1z0-1085-20 Free Practice Test

OCI budgets can be set on which two options?

1. A. Cost-tracking tags
2. B. Free-form tags
3. C. Compartments
4. D. Virtual Cloud Network
5. E. Tenancy

Correct Answer: AC
In OCI a budget can be used to set soft limits on your Oracle Cloud Infrastructure spending. You can set alerts on your budget to let you know when you might exceed your budget, and you can view all of your budgets and spending from one single place in the Oracle Cloud Infrastructure console.
Budgets are set on
· Cost-tracking tags
· Compartments (including the root compartment)

Which two Oracle Cloud Infrastructure resources can be used to group/categorize expenses?

1. A. Policies
2. B. Tags
3. C. Users
4. D. Compartments
5. E. Groups

Correct Answer: BD
You can do Costs Analysis in OCI and you can group and filter the cost by Tags or compartments To filter costs by dates
To filter costs by tags
To filter costs by compartments
To remove a compartment or tag filter

Oracle cloud Infrastructure is compliant with which three industry standards?

1. A. SOC 1 Type 2 and SOC 2 Type 2 attestations
2. B. NERC Critical Infrastructure Protection Standards
3. C. Health Insurance Portability and Accountability Act (HIPAA)
4. D. ISO 27001:2013 certification
5. E. Health Care Compliance Association (HCCA)

Correct Answer: ACD
Here is the official list of all industry standards that OCI complies with : https://www.oracle.com/in/cloud/cloud-infrastructure-compliance/

Which three services Integrate with Oracle Cloud Infrastructure (OCI) Key Management?

1. A. Functions
2. B. Block Volume
3. C. Object Storage
4. D. Auto Scaling
5. E. Identity and Access Management
6. F. File Storage

Correct Answer: BCF
DATA ENCRYPTION
Protect customer data at-rest and in-transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management
The Oracle Cloud Infrastructure Block Volume service always encrypts all block volumes, boot volumes, an volume backups at rest by using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption.
By default all volumes and their backups are encrypted using the Oracle-provided encryption keys. Each time a volume is cloned or restored from a backup the volume is assigned a new unique encryption key.
The File Storage service encrypts all file system and snapshot data at rest. By default all file systems are encrypted using Oracle-managed encryption keys. You have the option to encrypt all of your file systems using the keys that you own and manage using the Vault service.
Object Storage employs 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on the server. Each object is encrypted with its own data encryption key. Data encryption keys are always encrypted with a master encryption key that is assigned to the bucket. Encryption is enabled by default and cannot be turned off. By default, Oracle manages the master encryption key.

Which Oracle Cloud Infrastructure (OCI) service can be used to protect sensitive and regulated data in OCI database services?

1. A. Oracle Data Guard
2. B. OCI Audit
3. C. Oracle Data Safe
4. D. OCI OS management

Correct Answer: C
Oracle Data Safe is a unified control center for your Oracle databases which helps you understand the sensitivity of your data, evaluate risks to data, mask sensitive data, implement and monitor security controls, assess user security, monitor user activity, and address data security compliance requirements.
Whether you’re using an Autonomous Database or an Oracle DB system, Oracle Data Safe delivers essential data security capabilities as a service on Oracle Cloud Infrastructure.
Features of Oracle Data Safe:
Oracle Data Safe provides the following set of features for protecting sensitive and regulated data in Oracle Cloud databases, all in a single, easy-to-use management console:
1) Security Assessment helps you assess the security of your cloud database configurations. It analyzes database configurations, user accounts, and security controls, and then reports the findings with recommendations for remediation activities that follow best practices to reduce or mitigate risk.
2) User Assessment helps you assess the security of your database users and identify high risk users. It reviews information about your users in the data dictionary on your target databases, and calculates a risk score for
each user. For example, it evaluates the user types, how users are authenticated, the password policies assigned to each user, and how long it has been since each user has changed their password. It also provides a direct link to audit records related to each user. With this information, you can then deploy appropriate security controls and policies.
3) Data Discovery helps you find sensitive data in your cloud databases. You tell Data Discovery what kind of sensitive data to search for, and it inspects the actual data in your database and its data dictionary, and then returns to you a list of sensitive columns. By default, Data Discovery can search for a wide variety of sensitive data pertaining to identification, biographic, IT, financial, healthcare, employment, and academic information.
4) Data Masking provides a way for you to mask sensitive data so that the data is safe for non-production purposes. For example, organizations often need to create copies of their production data to support development and test activities. Simply copying the production data exposes sensitive data to new users. To avoid a security risk, you can use Data Masking to replace the sensitive data with realistic, but fictitious data.
5) Activity Auditing lets you audit user activity on your databases so you can monitor database usage and be alerted of unusual database activities.