What is the minimum active storage duration for logs used by Logging Analytics to be archived?
The minimum Active Storage Duration (Days) for logs before they can be archived is30 days.
Which components are a part of the OCI Identity and Access Management service?
Which WAF service component must be configured to allow, block, or log network requests when
they meet specified criteria?
Protection rules can be configured to either allow, block, or log network requests when they meet
the specified criteria of a protection rule. The WAF will observe traffic to your web application over
time and suggest new rules to apply.
Which statement is true about standards?
Which cache rules criterion matches if the concatenation of the requested URL path and query are
identical to the contents of the value field?
URL_IS:Matches if the concatenation of request URL path and query is identical to the contents of
thevaluefield. URL must start with a/.
Which is NOT a compliance document?
Types of Compliance Documents
When viewing compliance documents, you can filter on the following types:
Attestation.A Payment Card Industry (PCI) Data Security Standard (DSS) Attestation of Compliance
Audit.A general audit report.
Bridge Letter (BridgeLetter).A bridge letter. Bridge letters provide compliance information for the
period of time between the end date of an SOC report and the date of the release of a new SOC
Certificate.A document indicating certification by a particular authority, with regard to certification
requirements and examination results conforming to said requirements.
SOC3.A Service Organization Controls 3 audit report that provides information relating to a service
organization's internal controls for security, availability, confidentiality, and privacy.
Other.A compliance document that doesn't fit into any of the preceding, more specific categories.
On which option do you set Oracle Cloud Infrastructure Budget?
How Budgets Work
Budgets are set on
or on compartments (including the root compartment) to track
all spending in that cost-tracking tag or for that compartment and its children.
Which OCI cloud service lets you centrally manage the encryption keys that protect your data and the
secret credentials that you use to securely access resources?
Oracle Cloud Infrastructure Vaultis a managed service that lets you centrally manage the encryption
keys that protect your data and the secret credentials that you use to securely access resources.
Vaults securely store master encryption keys and secrets that you might otherwise store in
configuration files or in code. Specifically, depending on the protection mode, keys are either stored
on the server or they are stored on highly available and durable hardware security modules (HSM)
that meet Federal Information Processing Standards (FIPS) 140-2 Security Level 3 security
Which type of file system does file storage use?
TheFile Storageservice supports the Network File System version 3.0 (NFSv3) protocol. The service
supports the Network Lock Manager (NLM) protocol for file locking functionality.
Which Oracle Cloud Service provides restricted access to target resources?
Oracle Cloud Infrastructure Bastionprovides restricted and time-limited access to target resources
that don't have public endpoints.
How can you convert a fixed load balancer to a flexible load balancer?
Which architecture is based on the principle of “never trust, always verify”?
Ransomware and breaches are top of the news cycle and a major concern for organizations big and
small. So, many are now looking at the Zero Trust architecture and its primary principle never trust,
always verify to provide greater protection.
, the Zero Trust security market is projected to grow from USD 15.6 billion
in 2019 to USD 38.6 billion by 2024 and that sounds right based on the large number of companies
pitching their Zero Trust wares at RSA 2020.
The enterprise was well represented at the conference and there was a tremendous amount of
interest in Zero Trust. Interestingly, even though Zero Trust environments are often made up of
several solutions from multiple vendors it hasnt prevented each of the vendors from evangelizing
their flavors of Zero Trust. This left the thousands of attendees to attempt to cut through the Zero
Trust buzz and noise and make their own conclusions to the best approach.
Which type of firewalls are designed to protect against web application attacks, such as SQL injection
and cross-site scripting?
SQL injections. Cross-site scripting. Distributed denial of service (DDoS) attacks. Botnets. These are
just some of the cyber-weapons increasingly being used by malicious actors to target web
applications, cause data breaches, and expose sensitive business information.
Oracle WAF uses a multilayered approach to protect web applications from a host of cyberthreats
including malicious bots, application layer (L7) DDoS attacks, cross-site scripting, SQL injection, and
vulnerabilities defined by the Open Web Application Security Project (OWASP). When a threat is
identified, Oracle WAF automatically blocks it and alerts security operations teams so they can
What does an audit log event include?
The HTTP header fields and values in the request.
Which is NOT a part of Observability and Management Services?