1z0-1104-25 Exam Dumps - Oracle Cloud Infrastructure 2025 Security Professional

Go to page:

Question # 9

"A company, ABC, is planning to launch a new web application on OCI. Based on past experiences, they expect a significant surge in traffic after the launch. You are responsible for ensuring that the application is highly available.

Which step would you perform to achieve this goal?

Use a Virtual Cloud Network (VCN) with subnets, security lists, and routing rules to isolate the web application from the Internet and other resources.

Implement security controls, such as web application firewalls, to protect against common attack vectors.

Configure Cloud Guard to prevent large amounts of traffic from reaching the web application.

Use a load balancer to distribute incoming traffic evenly across multiple instances of the web application."

Full Access

Question # 10

A company is securing its compute instances (VMs and Bare Metal Machines) in Oracle Cloud infrastructure (OCI) using a network firewall. As shown in the diagram, traffic flows from the internet Gateway (IGW) to the firewall in the Public DMZ Subnet, and then to the compute instances in the Public Subnet.

When configuring security lists and network security groups (NSGs) in this setup, what should they consider?

If the policy used with the firewall has no rules specified, the firewall allows all traffic.

Ensure that any security list or NSG rules allow the traffic to enter the firewall for appropriate evaluation.

Add stateful rules to the security list attached to the firewall subnet or include the firewall in an NSG containing stateful rules for better performance.

Security list and NSG rules associated with the firewall subnet and VNICs are evaluated after the firewall.

Full Access

Go to page: