This page was exported from Latest Exam Prep [ http://certify.vceprep.com ] Export date:Sat Sep 21 12:22:28 2024 / +0000 GMT ___________________________________________________ Title: Provide Oracle 1z0-1104-23 Dumps Updated Jan 07, 2024 With 96 QA's [Q28-Q48] --------------------------------------------------- Provide Oracle 1z0-1104-23 Dumps Updated Jan 07, 2024 With 96 QA's Latest 1z0-1104-23 Dumps for Success in Actual Oracle Certified QUESTION 28Which resources can be used to create and manage from Vault Service ? Select TWO correct answers  Secret  IAM  Keys  Cloud Guard ExplanationGraphical user interface, text, application Description automatically generatedQUESTION 29As a lead Security Architect, you have tasked to restrict access to and from the worker nodes in pods running in Oracle Container Engine for Kubernetes?  Cloud Guard  Vulnerability Scanning  Security Lists  Identity and Access Management ExplanationGraphical user interface, text, application, email Description automatically generatedQUESTION 30what is the use case for Oracle cloudinfrastructure logging analytics service?  monitors, aggregates, indexes and analyzes all log data from on-premises.  labels data packets that pass through the internet gateway  automatically create instances to collect logs analysis and send reports  automatically and manage any log based on a subscription model ExplanationOracle Cloud Infrastructure Logging Analytics is a machine learning-based cloud service that monitors, aggregates, indexes, and analyzes all log data from on-premises and multicloud environments. Enabling users to search, explore, and correlate this data to troubleshoot and resolve problems faster and derive insights to make better operational decisions.https://www.oracle.com/manageability/logging-analytics/QUESTION 31You are using a custom application with third-party APIs to manage application and data hosted in an Oracle Cloud Infrastructure(OCI) tenancy. Although your third-party APIs don’t support OCI’s signature-based authentication, you want them to communicate with OCI resources. Which authentication option must you use to ensure this?  SSH Key Pair with 2048-bit algorithm  OCI username and Password  Auth Token  API Signing Key ExplanationAn auth token in OCI is an Oracle-generated token that you can use to authenticate with third-party APIs78. This can be useful when the third-party APIs do not support OCI’s signature-based authenticationQUESTION 32You create a new compartment, “apps,” to host some production apps and you create an apps_group and added users to it.What would you do to ensure the users have access to the apps compartment?  Add an IAM policy for the individual users to access the apps compartment.  Add an IAM policy for apps_group granting access to the apps compartment.  Add an lAM policy to attach tenancy to the apps group.  No action is required. ExplanationIn Oracle Cloud Infrastructure, you can ensure that users have access to a specific compartment by adding an IAM policy for the group those users belong to, granting access to that compartment45.QUESTION 33You want software that can automatically collect and aggregate log data generated throughout your organization’s infrastructure, analyze it, and send alerts if it detects a deviation from the norm.Which software must you use?  Security Information Management (SIM)  SecurityEvent Management (SEM)  Security Integration Management (SIM)  Security Information and Event Management (SIEM) ExplanationSIEM software can automatically collect and aggregate log data generated throughout your organization’s infrastructure, analyze it, and send alerts if it detects a deviation from the norm23.QUESTION 34You have configured the Management Agent on an Oracle Cloud Infrastructure (OCI) Linux instance for log ingestion purposes.Which is a required configuration for OCI Logging Analytics service to collect data from multiple logs of this Instance?  Log – Log Group Association  Entity – Log Association  Source – Entity Association  Log Group – Source Association For OCI Logging Analytics service to collect data from multiple logs of an instance, a Source – Entity Association is required1. A source in Logging Analytics defines the metadata about the log data you want to collect, and an entity represents the source of the log data1. You associate sources with entities, and these associations instruct the Management Agent on your instance what log data to collect1.QUESTION 35Logical isolation for resources is provided by which OCI feature?  Tenancy  Availability Zone  Region  Compartments ExplanationCompartments in Oracle Cloud Infrastructure (OCI) are a fundamental component that allows you to create a heterogeneous collection of resources for organization, security isolation, and access control123. They provide a global logical namespace where policies can be enforced, similar to folders in a file system3. By being global, they stretch out to all OCI regions within a given tenancy3.QUESTION 36Select the component that encompasses the overall configuration of your WAF service on OCI.  Protection rules  Bot Management  Web Application Firewall policy  Origin ExplanationWAF Policy ManagementProvides an overview of web application firewall (WAF) policies, including their creation, updating, and deletion.WAF policies encompass the overall configuration of your WAF service, includingaccess rules, rate limiting rules, and protection rules.https://docs.oracle.com/en-us/iaas/Content/WAF/Policies/waf-policy_management.htmQUESTION 37A company has OCI tenancy which has mount target associated with two File Systems, CG_1 and CG_2.These FileSystems are accessed by IP-based clients AB_1 and AB_2 respectively. As a security administrator, how can you provide access to both clients such that CGI has Read only access on AB1 and CG_2 has Read/Write access on AB_2?  NFS Export Option  Access Control Lists  NFS v3 Unix Security  Vault ExplanationGraphical user interface, text, application, email Description automatically generatedQUESTION 38Which component helps move logging data to other services, such as archiving log data in object storage?  Agent Configuration  Unified Monitoring Agent  Service Connector Hub  Service Log Category ExplanationService Connector HubService Connector Hub moves logging data to other services in Oracle Cloud Infrastructure. For example, use Service Connector Hub to alarm on log data, send log data to databases, and archive log data to Object Storage. For more information, see Service Connector Hub.https://docs.oracle.com/en-us/iaas/Content/Logging/Concepts/loggingoverview.htmQUESTION 39Which type of software do you use to centrally distributeand monitor the patch level of systems throughout the enterprise?  Network Monitor software  Web Application Firewall  Patch Management software  Recovery Manager software Explanationhttps://docs.oracle.com/cd/E11857_01/em.111/e18710/T531901T535649.htmQUESTION 40What would you use to make Oracle Cloud Infrastructure Identity and Access Management govern resources in a tenancy?  Policies  Users  Dynamic groups  Groups ExplanationPOLICYA document that specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy itself. If you give a group access to the tenancy, the group automatically gets the same type of access to all the compartments inside the tenancy. For more information, see Example Scenario and How Policies Work. The word “policy” is used by people in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named “policy” document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization usesto control access to resources.https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htmQUESTION 41What is the minimum active storage duration for logs used by Logging Analytics to be archived?  60 days  10 days  30 days  15 days https://docs.oracle.com/en-us/iaas/logging-analytics/doc/manage-storage.html#:~:text=The%20minimum%20Ac The minimum Active Storage Duration (Days) for logs before they can be archived is 30 days.QUESTION 42Which parameters customers need to configure while reading secrets by name using CL1 or API? Select TWO correct answers.  Certificates  Secret Name  ASCII Value  Vault Id ExplanationGraphical user interface, text, application, email Description automatically generatedQUESTION 43When using Management Agent to collect logs continuously, which is therequired configuration for OCI Logging Analytics to retrieve data from numerous logs for an instance?  Source-Entity Association  Entity – Source Association  Agent – Entity Association  Entity – Agent Association ExplanationQUESTION 44Which OCI cloud service lets you centrally manage the encryption keys thatprotect your data and the secret credentials that you use to securely access resources?  Data Safe  Cloud Guard  Data Guard  Vault ExplanationOracle Cloud Infrastructure Vault is a managed service that lets you centrally manage the encryption keysthat protect your data and the secret credentials that you use to securely access resources. Vaults securely store master encryption keys and secrets that you might otherwise store in configuration files or in code.Specifically, depending on the protection mode, keys are either stored on the server or they are stored on highly available and durable hardware security modules (HSM) that meet Federal Information Processing Standards (FIPS) 140-2 Security Level 3 security certification.https://docs.oracle.com/en-us/iaas/Content/KeyManagement/Concepts/keyoverview.htmQUESTION 45What does the following identity policy do?Allow group my-group to use fn-invocation in compartment ABC where target.function.id ='<function-OCID>’  Enables users in a group to create, update, and delete ALL applications and functions in a compartment  Enables users to invoke all the functions in a specific application  Enables users to invoke just one specific function  Enables users to invoke all the functions in a compartment except for one specific function ExplanationThe policy Allow group my-group to use fn-invocation in compartment ABC where target.function.id ='<function-OCID>’ gives the group my-group permission to invoke a specific function (identified by its OCID) in the compartment ABC. The fn-invocation verb allows a group to invoke a function, and the condition where target.function.id = ‘<function-OCID>’ ensures that only the specified function can be invoked by this groupQUESTION 46What information do youget by using the Network Visualizer tool?  State of subnets in a VCN  Interconnectivity of VCNs  Routes defined between subnets and gateways  Organization of subnets and VLANs across availability domains Explanationhttps://docs.oracle.com/en-us/iaas/Content/Network/Concepts/network_visualizer.htm You can view and understand the following from this diagram:How VCNs are inter-connectedHow on-premises networks are connected (using FastConnect or Site-to-Site VPN) Which routing entities (DRGs and so on) control trafficrouting How your transit routing is configuredQUESTION 47An e-commerce company needs to authenticate with third-party API that don’t support OCI’s signature-based authentication.What can be the solution for the above scenario?  Security Token  API Key Authentication  Asymmetric keys  Auth Token/Swift Password ExplanationGraphical user interface, text, application, email Description automatically generatedQUESTION 48Which components are a part of the OCI Identity and Access Management service?  Policies  Regional subnets  Compute instances  VCN Explanationhttps://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm Loading … Changing the Concept of 1z0-1104-23 Exam Preparation 2024: https://www.vceprep.com/1z0-1104-23-latest-vce-prep.html --------------------------------------------------- Images: https://certify.vceprep.com/wp-content/plugins/watu/loading.gif https://certify.vceprep.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2024-01-07 13:43:40 Post date GMT: 2024-01-07 13:43:40 Post modified date: 2024-01-07 13:43:40 Post modified date GMT: 2024-01-07 13:43:40