• Home
  • Oracle
  • 1Z0-1104-25: Oracle Cloud Infrastructure 2025 Security Professional

Oracle 1Z0-1104-25 Exam Dumps

Get All Oracle Cloud Infrastructure 2025 Security Professional Exam Questions with Validated Answers

1Z0-1104-25 Pack
Vendor: Oracle
Exam Code: 1Z0-1104-25
Exam Name: Oracle Cloud Infrastructure 2025 Security Professional
Exam Questions: 36
Last Updated: November 20, 2025
Related Certifications: Oracle Cloud , Oracle Cloud Infrastructure
Exam Tags: Expert or Advanced Level Oracle Cloud EngineersOracle Cloud Security Professionals
Gurantee
  • 24/7 customer support
  • Unlimited Downloads
  • 90 Days Free Updates
  • 10,000+ Satisfied Customers
  • 100% Refund Policy
  • Instantly Available for Download after Purchase

Get Full Access to Oracle 1Z0-1104-25 questions & answers in the format that suits you best

PDF Version

$40.00
$24.00
  • 36 Actual Exam Questions
  • Compatible with all Devices
  • Printable Format
  • No Download Limits
  • 90 Days Free Updates

Discount Offer (Bundle pack)

$80.00
$48.00
  • Discount Offer
  • 36 Actual Exam Questions
  • Both PDF & Online Practice Test
  • Free 90 Days Updates
  • No Download Limits
  • No Practice Limits
  • 24/7 Customer Support

Online Practice Test

$30.00
$18.00
  • 36 Actual Exam Questions
  • Actual Exam Environment
  • 90 Days Free Updates
  • Browser Based Software
  • Compatibility:
    supported Browsers

Pass Your Oracle 1Z0-1104-25 Certification Exam Easily!

Looking for a hassle-free way to pass the Oracle Cloud Infrastructure 2025 Security Professional exam? DumpsProvider provides the most reliable Dumps Questions and Answers, designed by Oracle certified experts to help you succeed in record time. Available in both PDF and Online Practice Test formats, our study materials cover every major exam topic, making it possible for you to pass potentially within just one day!

DumpsProvider is a leading provider of high-quality exam dumps, trusted by professionals worldwide. Our Oracle 1Z0-1104-25 exam questions give you the knowledge and confidence needed to succeed on the first attempt.

Train with our Oracle 1Z0-1104-25 exam practice tests, which simulate the actual exam environment. This real-test experience helps you get familiar with the format and timing of the exam, ensuring you're 100% prepared for exam day.

Your success is our commitment! That's why DumpsProvider offers a 100% money-back guarantee. If you don’t pass the Oracle 1Z0-1104-25 exam, we’ll refund your payment within 24 hours no questions asked.
 

Why Choose DumpsProvider for Your Oracle 1Z0-1104-25 Exam Prep?

  • Verified & Up-to-Date Materials: Our Oracle experts carefully craft every question to match the latest Oracle exam topics.
  • Free 90-Day Updates: Stay ahead with free updates for three months to keep your questions & answers up to date.
  • 24/7 Customer Support: Get instant help via live chat or email whenever you have questions about our Oracle 1Z0-1104-25 exam dumps.

Don’t waste time with unreliable exam prep resources. Get started with DumpsProvider’s Oracle 1Z0-1104-25 exam dumps today and achieve your certification effortlessly!

Free Oracle 1Z0-1104-25 Exam Actual Questions

Question No. 1

SIMULATION

Task 7: Verify the OCI Certificate with Load Balancer

Verify HTTPS connection to the load balancer by running the following command in Cloud Shell

curl -k https://

Enter the following URL in the web browser:

https://

If prompted with a certificate error, accept the risk and continue.

Verify web page content by ensuring the text, "You are visiting Web Server 1" from the index.html file is displayed in the browser

Show Answer Hide Answer
Correct Answer: A

Task 7: Verify the OCI Certificate with Load Balancer

Step 1: Obtain the Public IP of the Load Balancer

Log in to the OCI Console.

Navigate to Networking > Load Balancers.

Click on PBT-CERT-LB-01.

Note the Public IP Address from the load balancer details page.

Step 2: Verify HTTPS Connection Using Cloud Shell

Open the OCI Cloud Shell from the top-right corner of the OCI Console.

