Try Before You Buy

Download a free sample of any of our exam questions and answers

  • 24/7 customer support, Secure shopping site
  • Free One year updates to match real exam scenarios
  • If you failed your exam after buying our products we will refund the full amount back to you.
Free Download
  • Home
  • Articles
  • [Q40-Q55] Full 1z0-1104-21 Practice Test and 96 unique questions with explanations waiting just for you!

[Q40-Q55] Full 1z0-1104-21 Practice Test and 96 unique questions with explanations waiting just for you!

Share

Full 1z0-1104-21 Practice Test and 96 unique questions with explanations waiting just for you!

Oracle Cloud Infrastructure Dumps 1z0-1104-21 Exam for Full Questions - Exam Study Guide

NEW QUESTION 40
As a security administrator, you want to create cloud resources that align with Oracle's security principles and best practices. Which security service should you use?

  • A. Identity and Access Management
  • B. Security Advisor
  • C. Cloud Guard
  • D. Web Application Firewall (WAF)

Answer: B

Explanation:

 

NEW QUESTION 41
What does an audit log event include?

  • A. Audit type
  • B. Footer
  • C. Type of input
  • D. Header

Answer: D

Explanation:
The HTTP header fields and values in the request.
https://docs.oracle.com/en-us/iaas/Content/Audit/Reference/logeventreference.htm

 

NEW QUESTION 42
How can you establish private connectivity over two VCN within same OCI region without traversing the traffic over public internet ?

  • A. Data Guard
  • B. Remote VCN Peering
  • C. NAT Gateway
  • D. Local VCN Peering

Answer: D

Explanation:

 

NEW QUESTION 43
Where are logs stored?

  • A. Cloud Agent
  • B. OCI File Storage
  • C. OCI Block Storage
  • D. OCI Object Storage

Answer: D

Explanation:
You can collect log data continuously from Oracle Cloud Infrastructure (OCI) Object Storage. To enable the log collection, create ObjectCollectionRule resource using REST API or CLI. After the successful creation of this resource and having the required IAM policies, the log collection will be initiated.
https://docs.oracle.com/en-us/iaas/logging-analytics/doc/collect-logs-your-oci-object-storage-bucket.html

 

NEW QUESTION 44
Which statement is not true about Cloud Security Posture?

  • A. Problems contain data about the specific type of issue that was found.
  • B. Problems can be resolved, dismissed, or remediated.
  • C. Problems are defined by the type of detector that creates them: activity or configuration.
  • D. Problems are created when Cloud Guard discovers a deviation from a responder rule.

Answer: D

Explanation:
https://www.oracle.com/security/cloud-security/what-is-cspm/

 

NEW QUESTION 45
Which Oracle Cloud Service provides restricted access to target resources?

  • A. SSL certificate
  • B. Internet Gateway
  • C. Bastion
  • D. Load balancer

Answer: C

Explanation:
Bastion
Oracle Cloud Infrastructure Bastion provides restricted and time-limited access to target resources that don't have public endpoints.

https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_features.htm

 

NEW QUESTION 46
With regard to OCI Audit Log Service, which of the statement is INCORRECT?

  • A. Retention period for audit events cannot be modified
  • B. Events logged by the Audit service can be viewed by using the Console, API, or the SDK for Java
  • C. Audit Events gets collected when modification within objects stored in an Object Storage bucket
  • D. REST API calls can be recorded by Audit service

Answer: C

 

NEW QUESTION 47
Which component helps move logging data to other services, such as archiving log data in object storage?

  • A. Service Log Category
  • B. Service Connector Hub
  • C. Unified Monitoring Agent
  • D. Agent Configuration

Answer: B

Explanation:
Service Connector Hub
Service Connector Hub moves logging data to other services in Oracle Cloud Infrastructure. For example, use Service Connector Hub to alarm on log data, send log data to databases, and archive log data to Object Storage. For more information, see Service Connector Hub.
https://docs.oracle.com/en-us/iaas/Content/Logging/Concepts/loggingoverview.htm

 

NEW QUESTION 48
Logical isolation for resources is provided by which OCI feature?

