1z0-1104-22無料問題集「Oracle Cloud Infrastructure 2022 Security Professional」

質問 1

How can you establish private connectivity over two VCN within same OCI region without traversing the traffic over public internet ?

（A）Data Guard

（B）NAT Gateway

（C）Local VCN Peering

（D）Remote VCN Peering

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

What must be configured for a load balancer to accept incoming traffic?

（A）SSL certificate

（B）Service Gateway

（C）Route table entry pointing to the listener IP address

（D）Listener

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

As a security architect, how can you prevent unwanted bots while desirable bots are allowed to enter?

（A）Data Guard

（B）Web Application Firewall (WAF)

（C）Vault

（D）Compartments

正解：B 解答を投票する

質問 4

you want to create a stateless rule for SSH in security list and the ingress role has already been properly configured what combination should you use on the engress role what commination should you use on the egress rule?

（A）select udp for protocol: enter 22 for source port" and all for destination port

（B）select tcp for protocol: enter 22 for source port" and 22 for destination port

（C）select tcp for protocol: enter all for source port" and 22 for destination port.

（D）select tcp for protocol: enter 22 for source port" and all for destination port

正解：C 解答を投票する

質問 5

An automobile company needs to configure Bastion Managed SSH session to a compute instance in a private subnet. What are the TWO prerequisites to configure successfully?

（A）SSH port forwarding should be enabled

（B）NAT or Service Gateway should be attached to the private subnet

（C）There is no need for any gateway in private subnet

（D）Route rule to a NAT or Service Gateway should be associated with the subnet of the route table

正解：B、D 解答を投票する

質問 6

Which component helps move logging data to other services, such as archiving log data in object storage?

（A）Service Log Category

（B）Service Connector Hub

（C）Agent Configuration

（D）Unified Monitoring Agent

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which architecture is based on the principle of "never trust, always verify"?

（A）Federated identity

（B）Defense in depth

（C）Fluid perimeter

（D）Zero trust

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

You are using a custom application with third-party APIs to manage application and data hosted in an Oracle Cloud Infrastructure (OCI) tenancy. Although your third-party APIs don't support OCI's signature-based authentication, you want them to communicate with OCI resources. Which authentication option must you use to ensure this?

（A）Auth Token

（B）API Signing Key

（C）OCI username and Password

（D）SSH Key Pair with 2048-bit algorithm

正解：A 解答を投票する

質問 9

Which statements are CORRECT about Security Zone policy in OCI ? Select TWO correct answers

（A）Bucket can't be moved from a security zone to a standard compartment

（B）Block volume can be moved from a security zone to a standard compartment

（C）Resources in a security zone must be accessible from internet

（D）Resources in a security zone must be encrypted using customer-managed keys

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Which of the following is necessary step when creating a secret in vault?

（A）Shamir's secret sharing algorithm should be used to unseal the vault

（B）Object Storage must be created to run secret service

（C）Digest Hash should be created of the secret value

（D）Vault-managed key is necessary to encrypt the secret

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

1z0-1104-22 無料問題集「Oracle Cloud Infrastructure 2022 Security Professional」

弊社を連絡する

関連リンク

トップ試験