Run the following command, replacing <Public IP of PBT-CERT-LB-01> with the public IP you noted:

curl -k https://<Public IP of PBT-CERT-LB-01>

Expected output: You should see the text 'You are visiting Web Server 1' if the connection is successful. The -k flag ignores certificate validation errors (common during initial testing with self-signed or newly issued certificates).

If you encounter an error, ensure the load balancer is active, the listener is configured correctly, and the backend server (PBT-CERT-VM-01) is reachable.

Step 3: Verify in a Web Browser

Open a web browser.

Enter the following URL, replacing <Public IP of PBT-CERT-LB-01> with the public IP you noted:

https://<Public IP of PBT-CERT-LB-01>

If prompted with a certificate warning (e.g., due to a self-signed certificate or untrusted CA), accept the risk and proceed (click 'Advanced' and 'Proceed' or similar, depending on your browser).

Verify that the web page displays the text 'You are visiting Web Server 1' from the index.html file created on PBT-CERT-VM-01.

Step 4: Troubleshoot (if needed)

If the text is not displayed:

Check the load balancer health status under Backend Sets > Health in the OCI Console.

Ensure the security list PBT-CERT-LB-SL-01 allows port 443 and the compute instance security list allows port 80.

Verify the Apache service is running on PBT-CERT-VM-01 by SSHing in and running sudo systemctl status httpd.

Topic 2, Misc. Questions


Question No. 2

An OCI administrator notices that a compute instance running in the production compartment is unable to create Object Storage buckets using the OCI CLI command:

oci os bucket create --name mybucket --compartment-id --auth instance_principal

The error message returned states:

"NotAuthorizedOrNotFound: You are not authorized to perform this action."

The administrator verifies that the instance has Internet access and can reach OCI endpoints.

What then could be causing the issue?

Show Answer Hide Answer
Correct Answer: D

Question No. 3

SIMULATION

Challenge 2 -Task 1

In deploying a new application, a cloud customer needs to reflect different security postures. If a security zone is enabled with the Maximum Security Zone recipe, the customer will be unable to create or update a resource in the security zone if the action violates the attached Maximum Security Zone policy.

As an application requirement, the customer requires a compute instance in the public subnet. You therefore, need to configure Custom Security Zones that allow the creation of compute instances in the public subnet.

Review the architecture diagram, which outlines the resoures you'll need to address the requirement:

Preconfigured

To complete this requirement, you are provided with the following:

Access to an OCI tenancy, an assigned compartment, and OCI credentials

Required IAM policies

Task 1: Create a Custom Security Zone Recipe

Create a Custom Security Zone Recipe named IAD-SP-PBT-CSP-01 that allows the provisioning of compute instances in the public subnet.

Enter the OCID of the created custom security zone recipe in the text box below.

Show Answer Hide Answer
Correct Answer: A

To create a Custom Security Zone Recipe named IAD-SP-PBT-CSP-01 that allows the provisioning of compute instances in a public subnet, we will follow the steps outlined in the Oracle Cloud Infrastructure (OCI) Security Zones documentation. These steps are based on verified procedures from the OCI Security Zone Guide and related resources.

Step-by-Step Solution for Task 1: Create a Custom Security Zone Recipe

Log in to the OCI Console:

Use your OCI credentials to log in to the OCI Console (https://console.us-ashburn-1.oraclecloud.com).

Ensure you have access to the assigned compartment provided in the tenancy.

Navigate to Security Zones:

From the OCI Console, go to the navigation menu (hamburger icon) on the top left.

Under Governance and Administration, select Security Zones.

Create a New Security Zone Recipe:

In the Security Zones dashboard, click on the Recipes tab.

Click the Create Recipe button.

Configure the Recipe Details:

Name: Enter IAD-SP-PBT-CSP-01.

Description: (Optional) Add a description, e.g., 'Custom recipe to allow compute instances in public subnet.'

Leave the Compartment as the assigned compartment provided.

Define the Security Zone Policy:

In the policy editor, start with a base policy. Since the Maximum Security Zone recipe restricts public subnet usage, you need to customize it.

