1Z0-1104-22 Oracle Cloud Infrastructure Security 2022 Professional Exam

Earn associated certifications

Passing this exam is required to earn these certifications. Select each certification title below to view full requirements.

Oracle Cloud Infrastructure 2022 Certified Security Professional

Format: Multiple Choice
Duration: 90 Minutes
Exam Price: $245
Number of Questions: 55
Passing Score: 65%
Validation: This exam has been validated against Oracle Cloud Infrastructure 2022
Policy: Cloud Recertification

Prepare to pass exam: 1Z0-1104-22
This certification comes under the Cloud Recertification policy

The Oracle Cloud ​Infrastructure Security ​certification is intended for ​professionals who are ​responsible for security in ​their Oracle Cloud ​Infrastructure environments. ​The target candidate should ​have 2+ years of experience ​in designing and implementing ​security solutions. ​Additionally, the ​candidate should have 6 ​months or more of hands-on ​experience in securing ​workloads on OCI. The exam ​validates the following OCI ​Security topics:​

Working knowledge of OCI security services to provide a secure cloud environment
Understanding of OCI Identity and Access Management service and features
Understanding of OCI mechanisms to secure data and database workloads
Understanding of network security in OCI
Understanding of how to secure applications in OCI
Understanding of security operations, including monitoring, logging, and alerting
Familiarity with compliance frameworks
Up-to-date OCI training and hands-on experience are recommended. This certification is available to all candidates.

Take recommended training
Complete one of the courses below to prepare for your exam (optional):
Oracle Cloud Infrastructure Learning Subscription
Additional Preparation and Information
A combination of Oracle training and hands-on experience (attained via labs and/or field experience), in the learning subscription, provides the best preparation for passing the exam.

Review exam topics
Cloud Security Business Drivers and Challenges
Identify the Cloud Security use cases, challenges, and trends (e.g. IDaaS, SIEM, etc)
Manage Identity and Access
Design a scalable authorization model with users, groups, and policies
Implement conditional and advanced policies
Use Compartments to isolate resources
Configure Dynamic Groups, Network Sources, and Tag-Based Access Control
Understand MFA, Identity Federation, and SSO

Implement Infrastructure Security
Secure connectivity of virtual networks (DRG v2, Peering)
Secure connectivity of hybrid networks (Site-to-Site VPN, FastConnect)
Configure Network Security Groups (NSGs) and Security Lists
Describe the use case for VCN Flow Logs
Implement OCI Bastion
Configure Vulnerability Scanning
Configure security for OKE and Oracle Functions

Secure your Apps and Data
Configure and manage Keys in OCI Vault
Configure and manage Secrets in OCI Vault
Describe key capabilities provided by Data Safe
Configure security for Oracle Autonomous Database and DB Systems
Configure security for OCI storage services
Create and configure Web Application Firewall

Improve Cloud Security Posture
Discuss typical use cases for Cloud Guard
Execute configurations on Cloud Guard
Understand and implement Security Zones and Security Advisor

Manage Security Operations
Implement security monitoring and alerting
Design and implement a logging and logging analytics solution
Describe the use case for auditing and review OCI Audit Logs

Design for Security and Compliance
Describe OCI Shared Security Responsibility Model
Describe the use case for Penetration and Vulnerability Testing

 

Examkingdom Oracle 1Z0-1104-22 Exam Brain dump pdf, Certkingdom Oracle 1Z0-1104-22 Brain Dumps PDF

Best Oracle 1Z0-1104-22 Certification, Oracle 1Z0-1104-22 Brain Dumps Training at Certkingdom.com

---

QUESTION 1
A number of malicious requests for a web application is coming from a set of IP addresses
originating from Antartica. Which of the following statement will help to reduce these types of unauthorized requests ?

A. Delete NAT Gateway from Virtual Cloud Network
B. Use WAF policy using Access Control Rules
C. List specific set of IP addresses then deny rules in Virtual Cloud Network Security Lists
D. Change your home region in which your resources are currently deployed

Answer: B

Explanation:

---

QUESTION 2
Logical isolation for resources is provided by which OCI feature?

A. Tenancy
B. Availability Zone
C. Region
D. Compartments

Answer: D

Explanation:

---

QUESTION 3
As a security architect, how can you prevent unwanted bots while desirable bots are allowed to enter?

A. Data Guard
B. Vault
C. Compartments
D. Web Application Firewall (WAF)

Answer: D

Explanation:

---

QUESTION 4
As a solutions architect, you need to assist operations team to write an I AM policy to give users in group-uat1 and group- uat2 access to manage all resources in the compartment Uat. Which is the
CORRECT IAM policy ?

A. Allow any-user to manage all resources in tenancy where target.compartment= Uat
B. Allow any-user to manage all resources in compartment Uat where request.group=/group-uat/*
C. Allow group /group-uat*/ to manage all resources in compartment Uat
D. Allow group group-uat1 group-uat2 to manage all resources in compartment Uat

Answer: D

Explanation: