. Create a group and add a policy.

正解:A

解説:
Explanation
DYNAMIC GROUP
Dynamic groups allow you to group Oracle Cloud Infrastructure instances as principalactors, similar to user groups. You can then create policies to permit instances in these groups to make API calls against Oracle Cloud Infrastructure services. Membership in the group is determined by a set of criteria you define, called matching rules.https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm


質問 # 49
You want software that can automatically collect and aggregate log data generated throughout your organization's infrastructure, analyze it, and send alerts if it detects a deviation from the norm.
Which software must you use?

  • A. SecurityEvent Management (SEM)
  • B. Security Information Management (SIM)
  • C. Security Integration Management (SIM)
  • D. Security Information and Event Management (SIEM)

正解:D

解説:
Explanation
SIEM software can automatically collect and aggregate log data generated throughout your organization's infrastructure, analyze it, and send alerts if it detects a deviation from the norm23.


質問 # 50
Which type of software do you use to centrally distributeand monitor the patch level of systems throughout the enterprise?

  • A. Web Application Firewall
  • B. Network Monitor software
  • C. Patch Management software
  • D. Recovery Manager software

正解:C

解説:
Explanation
https://docs.oracle.com/cd/E11857_01/em.111/e18710/T531901T535649.htm


質問 # 51
As a solutions architect, you need to assist operations team to write an I AM policy to give users in group-uat1 and group- uat2 access to manage all resources in the compartment Uat. Which is the CORRECT IAM policy
?

  • A. Allow group group-uat1 group-uat2 tomanage all resources in compartment Uat
  • B. Allow any-user to manage all resources in compartment Uat where request.group=/group-uat/*
  • C. Allow group /group-uat*/ to manage all resources in compartment Uat
  • D. Allow any-user to manage all resources in tenancy where target.compartment= Uat

正解:C

解説:
Explanation
This policy allows users in groups whose names start with "group-uat" to manage all resources in the compartment named "Uat"12.


質問 # 52
As a Security Admin you want to inspect the metadata and actual data in your Oracle databases to discover sensitive data and provide comprehensive results listing the sensitive columns and related information. Which Data Safe feature will help you to achieve the above requirement ?

  • A. Security Assessment
  • B. Data Discovery
  • C. Data Masking
  • D. User Assessment

正解:B

解説:
Explanation
Graphical user interface, text, application, email Description automatically generated


質問 # 53
Which Oracle Data Safe feature minimizes the amount of personal data and allows internal test, development, and analytics teams to operate with reduced risk?

  • A. data masking
  • B. data auditing
  • C. security assessment
  • D. data encryption
  • E. data discovery

正解:A

解説:
Explanation
Data masking in Oracle Data Safe minimizes the amount of personal data and allows internal test, development, and analytics teams to operate with reduced risk91011. It replaces sensitive or confidential information in non-production databases with realistic and fully functional data with similar characteristics as the original data


質問 # 54
A company needs to have somebuckets as public in the compartment. You want Cloud Guard to ignore the problem associated with public bucket. Select TWO correct answers

  • A. Dismiss the issues associated with these resources
  • B. First make the bucket private and after few days make the bucket public again
  • C. Make the bucket private so that Cloud Guard won't detectit
  • D. Configure Conditional groups for the detector to fix base line

正解:A、D

解説:
Dismissing the issues associated with these resources in Cloud Guard will prevent these issues from being flagged again. This is because Cloud Guard allows you to dismiss problems that you don't want to address, and once dismissed, Cloud Guard does not raise the problem again unless there is a change in the resource that is associated with the problem. You can find more details about this in the Oracle Cloud Infrastructure documentation.
Configuring Conditional groups for the detector to fix base line will allow Cloud Guard to understand what is normal for your infrastructure and not flag these public buckets as issues. Conditional groups in Cloud Guard allow you to modify how detectors evaluate resources by specifying conditions that a resource must meet for a detector to evaluate it. You can find more details about this in the Oracle Cloud Infrastructure documentation


質問 # 55
you want to create a stateless rule forSSH in security list and the ingress role has already been properly configured what combination should you use on the engress role what commination should you use on the egress rule?

  • A. select udp for protocol: enter 22 for source port" and all for destination port
  • B. select tcp for protocol: enter all for source port" and 22 for destination port.
  • C. select tcp for protocol: enter 22 for source port" and all for destinationport
  • D. select tcp for protocol: enter 22 for source port" and 22 for destination port

正解:B

解説:
Explanation
For SSH traffic, which uses TCP protocol and port 22, you would want to allow all source ports to connect to your destination port 22. This is because the source port for an SSH client can be any available port number.


質問 # 56
Logical isolation for resources is provided by which OCI feature?

  • A. Compartments
  • B. Availability Zone
  • C. Region
  • D. Tenancy

正解:A

解説:
Explanation
Compartments in Oracle Cloud Infrastructure (OCI) are a fundamental component that allows you to create a heterogeneous collection of resources for organization, security isolation, and access control123. They provide a global logical namespace where policies can be enforced, similar to folders in a file system3. By being global, they stretch out to all OCI regions within a given tenancy3.


質問 # 57
......

更新された公式認定は1z0-1104-23認証済みの1z0-1104-23問題集でPDF:https://jp.fast2test.com/1z0-1104-23-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어