• Home
  • Articles
  • Actual 1z0-1085-22 Exam Recently Updated Questions with Free Demo [Q16-Q37]

Actual 1z0-1085-22 Exam Recently Updated Questions with Free Demo [Q16-Q37]

Share

Actual 1z0-1085-22 Exam Recently Updated Questions with Free Demo

Free Oracle 1z0-1085-22 Exam Questions Self-Assess Preparation

NEW QUESTION 16
Which feature is not component of Oracle cloud Infrastructure identity and Access management service?

  • A. Network Security Group
  • B. User Credential
  • C. Policies
  • D. federation

Answer: A

Explanation:
Components of IAM
RESOURCE
The cloud objects that your company's employees create and use when interacting with Oracle Cloud Infrastructure. For example: compute instances, block storage volumes, virtual cloud networks (VCNs), subnets, route tables, etc.
USER
An individual employee or system that needs to manage or use your company's Oracle Cloud Infrastructure resources. Users might need to launch instances, manage remote disks, work with your virtual cloud network, etc. End users of your application are not typically IAM users. Users have one or more IAM credentials (see User Credentials).
GROUP
A collection of users who all need the same type of access to a particular set of resources or compartment.
DYNAMIC GROUP
A special type of group that contains resources (such as compute instances) that match rules that you define (thus the membership can change dynamically as matching resources are created or deleted). These instances act as "principal" actors and can make API calls to services according to policies that you write for the dynamic group.
NETWORK SOURCE
A group of IP addresses that are allowed to access resources in your tenancy. The IP addresses can be public IP addresses or IP addresses from a VCN within your tenancy. After you create the network source, you use policy to restrict access to only requests that originate from the IPs in the network source.
COMPARTMENT
A collection of related resources. Compartments are a fundamental component of Oracle Cloud Infrastructure for organizing and isolating your cloud resources. You use them to clearly separate resources for the purposes of measuring usage and billing, access (through the use of policies), and isolation (separating the resources for one project or business unit from another). A common approach is to create a compartment for each major part of your organization. For more information, see Setting Up Your Tenancy.
TENANCY
The root compartment that contains all of your organization's Oracle Cloud Infrastructure resources. Oracle automatically creates your company's tenancy for you. Directly within the tenancy are your IAM entities (users, groups, compartments, and some policies; you can also put policies into compartments inside the tenancy). You place the other types of cloud resources (e.g., instances, virtual networks, block storage volumes, etc.) inside the compartments that you create.
POLICY
A document that specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy itself. If you give a group access to the tenancy, the group automatically gets the same type of access to all the compartments inside the tenancy. For more information, see Example Scenario and How Policies Work. The word "policy" is used by people in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources.
HOME REGION
The region where your IAM resources reside. All IAM resources are global and available across all regions, but the master set of definitions reside in a single region, the home region. You must make changes to your IAM resources in your home region. The changes will be automatically propagated to all regions. For more information, see Managing Regions.
FEDERATION
A relationship that an administrator configures between an identity provider and a service provider. When you federate Oracle Cloud Infrastructure with an identity provider, you manage users and groups in the identity provider. You manage authorization in Oracle Cloud Infrastructure's IAM service. Oracle Cloud Infrastructure tenancies are federated with Oracle Identity Cloud Service by default.
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm

 

NEW QUESTION 17
You are required to host several files in a location that can be publicly accessible from anywhere in the world. Which Oracle Cloud Infrastructure (OCI) service should you use?

  • A. OCI File Storage
  • B. Oracle Functions
  • C. OCI Object Storage
  • D. OCI Storage Gateway
  • E. OCI Block Volume

Answer: C

 

NEW QUESTION 18
Which Oracle Cloud Infrastructure (OCI) service is best suited for running serverless apps?

