NO.98 Which type of software do you use to centrally distributeand monitor the patch level of systems throughout the enterprise?

NO.99 Which three Oracle Cloud Infrastructure (OCI) services are covered by Cloud Guard? (Choose three.)

NO.100 Challenge 4 – Task 3 of 6
Configure Web Application Firewall to Protect Web Server Against XSS Attack Scenario You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.
To ensure that the configured WAF blocks the XSS attack, run the following script: [http://<public- ip-enforcement-point>/index.html?<p style=”background:url(javascript:alert(1))”](http://<public- ip-enforcement-point>/index.html?<p style=”background:url(javascript:alert(1))”>) To complete this deployment, you have to perform the following tasks in the environment provisioned for you:
Configure a Virtual Cloud Network (VCN)
Create a Compute Instance and install the Web Server
Create a Load Balancer and update Security List
Create a WAF policy
Configure Protection Rules against XSS attacks
Verify the created environment against XSS attacks

Note: You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.
Complete the following task in the provisioned OCI environment:
Go to the VCN IAD-WAF-PBT-VCN-01.
Create a Security List with the name IAD-SP-PBT-LB-SL-01.
Create a Public subnet named LB-Subnet-IAD-SP-PBT-SNET-02 and attach the above-created security list.
Create a Load Balancer with the name IAD-SP-PBT-LB-01.
Create a Listener Name with the name IAD_SP_PBT_LB_LISN_01.
Add appropriate Ingress and Egress rules to IAD-SP-PBT-LB-SL-01, to allow http traffic to the Load Balancer subnet.

NO.101 Which OCI service canindex, enrich, aggregate, explore, search, analyze, correlate, visualize and monitor data?

NO.102 A number of malicious requests for a web application is coming from a set of IP addresses originating from Antartica.
Which of the following statement will help to reduce these types of unauthorized requests ?

NO.103 Which type of firewalls are designed to protect against web application attacks, such as SQL injection and cross-site scripting?

NO.104 Which Oracle Data Safe feature enables the internal test, development, and analytics teams to operate effectively while minimizing their exposure to sensitive data? (Choose the best Answer.)

NO.105 You want to make API calls against other OCI services from your instance without configuring user credentials. How would you achieve this?

NO.106 What is the minimum active storage duration for logs used by Logging Analytics to be archived?

NO.107 Bot Management in OCI provides which of the features? Select TWO correct answers.

NO.108 You want software that can automatically collect and aggregate log data generated throughout your organization’s infrastructure, analyze it, and send alerts if it detects a deviation from the norm.
Which software must you use?

NO.109 Challenge 4 – Task 5 of 6
Configure Web Application Firewall to Protect Web Server Against XSS Attack Scenario You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.
To ensure that the configured WAF blocks the XSS attack, run the following script: [http://<public- ip-enforcement-point>/index.html?<p style=”background:url(javascript:alert(1))”](http://<public- ip-enforcement-point>/index.html?<p style=”background:url(javascript:alert(1))”>) To complete this deployment, you have to perform the following tasks in the environment provisioned for you:
Configure a Virtual Cloud Network (VCN)
Create a Compute Instance and install the Web Server
Create a Load Balancer and update Security List
Create a WAF policy
Configure Protection Rules against XSS attacks
Verify the created environment against XSS attacks

Note: You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.
Complete the following task in the provisioned OCI environment:
1. Create a Protection Rule with name WAF-PBT-XSS-Protection against XSS attack. for protecting web server
2. Create a New Rule Action with name WAF-PBT-XSS-Action where http response code will be 503 (Service Unavailable).

NO.110 Which IAM policy should be created to give XYZ the ability to list contents of a resource excluding the fneeds to authenticatein prod compartment ? Principle of least priviledge should be used.

NO.111 Which VCNconfiguration is CORRECT with regard to VCN peering within a same region ?

NO.112 Challenge 4 – Task 4 of 6
Configure Web Application Firewall to Protect Web Server Against XSS Attack Scenario You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.
To ensure that the configured WAF blocks the XSS attack, run the following script: [http://<public- ip-enforcement-point>/index.html?<p style=”background:url(javascript:alert(1))”](http://<public- ip-enforcement-point>/index.html?<p style=”background:url(javascript:alert(1))”>) To complete this deployment, you have to perform the following tasks in the environment provisioned for you:
Configure a Virtual Cloud Network (VCN)
Create a Compute Instance and install the Web Server
Create a Load Balancer and update Security List
Create a WAF policy
Configure Protection Rules against XSS attacks
Verify the created environment against XSS attacks

Note: You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1.
Complete the following task in the provisioned OCI environment:
Create a WAF policy with the name IAD-SP-PBT-WAF-01_99233424-lab.user01 Eg: IAD-SP-PBT-WAF-01_99232403-lab.user02

NO.113 What would you use to make Oracle Cloud Infrastructure Identity and Access Management govern resources in a tenancy?

NO.114 When creating an OCI Vault, which factors may lead to select the Virtual Private Vault? Select TWO correct answers

NO.115 VCN Flow log record details about the traffic that has been denied or approved is based on which of the following statements?

NO.116 You are using a custom application with third-party APIs to manage application and data hosted in an Oracle Cloud Infrastructure(OCI) tenancy. Although your third-party APIs don’t support OCI’s signature-based authentication, you want them to communicate with OCI resources. Which authentication option must you use to ensure this?

NO.117 Which are the two responsibilities of Oracle when you move your IT infrastructure to Oracle Cloud Infrastructure (OCI)?

NO.118 You have created several Oracle Cloud Infrastructure Groups with the prefix of ‘Test’ in your tenancy. For example TestECommerce, TestCatalog, and TestAdministration. You want to create another group called TestGroupsAdmin to manage all the groups that start with “Test” except for the group TestAdministration.? (Choose the best Answer.)

NO.119 As a cloud network administrator, you have been tasked with defining ingress and egress access rules for microservices deployed as functions in Oracle Functions. In addition to defining some general access rules in the subnet’s security list, you define more fine-grained rules for different functions using Oracle Cloud Infrastructure (OCI) Network Security Groups (NSGs). Once the NSGs are created, where should they be attached in order to apply to a specific deployed function? (Choose the best Answer.)

NO.120 Which Oracle Data Safe feature minimizes the amount of personal data and allows internal test, development, and analytics teams to operate with reduced risk?

NO.121 What is the configuration to avoid publishing messages during the specified time range known as?

NO.122 You have configured Management Agent on an Oracle Cloud Infrastructure (OCI) Linux instance for log Ingestion purposes. OR When using Management Agent to collect logs continuously. Which is required configuration for OCI Logging Analytics service to collect data from multiple logs of this Instance? (Choose the best Answer.)