Most Recent Oracle 1Z0-1104-23 Exam Dumps

Prepare for the Oracle Cloud Infrastructure 2023 Security Professional exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the Oracle 1Z0-1104-23 exam and achieve success.

The questions for 1Z0-1104-23 were last updated on Apr 30, 2025.

Viewing page 1 out of 34 pages.
Viewing questions 1-5 out of 169 questions

Get All 169 Questions & Answers

Question No. 1

An HTTP Web Server hosted on an Oracle Cloud Infrastructure (OCI) compute instance in a public subnet of the VCN1 Virtual Cloud Network has a: * Stateless security ingress rule for port 80 access through Internet Gateway * Stateful Network Security Group notification for port 80 How will the OCI VCN handle request/response traffic to the compute instance for a web page from the HTTP server with port 80? (Choose the best Answer.)

ABecause there is no egress rule defined in Security List, the response would not pass through Internet Gateway.

BThe union of both configurations would happen and allow both inbound and outbound traffic.

CDue to the conflict in security configuration, inbound request traffic would not be al-lowed.

DNetwork Security Group would supersede the Security List and allow both inbound and outbound traffic.

Show Answer

Correct Answer: A

Question No. 2

Challenge 4 - Task 1 of 6

Configure Web Application Firewall to Protect Web Server Against XSS Attack

Scenario

You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.

To ensure that the configured WAF blocks the XSS attack, run the following script:[http:///index.html?

/index.html?

)

To complete this deployment, you have to perform the following tasks in the environment provisioned for you:

Configure a Virtual Cloud Network (VCN)

Create a Compute Instance and install the Web Server

Create a Load Balancer and update Security List

Create a WAF policy

Configure Protection Rules against XSS attacks

Verify the created environment against XSS attacks

Note:You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.

Complete the following task in the provisioned OCI environment:

Create a VCN using wizard with the name IAD-WAF-PBT-VCN-01

ASee the solution below in Explanation

Show Answer

Correct Answer: A

SOLUTION:

From the navigation menu, select Networking and then click Virtual Cloud Network.

In the left navigation pane, under List Scope, select <your working compartment> from the drop-down menu.

Click Start VCN Wizard.

Select Create VCN with Internet Connectivity and click Start VCN Wizard.

On the Configuration page, enter the following:

a)Name: IAD-WAF-PBT-VCN-01

b)Note: Leave all the other options in their default setting.

c)Click Next.

d)Verify the details on the Review and Create page.

Click Create to start creating the VCN and its resources.

Click View Virtual Cloud Network to verify the creation of the VCN and its resources.

You can now see that the VCN has been successfully created and is in the Available state, with the following components:

VCN

Public subnet

Private subnet

Internet gateway

NAT gateway

Service gateway

This format keeps the instructions intact while preserving the original content.

Question No. 3

Which IAM policy should be created to give XYZ the ability to list contents of a resource excluding the fneeds to authenticatein prod compartment ? Principle of least priviledge should be used.

AAllow group XYZ to manage all resources in compartment != prod

BAllow group XYZ to use all resources in compartment != prod

CAllow group XYZ to inspect all resources in tenancy where target.compartment.name != prod

DAllow group XYZ to read all resources in tenancy where target.compartment.name != prod

Show Answer

Correct Answer: C

Question No. 4

You want to make API calls against other OCI services from your instance without configuring user credentials. How would you achieve this?

ACreate a dynamic group and add apolicy.

BCreate a dynamic group and add your instance.

CCreate a group and add a policy.

DNo configuration is required for making API calls.

Show Answer

Correct Answer: A

DYNAMIC GROUP

Dynamic groups allow you to groupOracle Cloud Infrastructureinstances as principalactors, similar to user groups. You can then create policies to permit instances in these groups to make API calls againstOracle Cloud Infrastructureservices. Membership in the group is determined by a set of criteria you define, calledmatching rules.https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm

Question No. 5

Which statements are CORRECT about Multi-Factor Authentication in OCI ? Select TWO correct answers

AMembers of the Administrators group can disable MFA for other users

BUsers cannot enable MFA for themselves

CA user can registermultiple devices to use for MFA.

DMembers of the Administrators group cannot enable MFA for another user

Show Answer

Correct Answer: A, D

Unlock All Questions for Oracle 1Z0-1104-23 Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 169 Questions & Answers