  • A. Oracle Functions
  • B. Virtual Cloud Network
  • C. Streaming
  • D. Audit

Answer: A

Explanation:
Oracle Functions is a fully managed, multi-tenant, highly scalable, on-demand, Functions-as-a-Service platform. It is built on enterprise-grade Oracle Cloud Infrastructure and powered by the Fn Project open source engine. Use Oracle Functions (sometimes abbreviated to just Functions) when you want to focus on writing code to meet business needs.
The serverless and elastic architecture of Oracle Functions means there's no infrastructure administration or software administration for you to perform. You don't provision or maintain compute instances, and operating system software patches and upgrades are applied automatically. Oracle Functions simply ensures your app is highly-available, scalable, secure, and monitored. With Oracle Functions, you can write code in Java, Python, Node, Go, and Ruby (and for advanced use cases, bring your own Dockerfile, and Graal VM). You can then deploy your code, call it directly or trigger it in response to events, and get billed only for the resources consumed during the execution.
Oracle Functions is based on Fn Project. Fn Project is an open source, container native, serverless platform that can be run anywhere - any cloud or on-premises. Fn Project is easy to use, extensible, and performant. You can download and install the open source distribution of Fn Project, develop and test a function locally, and then use the same tooling to deploy that function to Oracle Functions.
You can access Oracle Functions using the Console, a CLI, and a REST API. You can invoke the functions you deploy to Oracle Functions using the CLI or by making signed HTTP requests.

 

NEW QUESTION 19
Which SLA type is not offered by Oracle Cloud Infrastructure compute service?

  • A. Service Plane
  • B. Data Plane
  • C. Control Plane
  • D. Performance Plane

Answer: A

Explanation:
Service Plane is NOT an SLA provided by OCI. See the table below:

 

NEW QUESTION 20
Which three components are part of Oracle Cloud Infrastructure (OCI) identity and access management service?

  • A. Users
  • B. Policies
  • C. Roles
  • D. Virtual Cloud Networks
  • E. Dynamic Groups
  • F. Compute Instances
  • G. Regional Subnets

Answer: A,B,E

Explanation:
Components of IAM
IAM uses the components described in this section. To better understand how the components fit together, see Example Scenario.
RESOURCE
The cloud objects that your company's employees create and use when interacting with Oracle Cloud Infrastructure. For example: compute instances, block storage volumes, virtual cloud networks (VCNs), subnets, route tables, etc.
USER
An individual employee or system that needs to manage or use your company's Oracle Cloud Infrastructure resources. Users might need to launch instances, manage remote disks, work with your virtual cloud network, etc. End users of your application are not typically IAM users. Users have one or more IAM credentials (see User Credentials).
GROUP
A collection of users who all need the same type of access to a particular set of resources or compartment.
DYNAMIC GROUP
A special type of group that contains resources (such as compute instances) that match rules that you define (thus the membership can change dynamically as matching resources are created or deleted). These instances act as "principal" actors and can make API calls to services according to policies that you write for the dynamic group.
NETWORK SOURCE
A group of IP addresses that are allowed to access resources in your tenancy. The IP addresses can be public IP addresses or IP addresses from a VCN within your tenancy. After you create the network source, you use policy to restrict access to only requests that originate from the IPs in the network source.
COMPARTMENT
A collection of related resources. Compartments are a fundamental component of Oracle Cloud Infrastructure for organizing and isolating your cloud resources. You use them to clearly separate resources for the purposes of measuring usage and billing, access (through the use of policies), and isolation (separating the resources for one project or business unit from another). A common approach is to create a compartment for each major part of your organization. For more information, see Setting Up Your Tenancy.
TENANCY
The root compartment that contains all of your organization's Oracle Cloud Infrastructure resources. Oracle automatically creates your company's tenancy for you. Directly within the tenancy are your IAM entities (users, groups, compartments, and some policies; you can also put policies into compartments inside the tenancy). You place the other types of cloud resources (e.g., instances, virtual networks, block storage volumes, etc.) inside the compartments that you create.
POLICY
A document that specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy itself. If you give a group access to the tenancy, the group automatically gets the same type of access to all the compartments inside the tenancy. For more information, see Example Scenario and How Policies Work. The word "policy" is used by people in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources.
HOME REGION
The region where your IAM resources reside. All IAM resources are global and available across all regions, but the master set of definitions reside in a single region, the home region. You must make changes to your IAM resources in your home region. The changes will be automatically propagated to all regions. For more information, see Managing Regions.
FEDERATION
A relationship that an administrator configures between an identity provider and a service provider. When you federate Oracle Cloud Infrastructure with an identity provider, you manage users and groups in the identity provider. You manage authorization in Oracle Cloud Infrastructure's IAM service. Oracle Cloud Infrastructure tenancies are federated with Oracle Identity Cloud Service by default.
https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm

 

NEW QUESTION 21
Which is NOT required to register and log support requests in My Oracle Support (MOS)?

