Oracle Cloud Infrastructure 2022 Security Professional (1z0-1104-22) Free Practice Test

Question 1

A http web server hosted on an Oracle cloud infrastructure compute instance in a public subnet of the vcsl virtual cloud network has a stateless security ingress rule for port 80 access through internet gateway stateful network security group notification for port 80 how will the Oci vcn handle request response traffic to the compute instance for a web page from the http server with port 80?

A. the union of both configuration would happen and allow both inbound and outbound traffic

B. network security group would supersede the security utility list and allow both inbound and outbound traffic

C. Because there is no Egress ruled defined in Security List, The Response would not pass through Internet Gateway.

D. due to the conflict in security configuration inbound request traffic would not be allowed

Correct Answer: C

Question 2

When creating an OCI Vault, which factors may lead to select the Virtual Private Vault ? Select TWO correct answers

A. Need for more than 9211 key versions

B. To mask Pll data for non-production environment

C. Ability to back up the vault

D. Greater degree of isolation

Correct Answer: C,D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 3

You subscribe to a PaaS service that follows the Shared Responsibility model.
Which type of security is your responsibility?

A. Guest OS

B. Network

C. Infrastructure

D. Data

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 4

Which IAM policy should be created to give XYZ the ability to list contents of a resource excluding the f needs to authenticate in prod compartment ? Principle of least priviledge should be used.

A. Allow group XYZ to manage all resources in compartment != prod

B. Allow group XYZ to use all resources in compartment != prod

C. Allow group XYZ to inspect all resources in tenancy where target.compartment.name != prod

D. Allow group XYZ to read all resources in tenancy where target.compartment.name != prod

Correct Answer: C

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 5

Which type of file system does file storage use?

A. Paravirtualized

B. NVMe

C. SSD

D. iSCSI

E. NFSv3

Correct Answer: E

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 6

Which statement is true about standards?

A. They are methods and instructions on how to maintain or accomplish the directives of the policy.

B. They are result of a regulation or contractual requirement or an industry requirement.

C. They may be audited.

D. They are the foundation of corporate governance.

Correct Answer: B

Question 7

You are using a custom application with third-party APIs to manage application and data hosted in an Oracle Cloud Infrastructure (OCI) tenancy. Although your third-party APIs don't support OCI's signature-based authentication, you want them to communicate with OCI resources. Which authentication option must you use to ensure this?

A. API Signing Key

B. OCI username and Password

C. SSH Key Pair with 2048-bit algorithm

D. Auth Token

Correct Answer: D

Question 8

you want to create a stateless rule for SSH in security list and the ingress role has already been properly configured what combination should you use on the engress role what commination should you use on the egress rule?

A. select tcp for protocol: enter 22 for source port" and 22 for destination port

B. select tcp for protocol: enter all for source port" and 22 for destination port.

C. select tcp for protocol: enter 22 for source port" and all for destination port

D. select udp for protocol: enter 22 for source port" and all for destination port

Correct Answer: B

Question 9

An e-commerce company needs to authenticate with third-party API that don't support OCI's signature-based authentication.
What can be the solution for the above scenario?

A. Asymmetric keys

B. Auth Token/Swift Password

C. Security Token

D. API Key Authentication

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 10

As a solutions architect, you need to assist operations team to write an I AM policy to give users in group-uat1 and group- uat2 access to manage all resources in the compartment Uat. Which is the CORRECT IAM policy ?

A. Allow group group-uat1 group-uat2 to manage all resources in compartment Uat

B. Allow any-user to manage all resources in compartment Uat where request.group=/group-uat/*

C. Allow any-user to manage all resources in tenancy where target.compartment= Uat

D. Allow group /group-uat*/ to manage all resources in compartment Uat

Correct Answer: A

Welcome to TestSimulate

Oracle Cloud Infrastructure 2022 Security Professional (1z0-1104-22) Free Practice Test