1z0-1104-23試験無料問題集（172題）「Oracle Cloud Infrastructure 2023 Security Professional 認定」

出題：1

Oracle Object Storage achieves data durability by which of the mechanisms ? Select TWO correct answers

A. Redundant Storage across availability domains

B. Redundant Array of IndependentDisks

C. Service Gateway

D. Object Versioning

正解：A,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which two are monitored by Cloud Guard in OCI, which can help with the overall security posture? (Choose two.)

A. masks sensitive data and monitors security controls on your Databases

B. monitors user activity that can be unauthorized or suspicious

C. helps detects misconfigured resources, such as publicly accessible storage buckets, in-stances, and restricted ports on security lists

D. prevents you from creating misconfigurations on your resources in OCI

正解：B,C 解答を投票する

出題：3

you are part of security operation of an organization with thousand of your users accessing Oracle cloud infrastructure it was reported that an unknown user action was executedresulting in configuration error you are tasked to quickly identify the details of all users who were active in the last six hours also with any rest API call that were executed. Which oci feature should you use?

A. audit analysis dashboard

B. objectcollectionrule

C. management agent log integration

D. service connector hub

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

A company has OCI tenancy which has mount target associated with two File Systems, CG_1 and CG_2. These FileSystems are accessed by IP-based clients AB_1 and AB_2 respectively. As a security administrator, how can you provide access to both clients such that CGI has Read only access on AB1 and CG_2 has Read/Write access on AB_2?

A. Access Control Lists

B. NFS Export Option

C. Vault

D. NFS v3 Unix Security

正解：B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Your company has implemented a new VPN connection policy, three months after you connected your on-premises network to Oracle Cloud Infrastructure (OCI). Your chief security officer has instructed you to edit the IPSec connection and replace the shared secrets with the new ones that he has provided. Where do you edit the shared secrets? (Choose the best Answer.)

A. Dynamic Routing Gateway

B. IPsec connection

C. Customer Premises Equipment

D. Individual tunnels

正解：A 解答を投票する

出題：6

A company has OCI tenancy which has mount target associated with two 1 punto File Systems, CG_1 and CG_2. These File Systems are accessed by IPbased clients AB_1 and AB_2 respectively. As a security administrator, how can you provide access to both clients such that CGI has Read only access on AB1 and CG_2 has Read/Write access on AB_2? OR In your Oracle Cloud Infrastructure (OCI) tenancy, you have a mount target that is associated with two file systems, IS A and rs a. These file systems are being accessed by two IP-based clients, CT_A and CT_B respectively. You need to provide access to both clients, such that CT_A has Read and Write access on FS _A and CT_B has Read Only access on FS_B. Which option would you use? (Choose the best Answer.)

A. NFS Unix Security

B. NFS Export Options

C. IAM Service

D. Security List

正解：B 解答を投票する

出題：7

How do you enable server-side encryption in an Oracle Cloud Infrastructure (OCI) Object Storage bucket? (Choose the best Answer.)

A. By uploading your encryption key to OCI Vault and associating it with the bucket you want to encrypt.

B. By uploading encrypted objects will enable the encryption in the objects.

C. By default, server-side encryption is enabled and requires no user action.

D. By updating the buckets metadata value for encrypted_bucket to "true"

正解：C 解答を投票する

出題：8

How can you increase the expiration of a pre-authenticated request (PAR) associated with a bucket? (Choose the best Answer.)

A. Find the Identity and Access Management (IAM) policy associated with the PAR. De-fine the desired expiration in the policy

B. You cannot edit a pre-authenticated request. Delete the pre-authenticated request and recreate with the desired expiration

C. Edit the pre-authenticated request and define the desired expiration

D. Edit the bucket metadata and change the expiration date.

正解：B 解答を投票する

出題：9

Which securityissues can be identified by Oracle Vulnerability Scanning Service? Select TWO correct answers

A. CISpublished Industry-standard benchmarks

B. Distributed Denial of Service (DDoS)

C. Ports that are unintentionally left open can be a potential attack vector for cloud resources

D. SQL Injection

正解：A,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

What does the following identity policy do?
Allow group my-group to use fn-invocation in compartment ABC where target.function.id = '<function-OCID>'

A. Enables users to invoke just one specific function

B. Enables users to invoke all the functions in a specific application

C. Enables users in a group to create, update, and delete ALL applications and functions in a compartment

D. Enables users to invoke all the functions in a compartment except for one specific function

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

1z0-1104-23試験無料問題集「Oracle Cloud Infrastructure 2023 Security Professional 認定」