  • A. Your tenancy OCID (Oracle Cloud Identifier)
  • B. Your Customer Support Identifier (CSl)
  • C. Your account password
  • D. Your resource OCID (Oracle Cloud Identifier)

Answer: D

Explanation:
You can open a support service request with Oracle Support
To create a service request:
Go to My Oracle Support and sign in.
If you are not signed in to Oracle Cloud Support, click Switch to Cloud Support at the top of the page.
Click Create Service Request.
Select the following from the displayed menus:
Service Type: Select Oracle Cloud Infrastructure from the list.
Service Name: Select the appropriate option for your organization.
Problem Type: Select your problem type from the list.
Enter your contact information.
Enter a Description, and then enter the required fields specific to your issue. For most Oracle Cloud Infrastructure issues you need to include the OCID (Oracle Cloud Identifier) for each resource you need help with. See Locating Oracle Cloud Infrastructure IDs for instructions on locating these.
Reference:
https://www.zerowait-state.com/blog/create-sr/

 

NEW QUESTION 22
Which Oracle cloud infrastructure capability can be used to protect against power failures within an availability Domain?

  • A. Data Plane
  • B. Services Cells
  • C. Top of Rack Switch
  • D. Fault Domains

Answer: D

Explanation:
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain contains three fault domains. Fault domains provide anti-affinity: they let you distribute your instances so that the instances are not on the same physical hardware within a single availability domain. A hardware failure or Compute hardware maintenance event that affects one fault domain does not affect instances in other fault domains. In addition, the physical hardware in a fault domain has independent and redundant power supplies, which prevents a failure in the power supply hardware within one fault domain from affecting other fault domains.
To control the placement of your compute instances, bare metal DB system instances, or virtual machine DB system instances, you can optionally specify the fault domain for a new instance or instance pool at launch time. If you don't specify the fault domain, the system selects one for you. Oracle Cloud Infrastructure makes a best-effort anti-affinity placement across different fault domains, while optimizing for available capacity in the availability domain. To change the fault domain for an instance, terminate it and launch a new instance in the preferred fault domain.
Use fault domains to do the following things:
Protect against unexpected hardware failures or power supply failures.
Protect against planned outages because of Compute hardware maintenance.
Reference:
https://blogs.oracle.com/cloud-infrastructure/using-availibility-domains-and-fault-domains-to-improve-application-resiliency

 

NEW QUESTION 23
Which statement about the Oracle Cloud Infrastructure (OCI) shared-security model is true?

  • A. You are responsible for securing the hypervisor within OCI compute service
  • B. You are responsible for managing security controls within the physical OCI network
  • C. You are responsible for securing all data that you place in OCI
  • D. You are not responsible for any aspect of security in OCI

Answer: C

Explanation:
Oracle Cloud Infrastructure offers best-in-class security technology and operational processes to secure its enterprise cloud services. However, for you to securely run your workloads in Oracle Cloud Infrastructure, you must be aware of your security and compliance responsibilities. By design, Oracle provides security of cloud infrastructure and operations (cloud operator access controls, infrastructure security patching, and so on), and you are responsible for securely configuring your cloud resources. Security in the cloud is a shared responsibility between you and Oracle.
In a shared, multi-tenant compute environment, Oracle is responsible for the security of the underlying cloud infrastructure (such as data-center facilities, and hardware and software systems) and you are responsible for securing your workloads and configuring your services (such as compute, network, storage, and database) securely.
In a fully isolated, single-tenant, bare metal server with no Oracle software on it, your responsibility increases as you bring the entire software stack (operating systems and above) on which you deploy your applications. In this environment, you are responsible for securing your workloads, and configuring your services (compute, network, storage, database) securely, and ensuring that the software components that you run on the bare metal servers are configured, deployed, and managed securely.
The responsibilities can be divided as:

 

NEW QUESTION 24
Which Oracle Cloud Infrastructure (OCI) service can be used to protect sensitive and regulated data in OCI database services?

  • A. OCI Audit
  • B. OCI OS management
  • C. Oracle Data Safe
  • D. Oracle Data Guard

Answer: C

Explanation:
Oracle Data Safe is a unified control center for your Oracle databases which helps you understand the sensitivity of your data, evaluate risks to data, mask sensitive data, implement and monitor security controls, assess user security, monitor user activity, and address data security compliance requirements.
Whether you're using an Autonomous Database or an Oracle DB system, Oracle Data Safe delivers essential data security capabilities as a service on Oracle Cloud Infrastructure.
Features of Oracle Data Safe:
Oracle Data Safe provides the following set of features for protecting sensitive and regulated data in Oracle Cloud databases, all in a single, easy-to-use management console:
1) Security Assessment helps you assess the security of your cloud database configurations. It analyzes database configurations, user accounts, and security controls, and then reports the findings with recommendations for remediation activities that follow best practices to reduce or mitigate risk.
2) User Assessment helps you assess the security of your database users and identify high risk users. It reviews information about your users in the data dictionary on your target databases, and calculates a risk score for each user. For example, it evaluates the user types, how users are authenticated, the password policies assigned to each user, and how long it has been since each user has changed their password. It also provides a direct link to audit records related to each user. With this information, you can then deploy appropriate security controls and policies.
3) Data Discovery helps you find sensitive data in your cloud databases. You tell Data Discovery what kind of sensitive data to search for, and it inspects the actual data in your database and its data dictionary, and then returns to you a list of sensitive columns. By default, Data Discovery can search for a wide variety of sensitive data pertaining to identification, biographic, IT, financial, healthcare, employment, and academic information.
4) Data Masking provides a way for you to mask sensitive data so that the data is safe for non-production purposes. For example, organizations often need to create copies of their production data to support development and test activities. Simply copying the production data exposes sensitive data to new users. To avoid a security risk, you can use Data Masking to replace the sensitive data with realistic, but fictitious data.
5) Activity Auditing lets you audit user activity on your databases so you can monitor database usage and be alerted of unusual database activities.

 

NEW QUESTION 25
Which three services Integrate with Oracle Cloud Infrastructure (OCI) Key Management?

  • A. Block Volume
  • B. Auto Scaling
  • C. Functions
  • D. Object Storage
  • E. Identity and Access Management
  • F. File Storage

Answer: A,D,F

Explanation:
DATA ENCRYPTION
Protect customer data at-rest and in-transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management The Oracle Cloud Infrastructure Block Volume service always encrypts all block volumes, boot volumes, and volume backups at rest by using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption. By default all volumes and their backups are encrypted using the Oracle-provided encryption keys. Each time a volume is cloned or restored from a backup the volume is assigned a new unique encryption key.
The File Storage service encrypts all file system and snapshot data at rest. By default all file systems are encrypted using Oracle-managed encryption keys. You have the option to encrypt all of your file systems using the keys that you own and manage using the Vault service.
Object Storage employs 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on the server. Each object is encrypted with its own data encryption key. Data encryption keys are always encrypted with a master encryption key that is assigned to the bucket. Encryption is enabled by default and cannot be turned off. By default, Oracle manages the master encryption key.
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Concepts/overview.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Concepts/objectstorageoverview.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/File/Concepts/filestorageoverview.htm Oracle Cloud Infrastructure Key Management is a managed service that enables you to encrypt your data using keys that you control.
IAM, Autoscaling and functions cannot be used with Key Management and hence are incorrect options.

 

NEW QUESTION 26
Which statement accurately describes an Oracle Cloud Infrastructure Region?

  • A. Each Fault Domain has multiple Availability Domains.
  • B. Each Availability Domain has three Fault Domains.
  • C. Each region has a single Fault Domain.
  • D. Each Availability Domain has a single Fault Domain.

Answer: B

Explanation:
Oracle Cloud Infrastructure is hosted in regions and availability domains. A region is a localized geographic area, and an availability domain is one or more data centers located within a region. A region is composed of one or more availability domains. Most Oracle Cloud Infrastructure resources are either region-specific, such as a virtual cloud network, or availability domain-specific, such as a compute instance. Traffic between availability domains and between regions is encrypted.
Availability domains are isolated from each other, fault tolerant, and very unlikely to fail simultaneously. Because availability domains do not share infrastructure such as power or cooling, or the internal availability domain network, a failure at one availability domain within a region is unlikely to impact the availability of the others within the same region.
The availability domains within the same region are connected to each other by a low latency, high bandwidth network, which makes it possible for you to provide high-availability connectivity to the internet and on-premises, and to build replicated systems in multiple availability domains for both high-availability and disaster recovery.
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain contains three fault domains. Fault domains provide anti-affinity: they let you distribute your instances so that the instances are not on the same physical hardware within a single availability domain. A hardware failure or Compute hardware maintenance event that affects one fault domain does not affect instances in other fault domains. In addition, the physical hardware in a fault domain has independent and redundant power supplies, which prevents a failure in the power supply hardware within one fault domain from affecting other fault domains.

 

NEW QUESTION 27
Which is NOT available to you whenever Oracle Cloud Infrastructure creates or resolves an incident?

  • A. Twitter notifications
  • B. Webhook notifications
  • C. Text Message notifications
  • D. Email notifications

Answer: A

Explanation:
The Oracle Cloud Infrastructure Notifications service broadcasts messages to distributed components through a publish-subscribe pattern, delivering secure, highly reliable, low latency and durable messages for applications hosted on Oracle Cloud Infrastructure and externally. Use Notifications to get notified when event rules are triggered or alarms are breached, or to directly publish a message.
Messages sent out as email by the Oracle Cloud Infrastructure Notifications service are processed and delivered through Oracle resources Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Notification/Concepts/notificationoverview.htm

 

NEW QUESTION 28
Which capability enables you to search, purchase, and start using software in your Oracle Cloud Infrastructure (OCI) tenancy?

  • A. OCI OS Management
  • B. OCI Registry
  • C. OCI Marketplace
  • D. OCI Resource Manager

Answer: C

Explanation:
Oracle Cloud Infrastructure Marketplace is an online store that offers solutions specifically for customers of Oracle Cloud Infrastructure. In the Oracle Cloud Infrastructure Marketplace catalog, you can find listings for two types of solutions from Oracle and trusted partners: images and stacks. These listing types include different categories of applications. Also, some listings are free and others require payment.
Images are templates of virtual hard drives that determine the operating system and software to run on an instance. You can deploy image listings on an Oracle Cloud Infrastructure Compute instance. Marketplace also offers stack listings. Stacks represent definitions of groups of Oracle Cloud Infrastructure resources that you can act on as a group. Each stack has a configuration consisting of one or more declarative configuration files. With an image or a stack, you have a customized, more streamlined way of getting started with a publisher's software.
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Marketplace/Concepts/marketoverview.htm

 

NEW QUESTION 29
Which is a key benefit of using oracle cloud infrastructure autonomous data warehouse?

  • A. Maintain root level acress to the underlying operating system
  • B. Scale both CPU and Storage without downtime
  • C. Apply database patches as they become available
  • D. No username and password required

Answer: B

Explanation:
Oracle Autonomous Data Warehouse is a cloud data warehouse service that eliminates virtually all the complexities of operating a data warehouse and securing data. It automates provisioning, configuring, securing, tuning, scaling, patching, backing up, and repairing of the data warehouse. Unlike other "fully managed" cloud data warehouse solutions that only patch and update the service, it also features elastic, automated scaling, performance tuning, security, and a broad set of built-in capabilities that enable machine learning analysis, simple data loading, and data visualizations.
Data Warehouse uses continuous query optimization, table indexing, data summaries, and auto-tuning to ensure consistent high performance even as data volume and number of users grows. Autonomous scaling can temporarily increase compute and I/O by a factor of three to maintain performance. Unlike other cloud services which require downtime to scale, Autonomous Data Warehouse scales while the service continues to run.

 

NEW QUESTION 30
Which describes a key benefit of using Oracle Cloud Infrastructure (OCI)?

  • A. Only bare metal workloads are supported on OCI.
  • B. With OCI, you can run only cloud-native workloads.
  • C. With OCI, you can only run Java based workloads on bare metal.
  • D. OCI offers consistent performance with a predictable pricing model.

Answer: D

Explanation:
https://www.oracle.com/in/cloud/pricing.html
- OCI offers consistent performance with a predictable pricing model - is the best suited answer.
- Only bare metal workloads are supported in OCI - False, since you can work with VMs etc too
- With OCI, you can run cloud native workloads - False, since you can work with on-premise by connecting it to OCI too.
- With OCI, you can only run Java based workloads on bare metal - False since Java is not the only programming language supported by OCI.

 

NEW QUESTION 31
___________________ is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud.

  • A. Oracle Cloud Infrastructure Container Engine for Deployment
  • B. Oracle Cloud Infrastructure Container Engine for Kubernetes
  • C. Oracle Cloud Infrastructure Container Engine for Docker
  • D. Oracle Cloud Infrastructure Container Engine for Containerization

Answer: B

Explanation:
Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. Use Container Engine for Kubernetes (sometimes abbreviated to just OKE) when your development team wants to reliably build, deploy, and manage cloud-native applications. You specify the compute resources that your applications require, and Container Engine for Kubernetes provisions them on Oracle Cloud Infrastructure in an existing OCI tenancy.
You can access Container Engine for Kubernetes to define and create Kubernetes clusters using the Console and the REST API. You can access the clusters you create using the Kubernetes command line (kubectl), the Kubernetes Dashboard, and the Kubernetes API.
Container Engine for Kubernetes is integrated with Oracle Cloud Infrastructure Identity and Access Management (IAM), which provides easy authentication with native Oracle Cloud Infrastructure identity functionality.

 

NEW QUESTION 32
Which CANNOT be used with My Oracle Support (MOS)?

  • A. Add or change a tenancy administrator
  • B. Reset the password or unlock the account for the tenancy administrator
  • C. Troubleshoot your resources in an Oracle Cloud Infrastructure Free Trial account
  • D. Request a Service Limit increase

Answer: C

Explanation:
Open a support service request with MOS option is available to paid accounts. Customers using only Always Free resources are not eligible for Oracle Support. Limited support is available to Free Tier accounts with Free Trial credits. After you use all of your credits or after your trial period ends (whichever comes first), you must upgrade to a paid account to access Oracle Support. If you choose not to upgrade and continue to use Always Free Services, you will not be eligible to raise a service request in My Oracle Support.
In addition to support for technical issues, use My Oracle Support if you need to:
* Reset the password or unlock the account for the tenancy administrator
* Add or change a tenancy administrator
* Request a service limit increase
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/GSG/Tasks/contactingsupport.htm

 

NEW QUESTION 33
Which is an example of Edge Services in Oracle Cloud Infrastructure (OCI)?

  • A. Web Application Firewall
  • B. Virtual Cloud Network (VCN)
  • C. Virtual Firewall
  • D. Object Storage

Answer: A

Explanation:
Oracle Cloud Infrastructure Web Application Firewall (WAF) is a cloud-based, Payment Card Industry (PCI) compliant, global security service that protects applications from malicious and unwanted internet traffic. WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications.
WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.
Reference:
https://blogs.oracle.com/cloud-infrastructure/innovation-in-edge-services-the-oracle-cloud-infrastructure-edge-network

 

NEW QUESTION 34
Which option provides the best performance for running OLTP workloads in Oracle Cloud Infrastructure?

  • A. OCI Dedicated Virtual Host
  • B. OCI Virtual Machine Instance
  • C. OCI Exadata DB Systems
  • D. OCI Autonomous Data Warehouse

Answer: C

Explanation:
On an Exadata DB system, all databases share dedicated storage servers which include flash storage. By default, the databases are given equal priority with respect to these resources. The Exadata storage management software uses a first come, first served approach for query processing. If a database executes a major query that overloads I/O resources, overall system performance can be slowed down.
The I/O Resource Management (IORM) allows you to assign priorities to your databases to ensure critical queries are processed first when workloads exceed their resource allocations. You assign priorities by creating directives that specify the number of shares for each database. The number of shares corresponds to a percentage of resources given to that database when I/O resources are stressed.
Directives work together with an overall optimization objective you set for managing the resources. The following objectives are available:
1) Auto - Recommended. IORM determines the optimization objective and continuously and dynamically determines the optimal settings, based on the workloads observed, and resource plans enabled.
2) Balanced - For critical OLTP and DSS workloads. This setting balances low disk latency and high throughput. This setting limits disk utilization of large I/Os to a lesser extent than low latency to achieve a balance between good latency and good throughput.
3) High throughput - For critical DSS workloads that require high throughput.
4) Low latency - For critical OLTP workloads. This setting provides the lowest possible latency by significantly limiting disk utilization.

 

NEW QUESTION 35
You are setting up a proof of concept (POC) and need to quickly establish a secure between an on-premises data center and Oracle Cloud Infrastructure (OCI).
Which OCI service should you implement?

  • A. Internet Gateway
  • B. VCN Peering
  • C. IPSec VPN
  • D. FastConnect

Answer: C

Explanation:
You can set up a single IPSec VPN with a simple layout that you might use for a proof of concept (POC).
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Tasks/settingupIPsec.htm It is possible to set up a site-to-site Virtual Private Network (VPN) Connection between your on-premises network (a data center or corporate LAN) and your Oracle virtual cloud network (VCN) over a secure encrypted VPN. The VPN connection uses industry-standard IPSec protocols. The Oracle service that provides site-to-site connectivity is named VPN Connect (also referred to as an IPSec VPN).

 

NEW QUESTION 36
Which statement about Oracle Cloud Infrastructure (OCI) shared security model is true?

  • A. You are responsible for managing security controls within the physical OCI network.
  • B. You are responsible for securing all data that you place in OCI
  • C. You are not responsible for any aspect of security in OCI.
  • D. You are responsible for securing the hypervisor within OCI Compute service.

Answer: B

Explanation:
Oracle Cloud Infrastructure offers best-in-class security technology and operational processes to secure its enterprise cloud services. However, for you to securely run your workloads in Oracle Cloud Infrastructure, you must be aware of your security and compliance responsibilities. By design, Oracle provides security of cloud infrastructure and operations (cloud operator access controls, infrastructure security patching, and so on), and you are responsible for securely configuring your cloud resources. Security in the cloud is a shared responsibility between you and Oracle.
In a shared, multi-tenant compute environment, Oracle is responsible for the security of the underlying cloud infrastructure (such as data-center facilities, and hardware and software systems) and you are responsible for securing your workloads and configuring your services (such as compute, network, storage, and database) securely.
In a fully isolated, single-tenant, bare metal server with no Oracle software on it, your responsibility increases as you bring the entire software stack (operating systems and above) on which you deploy your applications. In this environment, you are responsible for securing your workloads, and configuring your services (compute, network, storage, database) securely, and ensuring that the software components that you run on the bare metal servers are configured, deployed, and managed securely.
More specifically, your and Oracle's responsibilities can be divided into the following areas:
Identity and Access Management (IAM): As with all Oracle cloud services, you should protect your cloud access credentials and set up individual user accounts. You are responsible for managing and reviewing access for your own employee accounts and for all activities that occur under your tenancy. Oracle is responsible for providing effective IAM services such as identity management, authentication, authorization, and auditing.
Workload Security: You are responsible for protecting and securing the operating system and application layers of your compute instances from attacks and compromises. This protection includes patching applications and operating systems, operating system configuration, and protection against malware and network attacks. Oracle is responsible for providing secure images that are hardened and have the latest patches. Also, Oracle makes it simple for you to bring the same third-party security solutions that you use today.
Data Classification and Compliance: You are responsible for correctly classifying and labeling your data and meeting any compliance obligations. Also, you are responsible for auditing your solutions to ensure that they meet your compliance obligations.
Host Infrastructure Security: You are responsible for securely configuring and managing your compute (virtual hosts, containers), storage (object, local storage, block volumes), and platform (database configuration) services. Oracle has a shared responsibility with you to ensure that the service is optimally configured and secured. This responsibility includes hypervisor security and the configuration of the permissions and network access controls required to ensure that hosts can communicate correctly and that devices are able to attach or mount the correct storage devices.
Network Security: You are responsible for securely configuring network elements such as virtual networking, load balancing, DNS, and gateways. Oracle is responsible for providing a secure network infrastructure.
Client and Endpoint Protection: Your enterprise uses various hardware and software systems, such as mobile devices and browsers, to access your cloud resources. You are responsible for securing all clients and endpoints that you allow to access Oracle Cloud Infrastructure services.
Physical Security: Oracle is responsible for protecting the global infrastructure that runs all of the services offered in Oracle Cloud Infrastructure. This infrastructure consists of the hardware, software, networking, and facilities that run Oracle Cloud Infrastructure services.
Reference:
https://www.oracle.com/a/ocom/docs/oracle-cloud-infrastructure-security-architecture.pdf

 

NEW QUESTION 37
......


Oracle 1z0-1085-22 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Describe OCI App Dev services
  • Describe OCI Compute services
Topic 2
  • Describe OCI Identity and Access Management services
  • Discuss OCI Regions and Availability Domains
Topic 3
  • Describe OCI Observability and Management services
  • Describe the key features and components of OCI
Topic 4
  • Explain the OCI Pricing model
  • Explain the OCI Security model
Topic 5
  • Describe OCI Analytics and AI services
  • Describe OCI Security services
Topic 6
  • Explain the OCI SLA and Support model
  • Describe OCI Networking services

 

1z0-1085-22 Free Sample Questions to Practice One Year Update: https://lead2pass.troytecdumps.com/1z0-1085-22-troytec-exam-dumps.html

Related Articles

more
Oracle 1z0-1085-22 Certification Practice Exam

Copyright © 2026 TroytecDumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy