Real Oracle 1z0-1104-23 Exam Dumps with Correct 96 Questions and Answers
Valid 1z0-1104-23 Test Answers & Oracle 1z0-1104-23 Exam PDF
NEW QUESTION # 54
You want to make API calls against other OCI services from your instance without configuring user credentials. How would you achieve this?
- A. Create a dynamic group and add apolicy.
- B. No configuration is required for making API calls.
- C. Create a dynamic group and add your instance.
- D. Create a group and add a policy.
Answer: A
Explanation:
Explanation
DYNAMIC GROUP
Dynamic groups allow you to group Oracle Cloud Infrastructure instances as principalactors, similar to user groups. You can then create policies to permit instances in these groups to make API calls against Oracle Cloud Infrastructure services. Membership in the group is determined by a set of criteria you define, called matching rules.https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
NEW QUESTION # 55
Oracle Object Storage achieves data durability by which of the mechanisms ? Select TWO correct answers
- A. Service Gateway
- B. Redundant Storage across availability domains
- C. Object Versioning
- D. Redundant Array of IndependentDisks
Answer: B,C
Explanation:
Explanation
Graphical user interface, text, application, email Description automatically generated
NEW QUESTION # 56
Which is NOT a compliance document?
- A. Attestation
- B. Bridge letter
- C. Certificate
- D. Penetration test report
Answer: D
Explanation:
Explanation
Types of Compliance Documents
When viewing compliance documents, you can filter onthe following types:
Attestation. A Payment Card Industry (PCI) Data Security Standard (DSS) Attestation of Compliance document.
Audit. A general audit report.
Bridge Letter (BridgeLetter). A bridge letter. Bridge letters provide compliance information forthe period of time between the end date of an SOC report and the date of the release of a new SOC report.
Certificate. A document indicating certification by a particular authority, with regard to certification requirements and examination results conforming to said requirements.
SOC3. A Service Organization Controls 3 audit report that provides information relating to a service organization's internal controls for security, availability, confidentiality, and privacy.
Other. A compliance document that doesn't fit into any of the preceding, more specific categories.
https://docs.oracle.com/en-us/iaas/Content/ComplianceDocuments/Concepts/compliancedocsoverview.htm
NEW QUESTION # 57
What is the minimum active storage duration for logs used by Logging Analytics to be archived?
- A. 15 days
- B. 60 days
- C. 10 days
- D. 30 days
Answer: D
Explanation:
https://docs.oracle.com/en-us/iaas/logging-analytics/doc/manage-storage.html#:~:text=The%20minimum%20Ac The minimum Active Storage Duration (Days) for logs before they can be archived is 30 days.
NEW QUESTION # 58
Which of these protects customer data at rest and in transit in a way that allows customers to meet their security and compliance requirements forcryptographic algorithms and key management?
- A. Identity Federation
- B. Data encryption
- C. Security controls
- D. Customer isolation
Answer: B
Explanation:
Explanation
DATA ENCRYPTION
Protect customer data at-rest and in-transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management.
https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htm
NEW QUESTION # 59
As a Security Admin you want to inspect the metadata and actual data in your Oracle databases to discover sensitive data and provide comprehensive results listing the sensitive columns and related information. Which Data Safe feature will help you to achieve the above requirement ?
- A. User Assessment
- B. Data Masking
- C. Security Assessment
- D. Data Discovery
Answer: D
Explanation:
Explanation
Graphical user interface, text, application, email Description automatically generated
NEW QUESTION # 60
Which of the following services are NOT Security Services in OCI ? Select TWO answers.
- A. Vault
- B. Cloud Guard
- C. Data Guard
- D. Block Volume
Answer: C,D
Explanation:
Data Guard is a feature of Oracle Database that provides a set of tools to manage data availability, and it's not a security service. It provides a comprehensive set of services that create, maintain, manage, and monitor one or more standby databases to enable production Oracle databases to survive disasters and data corruptions. You can find more details about this in the Oracle Data Guard documentation.
Block Volume is a storage service in OCI, not a security service. It provides scalable block storage using NVMe SSDs or spinning HDDs. You can find more details about this in the Oracle Cloud Infrastructure documentation
NEW QUESTION # 61
You create a new compartment, "apps," to host some production apps and you create an apps_group and added users to it.
What would you do to ensure the users have access to the apps compartment?