  • A. Compartments
  • B. Availability Zone
  • C. Tenancy
  • D. Region

Answer: A

 

NEW QUESTION 49
An automobile company needs to configure Bastion Managed SSH session to a compute instance in a private subnet. What are the TWO prerequisites to configure successfully?

  • A. SSH port forwarding should be enabled
  • B. NAT or Service Gateway should be attached to the private subnet
  • C. There is no need for any gateway in private subnet
  • D. Route rule to a NAT or Service Gateway should be associated with the subnet of the route table

Answer: B,D

 

NEW QUESTION 50
What would you use to make Oracle Cloud Infrastructure Identity and Access Management govern resources in a tenancy?

  • A. Dynamic groups
  • B. Policies
  • C. Users
  • D. Groups

Answer: B

Explanation:
POLICY
A document that specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy itself. If you give a group access to the tenancy, the group automatically gets the same type of access to all the compartments inside the tenancy. For more information, see Example Scenario and How Policies Work. The word "policy" is used by people in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources.
https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm

 

NEW QUESTION 51
As a lead Security Architect, you have tasked to restrict access to and from the worker nodes in pods running in Oracle Container Engine for Kubernetes?

  • A. Identity and Access Management
  • B. Cloud Guard
  • C. Vulnerability Scanning
  • D. Security Lists

Answer: D

Explanation:

 

NEW QUESTION 52
Which statement is true about Oracle Cloud Infrastructure (OCI) Object Storage server-side encryption?

  • A. Encryption is not enabled by default.
  • B. Customer-provided encryption keys are never stored in OCI Vault service.
  • C. Each object in a bucket is always encrypted with the same data encryption key.
  • D. All the traffic to and from object storage is encrypted by using Transport Layer Security.

Answer: D

 

NEW QUESTION 53
Which type of firewalls are designed to protect against web application attacks, such as SQL injection and cross-site scripting?

  • A. Stateful inspection firewall
  • B. Incident firewall
  • C. Web Application Firewall
  • D. Packet filtering firewall

Answer: C

Explanation:
SQL injections. Cross-site scripting. Distributed denial of service (DDoS) attacks. Botnets. These are just some of the cyber-weapons increasingly being used by malicious actors to target web applications, cause data breaches, and expose sensitive business information.
Oracle WAF uses a multilayered approach to protect web applications from a host of cyberthreats including malicious bots, application layer (L7) DDoS attacks, cross-site scripting, SQL injection, and vulnerabilities defined by the Open Web Application Security Project (OWASP). When a threat is identified, Oracle WAF automatically blocks it and alerts security operations teams so they can investigate further.
https://www.oracle.com/a/ocom/docs/security/oci-web-application-firewall.pdf

 

NEW QUESTION 54
A company has OCI tenancy which has mount target associated with two File Systems, CG_1 and CG_2. These File Systems are accessed by IP-based clients AB_1 and AB_2 respectively. As a security administrator, how can you provide access to both clients such that CGI has Read only access on AB1 and CG_2 has Read/Write access on AB_2?

  • A. Vault
  • B. Access Control Lists
  • C. NFS v3 Unix Security
  • D. NFS Export Option

Answer: C,D

Explanation:

 

NEW QUESTION 55
......

Authentic Best resources for 1z0-1104-21 Online Practice Exam: https://examtorrent.vce4dumps.com/1z0-1104-21-latest-dumps.html

Related Articles

more
Oracle 1z0-1104-21 Certification Practice Exam

Selecting right prep4sure dumps is the key to pass actual test, the accuracy of our dumps torrent and latest dumps will guarantee you high passing score.

Latest Prep4sure VCE Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 VCE4Dumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy