Oracle Cloud Infrastructure 2023 Security Professional - 1z0-1104-23 FREE EXAM DUMPS QUESTIONS & ANSWERS

Which cache rules criterion matches if the concatenation of the requested URL path and query are identical to the contents of the value field?

You have subscribed to a tenancy, in which you want to isolate the OCI resources from different users logically for governance. Which OCI resource will help you achieve logical separation? (Choose the best Answer.)

Hardware Security Modules (HSMs) in Oracle Key Management meet which Federal In-formation Processing Standards (FIPS) standard security certification that requires HSMs to be tamper-resistant and authentication to be identity-based? (Choose the best Answer.)

When configuring inter-tenancy virtual cloud network (VCN) peering using local peering gateways (LPG), which OCID do you need from the other tenancy to properly configure the Requestor and Acceptor identity Access Management (IAM) policies? (Choose the best Answer.)

your company has hired a consulting firm to audit your oracle cloud infrastructure activity and configuration you have created a set of users who will be performing the audit, you assigned these user to the orgauditgrp group. the auditor required the ability to see the configuration of all resources within tenant and you have agreed to exempt the dev compartment from the audit.
which IAM policy should be created to grant the orgauditgrp the ability to look at configuration for all resources except for those resources inside the dev compartment?

Challenge 4 - Task 3 of 6
Configure Web Application Firewall to Protect Web Server Against XSS Attack Scenario You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.
To ensure that the configured WAF blocks the XSS attack, run the following script: [http://<public- ip-enforcement-point>/index.html?<p style="background:url(javascript:alert(1))"](http://<public- ip-enforcement-point>/index.html?<p style="background:url(javascript:alert(1))">) To complete this deployment, you have to perform the following tasks in the environment provisioned for you:
Configure a Virtual Cloud Network (VCN)
Create a Compute Instance and install the Web Server
Create a Load Balancer and update Security List
Create a WAF policy
Configure Protection Rules against XSS attacks
Verify the created environment against XSS attacks

Note: You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.
Complete the following task in the provisioned OCI environment:
Go to the VCN IAD-WAF-PBT-VCN-01.
Create a Security List with the name IAD-SP-PBT-LB-SL-01.
Create a Public subnet named LB-Subnet-IAD-SP-PBT-SNET-02 and attach the above-created security list.
Create a Load Balancer with the name IAD-SP-PBT-LB-01.
Create a Listener Name with the name IAD_SP_PBT_LB_LISN_01.
Add appropriate Ingress and Egress rules to IAD-SP-PBT-LB-SL-01, to allow http traffic to the Load Balancer subnet.

What is the use case for Oracle Cloud Infrastructure (OCI) Logging Analytics service? (Choose the best Answer.)

Which two Cloud Guard tasks can be configured using API or Console? (Choose two.)

which three resources are required to encrypt a block volume with the customer managed key?

Which two services can leverage Vault symmetric encryption keys for data-at-rest? (Choose two.) OR Which OCI services can encrypt all data-at-rest? (Choose two.)