• ホーム
  • ブログ
  • 100%更新されたのはOracle 1z0-1104-22限定版PDF問題集 [Q49-Q74]

100%更新されたのはOracle 1z0-1104-22限定版PDF問題集 [Q49-Q74]

Share

100%更新されたのはOracle 1z0-1104-22限定版PDF問題集

有効な試験問題を試そう1z0-1104-22には無料サイトで限定お試しチャンス


Oracle 1z0-1104-22 試験は、クラウドインフラストラクチャのセキュリティを確保することに関する知識と専門知識を検証したいプロフェッショナルを対象としています。この認定試験は、特に Oracle Cloud Infrastructure 2022 セキュリティプロフェッショナル向けに設計されており、リスク管理、ネットワークセキュリティ、アイデンティティとアクセス管理、コンプライアンスなど、クラウドインフラストラクチャのセキュリティに関する幅広いトピックをカバーしています。

 

質問 # 49
How can you convert a fixed load balancer to a flexible load balancer?

  • A. Using the Edit Listener option.
  • B. Delete the fixed load balancer and create a new one.
  • C. Use Update Shape workflows.
  • D. There is no way to covert the load balancer.

正解:C


質問 # 50
You are using a custom application with third-party APIs to manage application and data hosted in an Oracle Cloud Infrastructure (OCI) tenancy. Although your third-party APIs don't support OCI's signature-based authentication, you want them to communicate with OCI resources. Which authentication option must you use to ensure this?

  • A. Auth Token
  • B. SSH Key Pair with 2048-bit algorithm
  • C. OCI username and Password
  • D. API Signing Key

正解:A


質問 # 51
you are part of security operation of an organization with thousand of your users accessing Oracle cloud infrastructure it was reported that an unknown user action was executed resulting in configuration error you are tasked to quickly identify the details of all users who were active in the last six hours also with any rest API call that were executed. Which oci feature should you use?

  • A. service connector hub
  • B. management agent log integration
  • C. audit analysis dashboard
  • D. objectcollectionrule

正解:C


質問 # 52
Which architecture is based on the principle of "never trust, always verify"?

  • A. Zero trust
  • B. Fluid perimeter
  • C. Federated identity
  • D. Defense in depth

正解:A

解説:
Enterprise Interest in Zero Trust is Growing Ransomware and breaches are top of the news cycle and a major concern for organizations big and small. So, many are now looking at the Zero Trust architecture and its primary principle "never trust, always verify" to provide greater protection.
According to Report Linker, the Zero Trust security market is projected to grow from USD 15.6 billion in 2019 to USD 38.6 billion by 2024 and that sounds right based on the large number of companies pitching their Zero Trust wares at RSA 2020.
The enterprise was well represented at the conference and there was a tremendous amount of interest in Zero Trust. Interestingly, even though Zero Trust environments are often made up of several solutions from multiple vendors it hasn't prevented each of the vendors from evangelizing their flavors of Zero Trust. This left the thousands of attendees to attempt to cut through the Zero Trust buzz and noise and make their own conclusions to the best approach.
https://blogs.oracle.com/cloudsecurity/post/rsa-2020-recap-cloud-security-moves-to-the-front


質問 # 53
Which OCI services can encrypt all data-at-rest ? Select TWO correct answers

  • A. File Storage
  • B. Geolocation Steering
  • C. Block Volumes
  • D. NAT Gateway

正解:A、C

解説:


質問 # 54
As a security architect, how can you prevent unwanted bots while desirable bots are allowed to enter?

  • A. Vault
  • B. Web Application Firewall (WAF)
  • C. Compartments
  • D. Data Guard

正解:B


質問 # 55
VCN Flow log record details about the traffic that has been denied or approved is based on which of the following statements?

  • A. Configuration of route table
  • B. Web Application Firewall (WAF)
  • C. Auth tokens
  • D. Security Lists or Network Security Group Rules

正解:D

解説:


質問 # 56
Logical isolation for resources is provided by which OCI feature?

  • A. Availability Zone
  • B. Compartments
  • C. Region
  • D. Tenancy

正解:B


質問 # 57
Which statement is true about using custom BYOI instances in Windows Servers that are managed by OS Management Service?

  • A. Windows Servers that already has the minimum agent version does not require an agent update or installation.
  • B. Windows Servers that already has the minimum agent version requires an agent update or installation.
  • C. Windows Servers that does not have the minimum agent version does not require an agent update or installation.
  • D. Windows Servers that does not have the minimum agent version requires an agent update or installation.

正解:D

解説:
https://docs.oracle.com/cd/E11857_01/install.111/e15311/agnt_install_windows.htm


質問 # 58
Which Oracle Cloud Service provides restricted access to target resources?

  • A. Bastion
  • B. SSL certificate
  • C. Internet Gateway
  • D. Load balancer

正解:A

解説:
Bastion
Oracle Cloud Infrastructure Bastion provides restricted and time-limited access to target resources that don't have public endpoints.

https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_features.htm


質問 # 59
With regard to OCI Audit Log Service, which of the statement is INCORRECT?