- A. Add an lAM policy to attach tenancy to the apps group.
- B. Add an IAM policy for apps_group granting access to the apps compartment.
- C. Add an IAM policy for the individual users to access the apps compartment.
- D. No action is required.
Answer: B
Explanation:
Explanation
In Oracle Cloud Infrastructure, you can ensure that users have access to a specific compartment by adding an IAM policy for the group those users belong to, granting access to that compartment45.
NEW QUESTION # 62
Which statement is not true about Cloud Security Posture?
- A. Problems are created when Cloud Guard discovers a deviation from a responder rule.
- B. Problems can be resolved, dismissed, or remediated.
- C. Problems are defined by the type of detector that creates them: activity or configuration.
- D. Problems contain data about the specific type of issue that was found.
Answer: A
Explanation:
Explanation
https://www.oracle.com/security/cloud-security/what-is-cspm/
NEW QUESTION # 63
Cloud Guard detected a risk score of zeroin the dashboard, what does this mean ?
- A. Larger number of problems that have high risk levels ( HIGH or CRITICAL )
- B. No problem detected for any resource
- C. LOW or MINOR issues
- D. Risk score doesn't say anything. These are just numbers
Answer: B
Explanation:
Explanation
Graphical user interface, text, application Description automatically generated
NEW QUESTION # 64
Where are logs stored?
- A. OCI Object Storage
- B. OCI Block Storage
- C. Cloud Agent
- D. OCI File Storage
Answer: A
Explanation:
Explanation
You can collect log data continuously from Oracle CloudInfrastructure (OCI) Object Storage. To enable the log collection, create ObjectCollectionRule resource using REST API or CLI. After the successful creation of this resource and having the required IAM policies, the log collection will be initiated.
https://docs.oracle.com/en-us/iaas/logging-analytics/doc/collect-logs-your-oci-object-storage-bucket.html
NEW QUESTION # 65
Which Security Zone policy is NOT valid?
- A. A compute instance cannot be moved from a security zone to a standard compartment.
- B. Resources in asecurity zone should not be accessible from the public internet.
- C. A boot volume can be moved from a security zone to a standard compartment.
- D. Resources in a security zone must be automatically backed up regularly.
Answer: C
Explanation:
According to OCI's Security Zone policies, a boot volume cannot be moved from a security zone to a standard compartment23. This policy is in place to ensure that resources in a security zone are not moved to a potentially less secure standard compartment23.
NEW QUESTION # 66
Operations team has made a mistake in updating the secret contents and immediately need to resume usingolder secret contents in OCI Secret Management within a Vault.
As a Security Administrator, what step should you perform to rollback to last version? Select TWO correct answers.
- A. Mark the secret version as 'Rewind'
- B. Upload new secret and mark as 'Pending'. Promote this secret version as 'Current'
- C. Mark the secret version as 'deprecated'
- D. Mark the secret version as'Previous'
Answer: B,D
Explanation:
Explanation
Graphical user interface, text, application Description automatically generated
NEW QUESTION # 67
Which Oracle Data Safe feature minimizes the amount of personal data and allows internal test, development, and analytics teams to operate with reduced risk?
- A. data auditing
- B. data masking
- C. data discovery
- D. security assessment
- E. data encryption
Answer: B
Explanation:
Explanation
Data masking in Oracle Data Safe minimizes the amount of personal data and allows internal test, development, and analytics teams to operate with reduced risk91011. It replaces sensitive or confidential information in non-production databases with realistic and fully functional data with similar characteristics as the original data
NEW QUESTION # 68
You are using a custom application with third-party APIs to manage application and data hosted in an Oracle Cloud Infrastructure(OCI) tenancy. Although your third-party APIs don't support OCI's signature-based authentication, you want them to communicate with OCI resources. Which authentication option must you use to ensure this?
- A. OCI username and Password
- B. SSH Key Pair with 2048-bit algorithm
- C. Auth Token
- D. API Signing Key
Answer: C
Explanation:
Explanation
An auth token in OCI is an Oracle-generated token that you can use to authenticate with third-party APIs78. This can be useful when the third-party APIs do not support OCI's signature-based authentication
NEW QUESTION # 69
......
1z0-1104-23 Exam Questions and Valid PMP Dumps PDF: https://examsboost.validbraindumps.com/1z0-1104-23-exam-prep.html