This page was exported from Free Exams Dumps Materials [ http://exams.dumpsmaterials.com ] Export date:Tue Dec 3 18:32:35 2024 / +0000 GMT ___________________________________________________ Title: 2022 The Most Effective 1z0-1104-22 with 95 Questions Answers [Q18-Q37] --------------------------------------------------- 2022 The Most Effective 1z0-1104-22 with 95 Questions Answers Try Free and Start Using Realistic Verified 1z0-1104-22 Dumps Instantly. QUESTION 18What would you use to make Oracle Cloud Infrastructure Identity and Access Management govern resources in a tenancy?  Policies  Users  Dynamic groups  Groups POLICYA document that specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy itself. If you give a group access to the tenancy, the group automatically gets the same type of access to all the compartments inside the tenancy. For more information, see Example Scenario and How Policies Work. The word “policy” is used by people in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named “policy” document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources.https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htmQUESTION 19You want to make API calls against other OCI services from your instance without configuring user credentials. How would you achieve this?  Create a dynamic group and add a policy.  Create a dynamic group and add your instance.  Create a group and add a policy.  No configuration is required for making API calls. DYNAMIC GROUPDynamic groups allow you to group Oracle Cloud Infrastructure instances as principal actors, similar to user groups. You can then create policies to permit instances in these groups to make API calls against Oracle Cloud Infrastructure services. Membership in the group is determined by a set of criteria you define, called matching rules. https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htmQUESTION 20Logical isolation for resources is provided by which OCI feature?  Tenancy  Availability Zone  Region  Compartments QUESTION 21you are part of security operation of an organization with thousand of your users accessing Oracle cloud infrastructure it was reported that an unknown user action was executed resulting in configuration error you are tasked to quickly identify the details of all users who were active in the last six hours also with any rest API call that were executed. Which oci feature should you use?  service connector hub  management agent log integration  objectcollectionrule  audit analysis dashboard QUESTION 22How can you convert a fixed load balancer to a flexible load balancer?  There is no way to covert the load balancer.  Use Update Shape workflows.  Delete the fixed load balancer and create a new one.  Using the Edit Listener option. QUESTION 23Which is NOT a part of Observability and Management Services?  Event Services  OCI Management Service  Logging Analytics  Logging https://www.oracle.com/in/manageability/QUESTION 24Which of these protects customer data at rest and in transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management?  Security controls  Customer isolation  Data encryption  Identity Federation DATA ENCRYPTIONProtect customer data at-rest and in-transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management.https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htmQUESTION 25your company has hired a consulting firm to audit your oracle cloud infrastructure activity and configuration you have created a set of users who will be performing the audit, you assigned these user to the orgauditgrp group. the auditor required the ability to see the configuration of all resources within tenant and you have agreed to exempt the dev compartment from the audit.which IAM policy should be created to grant the orgauditgrp the ability to look at configuration for all resources except for those resources inside the dev compartment?  allow group orgauditgrp to read all-resources in tenancy where target.compartment.name !=dev  allow group orgauditgrp to read all-resources in compartment !=dev  allow group orgauditgrp to inspect all-resources in tenancy where target compartment.name !=dev  allow group orgauditgrp to inspect all-resources in compartment !=dev QUESTION 26With regard to vulnerability and cloud penetration testing, which rules of engagement apply? Select TWO correct answers.  Any port scanning must be performed in an aggressive mode  Physical penetration and vulnerability testing of Oracle facilities is prohibited  Testing should target any other subscription or any other Oracle Cloud customer resources  You are responsible for any damages to Oracle Cloud customers that are caused by your testing activities QUESTION 27What does the following identity policy do?Allow group my-group to use fn-invocation in compartment ABC where target.function.id = ‘<function-OCID>’  Enables users in a group to create, update, and delete ALL applications and functions in a compartment  Enables users to invoke all the functions in a specific application  Enables users to invoke just one specific function  Enables users to invoke all the functions in a compartment except for one specific function QUESTION 28In which two ways can you improve data durability in Oracle Cloud Infrastructure Object Storage?  Setup volumes in a RAID1 configuration  Enable server-side encryption  Enable Versioning  Limit delete permissions  Enable client-side encryption QUESTION 29What is the minimum active storage duration for logs used by Logging Analytics to be archived?  60 days  10 days  30 days  15 days https://docs.oracle.com/en-us/iaas/logging-analytics/doc/manage-storage.html#:~:text=The%20minimum%20Active%20Storage%20Duration,be%20archived%20is%2030%20days.The minimum Active Storage Duration (Days) for logs before they can be archived is 30 days.QUESTION 30As a security administrator, you found out that there are users outside your co network who are accessing OCI Object Storage Bucket. How can you prevent these users from accessing OCI resources in corporate network?  Create an 1AM policy and create WAF rules  Create an 1AM policy and add a network source  Make OCI resources private instead of public  Create PAR to restrict access the access QUESTION 31Bot Management in OCI provides which of the features? Select TWO correct answers.  Bad Bot Denylist  CAPTCHA Challenge  IP Prefix Steering  Good Bot Allowlist QUESTION 32What does an audit log event include?  Audit type  Header  Footer  Type of input The HTTP header fields and values in the request.https://docs.oracle.com/en-us/iaas/Content/Audit/Reference/logeventreference.htmQUESTION 33Which OCI services can encrypt all data-at-rest ? Select TWO correct answers  File Storage  NAT Gateway  Block Volumes  Geolocation Steering QUESTION 34Which type of software do you use to centrally distribute and monitor the patch level of systems throughout the enterprise?  Network Monitor software  Web Application Firewall  Patch Management software  Recovery Manager software https://docs.oracle.com/cd/E11857_01/em.111/e18710/T531901T535649.htmQUESTION 35What must be configured for a load balancer to accept incoming traffic?  Service Gateway  SSL certificate  Listener  Route table entry pointing to the listener IP address A listener is an entity that checks for connection requests. The load balancer listener listens for ingress client traffic using the port you specify within the listener and the load balancer’s public IP.https://docs.oracle.com/en-us/iaas/Content/GSG/Tasks/loadbalancing.htmTo create a listener:On your Load Balancer Details page, click Listeners.Click Create Listener.Enter the following:Name: Enter a friendly name. Avoid entering confidential information.Protocol: Select HTTP.Port: Enter 80 as the port on which to listen for incoming traffic.Backend Set: Select the backend set you created.Click Create.QUESTION 36What are the security recommendations and best practices for Oracle Functions?  Grant privileges to UID and GID 1000, such that the functions running within a container acquire the default root capabilities.  Add applications to network security groups for fine-grained ingress/egress rules.  Define a policy statement that enables access to functions for requests coming from multiple IP addresses.  Ensure that functions in a VCN have restricted access to resources and services. https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/securitylists.htmQUESTION 37An automobile company needs to configure Bastion Managed SSH session to a compute instance in a private subnet. What are the TWO prerequisites to configure successfully?  NAT or Service Gateway should be attached to the private subnet  There is no need for any gateway in private subnet  SSH port forwarding should be enabled  Route rule to a NAT or Service Gateway should be associated with the subnet of the route table  Loading … Download Free Latest Exam 1z0-1104-22 Certified Sample Questions: https://www.dumpsmaterials.com/1z0-1104-22-real-torrent.html --------------------------------------------------- Images: https://exams.dumpsmaterials.com/wp-content/plugins/watu/loading.gif https://exams.dumpsmaterials.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-09-07 13:09:45 Post date GMT: 2022-09-07 13:09:45 Post modified date: 2022-09-07 13:09:45 Post modified date GMT: 2022-09-07 13:09:45