1z0-1104-23 試験問題 36
your company has hired a consulting firm to audit your oracle cloud infrastructure activity and configuration you have created a set of users who will be performing the audit, you assigned these user to the orgauditgrp group. the auditor required the ability to see the configuration of all resources within tenant and you have agreed to exempt the dev compartment from the audit.
which IAM policy should be created to grant the orgauditgrp the ability to look at configuration for all resources except for those resources inside the dev compartment?
which IAM policy should be created to grant the orgauditgrp the ability to look at configuration for all resources except for those resources inside the dev compartment?
1z0-1104-23 試験問題 37
A company has OCI tenancy which has mount target associated with two 1 punto File Systems, CG_1 and CG_2. These File Systems are accessed by IPbased clients AB_1 and AB_2 respectively. As a security administrator, how can you provide access to both clients such that CGI has Read only access on AB1 and CG_2 has Read/Write access on AB_2? OR In your Oracle Cloud Infrastructure (OCI) tenancy, you have a mount target that is associated with two file systems, IS A and rs a. These file systems are being accessed by two IP-based clients, CT_A and CT_B respectively. You need to provide access to both clients, such that CT_A has Read and Write access on FS _A and CT_B has Read Only access on FS_B. Which option would you use? (Choose the best Answer.)
1z0-1104-23 試験問題 38
Challenge 4 - Task 2 of 6
Configure Web Application Firewall to Protect Web Server Against XSS Attack Scenario You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.
To ensure that the configured WAF blocks the XSS attack, run the following script: [http://<public- ip-enforcement-point>/index.html?<p style="background:url(javascript:alert(1))"](http://<public- ip-enforcement-point>/index.html?<p style="background:url(javascript:alert(1))">) To complete this deployment, you have to perform the following tasks in the environment provisioned for you:
Configure a Virtual Cloud Network (VCN)
Create a Compute Instance and install the Web Server
Create a Load Balancer and update Security List
Create a WAF policy
Configure Protection Rules against XSS attacks
Verify the created environment against XSS attacks
Note: You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.
Complete the following task in the provisioned OCI environment:
Create a Compute Instance with the name IAD-SP-PBT-VM-01, using the Oracle Linux 8 image and VM.Standard2.1 shape.
SSH to the compute instance using Cloud Shell.
Install and configure Apache web server:
a. Install Apache server:
sudo yum -y install httpd
b. Enable Apache and start Apache server:
bash
sudo systemctl enable httpd
sudo systemctl restart httpd
c. Create a firewall rule to enable HTTP connection through port 80 and reload the firewall:
css
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --reload
d. Create an index file for your web server:
vbnet
sudo bash -c 'echo You are visiting Web Server 1 >>
/var/www/html/index.html'
Configure Web Application Firewall to Protect Web Server Against XSS Attack Scenario You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.
To ensure that the configured WAF blocks the XSS attack, run the following script: [http://<public- ip-enforcement-point>/index.html?<p style="background:url(javascript:alert(1))"](http://<public- ip-enforcement-point>/index.html?<p style="background:url(javascript:alert(1))">) To complete this deployment, you have to perform the following tasks in the environment provisioned for you:
Configure a Virtual Cloud Network (VCN)
Create a Compute Instance and install the Web Server
Create a Load Balancer and update Security List
Create a WAF policy
Configure Protection Rules against XSS attacks
Verify the created environment against XSS attacks
Note: You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.
Complete the following task in the provisioned OCI environment:
Create a Compute Instance with the name IAD-SP-PBT-VM-01, using the Oracle Linux 8 image and VM.Standard2.1 shape.
SSH to the compute instance using Cloud Shell.
Install and configure Apache web server:
a. Install Apache server:
sudo yum -y install httpd
b. Enable Apache and start Apache server:
bash
sudo systemctl enable httpd
sudo systemctl restart httpd
c. Create a firewall rule to enable HTTP connection through port 80 and reload the firewall:
css
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --reload
d. Create an index file for your web server:
vbnet
sudo bash -c 'echo You are visiting Web Server 1 >>
/var/www/html/index.html'
1z0-1104-23 試験問題 39
Which is NOT a compliance document?
1z0-1104-23 試験問題 40
Which component helps move logging data to other services, such as archiving log data in object storage?