  • A. Retention period for audit events cannot be modified
  • B. Events logged by the Audit service can be viewed by using the Console, API, or the SDK for Java
  • C. REST API calls can be recorded by Audit service
  • D. Audit Events gets collected when modification within objects stored in an Object Storage bucket

正解:D


質問 # 60
Which resources can be used to create and manage from Vault Service ? Select TWO correct answers

  • A. Cloud Guard
  • B. Keys
  • C. IAM
  • D. Secret

正解:B、D

解説:


質問 # 61
When creating an OCI Vault, which factors may lead to select the Virtual Private Vault ? Select TWO correct answers

  • A. Ability to back up the vault
  • B. To mask Pll data for non-production environment
  • C. Greater degree of isolation
  • D. Need for more than 9211 key versions

正解:A、C

解説:


質問 # 62
A number of malicious requests for a web application is coming from a set of IP addresses originating from Antartica.
Which of the following statement will help to reduce these types of unauthorized requests ?

  • A. List specific set of IP addresses then deny rules in Virtual Cloud Network Security Lists
  • B. Delete NAT Gateway from Virtual Cloud Network
  • C. Use WAF policy using Access Control Rules
  • D. Change your home region in which your resources are currently deployed

正解:C


質問 # 63
Which OCI cloud service lets you centrally manage the encryption keys that protect your data and the secret credentials that you use to securely access resources?

  • A. Cloud Guard
  • B. Vault
  • C. Data Safe
  • D. Data Guard

正解:B

解説:
Oracle Cloud Infrastructure Vault is a managed service that lets you centrally manage the encryption keys that protect your data and the secret credentials that you use to securely access resources. Vaults securely store master encryption keys and secrets that you might otherwise store in configuration files or in code. Specifically, depending on the protection mode, keys are either stored on the server or they are stored on highly available and durable hardware security modules (HSM) that meet Federal Information Processing Standards (FIPS) 140-2 Security Level 3 security certification.
https://docs.oracle.com/en-us/iaas/Content/KeyManagement/Concepts/keyoverview.htm


質問 # 64
Which challenge is generally the first level of bot mitigation, but not sufficient with more advanced bot tools?

  • A. CAPTCHA challenge
  • B. JavaScript challenge
  • C. Device fingerprint challenge
  • D. Human interaction challenge

正解:B


質問 # 65
Which statement is not true about Cloud Security Posture?

  • A. Problems are defined by the type of detector that creates them: activity or configuration.
  • B. Problems can be resolved, dismissed, or remediated.
  • C. Problems contain data about the specific type of issue that was found.
  • D. Problems are created when Cloud Guard discovers a deviation from a responder rule.

正解:D

解説:
https://www.oracle.com/security/cloud-security/what-is-cspm/


質問 # 66
In which two ways can you improve data durability in Oracle Cloud Infrastructure Object Storage?

  • A. Enable client-side encryption
  • B. Setup volumes in a RAID1 configuration
  • C. Enable Versioning
  • D. Enable server-side encryption
  • E. Limit delete permissions

正解:B


質問 # 67
You want software that can automatically collect and aggregate log data generated throughout your organization's infrastructure, analyze it, and send alerts if it detects a deviation from the norm.
Which software must you use?

  • A. Security Event Management (SEM)
  • B. Security Information and Event Management (SIEM)
  • C. Security Information Management (SIM)
  • D. Security Integration Management (SIM)

正解:B


質問 # 68
You want to make API calls against other OCI services from your instance without configuring user credentials. How would you achieve this?

  • A. Create a dynamic group and add your instance.
  • B. Create a dynamic group and add a policy.
  • C. Create a group and add a policy.
  • D. No configuration is required for making API calls.

正解:B

解説:
DYNAMIC GROUP
Dynamic groups allow you to group Oracle Cloud Infrastructure instances as principal actors, similar to user groups. You can then create policies to permit instances in these groups to make API calls against Oracle Cloud Infrastructure services. Membership in the group is determined by a set of criteria you define, called matching rules. https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm


質問 # 69
Which tasks can you perform on a dedicated virtual machine host?

  • A. Capacity reservations
  • B. Creating instance pools
  • C. Manual scaling
  • D. Instance configurations

正解:C

解説:
Supported features: Most of the Compute features for VM instances are supported for instances running on dedicated virtual machine hosts. However, the following features are not supported:
Autoscaling
Capacity reservations
Instance configurations
Instance pools
Burstable instances
Reboot migration. You can use manual migration instead
https://docs.oracle.com/en-us/iaas/Content/Compute/Concepts/dedicatedvmhosts.htm#Dedicated_Virtual_Machine_Hosts


質問 # 70
Where is sensitive configuration data (like certificates, and credentials) is stored by Kubernetes cluster control plane?

  • A. Block Volume
  • B. Oracle Functions
  • C. ETCD
  • D. Boot Volume

正解:C

解説:


質問 # 71
As a security administrator, you found out that there are users outside your co network who are accessing OCI Object Storage Bucket. How can you prevent these users from accessing OCI resources in corporate network?

  • A. Create PAR to restrict access the access
  • B. Make OCI resources private instead of public
  • C. Create an 1AM policy and create WAF rules
  • D. Create an 1AM policy and add a network source

正解:D

解説:


質問 # 72
What is the matching rule syntax for a single condition?

  • A. Option D
  • B. Option B
  • C. Option C
  • D. Option A

正解:C

解説:


質問 # 73
Which statement is true about origin management in WAF?
Statement A: Multiple origins can be defined.
Statement B: Only a single origin can be active for a WAF.

  • A. Only statement B is true.
  • B. Both the statements are true.
  • C. Only statement A is true.
  • D. Both the statements are false.

正解:B


質問 # 74
......

Oracle 1z0-1104-22公式認定ガイドPDF:https://www.goshiken.com/Oracle/1z0-1104-22-mondaishu.html

関するブログ

もっと
1z0-1104-22無料問題集