Add the following policy statement to allow compute instances in a public subnet:

Allow service compute to use virtual-network-family in compartment <compartment-name> where ALL {

target.resource.type = 'Instance',

target.vcn.cidr_block = '10.0.0.0/16',

target.subnet.cidr_block = '10.0.10.0/24'

}

Replace <compartment-name> with the name of your assigned compartment.

This policy allows the Compute service to provision instances in the public subnet (10.0.10.0/24) within the VCN (10.0.0.0/16).

Adjust Restrictions:

Ensure the recipe does not inherit the Maximum Security Zone recipe's default restrictions that block public subnet usage. Explicitly allow the public subnet by including the subnet CIDR block (10.0.10.0/24) in the policy.

Remove or modify any conflicting default rules that prohibit public subnet usage (e.g., rules blocking internet access or public IP assignment).

Save the Recipe:

Click Create to save the custom security zone recipe.

Once created, note the OCID of the recipe from the recipe details page. The OCID will be a unique identifier starting with ocid1.securityzonerecipe.

Verify the Recipe:

Go to the Recipes tab and locate IAD-SP-PBT-CSP-01.

Ensure the policy reflects the allowance for compute instances in the public subnet by reviewing the policy statement.

OCID of the Created Custom Security Zone Recipe

The exact OCID will be generated upon creation (e.g., ocid1.securityzonerecipe.oc1..unique_string). Please enter the OCID displayed in the OCI Console after completing Step 7.

Notes

Ensure IAM policies are correctly configured to grant you permissions to create and manage security zone recipes in the compartment.

The policy assumes the public subnet CIDR (10.0.10.0/24) matches the diagram. Adjust if the actual subnet CIDR differs.

Test the recipe by associating it with a security zone and attempting to launch a compute instance to confirm compliance.


Question No. 4

You're managing an Oracle Cloud Infrastructure (OCI) environment where a public website hosts downloadable assets stored in Object Storage buckets. These buckets need to be publicly accessible for website visitors, but Cloud Guard keeps flagging them as security risks.

How can Cloud Guard be configured to ignore problems specific to public buckets while still ensuring security checks are applied to other resources that require them?

Show Answer Hide Answer
Correct Answer: D

Question No. 5

SIMULATION

Task 6: Create Load Balancer and Attach Certificate

Create a Load Balancer with the name PBT-CERT-LB-01 in subnet LB-Subnet-PBT-CERT-SNET-02

Create a Listener for the load balancer, where:

Name: PBT-CERT-LB_LTSN_01

Protocol: HTTPS

Port: 443

Attach the certificate PBT-CERT-01- to the load balancer

Attach the security list PBT-CERT-LB-SL-01 to subnet LB-Subnet-PBT-CERT-SNET-02

Show Answer Hide Answer
Correct Answer: A

Task 6: Create Load Balancer and Attach Certificate

Step 1: Create the Load Balancer

Log in to the OCI Console.

Navigate to Networking > Load Balancers.

Click Create Load Balancer.

Enter the following details:

Name: PBT-CERT-LB-01

Compartment: Select your assigned compartment.

Load Balancer Type: Select Public.

Virtual Cloud Network: Select PBT-CERT-VCN-01.

Subnet: Select LB-Subnet-PBT-CERT-SNET-02.

Shape: Choose a shape (e.g., 10 Mbps, adjust based on needs).

Click Next.

Leave backend sets and listeners as default for now (we'll configure the listener next).

Click Create Load Balancer and wait for it to be provisioned.

Step 2: Create a Listener

Once the load balancer is created, go to the Load Balancers page and click on PBT-CERT-LB-01.

Under Resources, click Listeners.

Click Create Listener.

Enter the following details:

Name: PBT-CERT-LB_LTSN_01

Protocol: Select HTTPS.

Port: Enter 443.

Certificate: Click Add Certificate, then select the PBT-CERT-01<username> certificate (e.g., PBT-CERT-0199008677labuser01) created in Task 5.

Leave other settings (e.g., SSL handling) as default unless specified.

Click Create.

Step 3: Configure the Backend Set

In the PBT-CERT-LB-01 details page, under Resources, click Backend Sets.

Click Create Backend Set (if not already created).

Enter basic details (e.g., name like PBT-CERT-BS-01).

Add a backend server:

IP Address: Use the private IP of PBT-CERT-VM-01 (find this in the instance details under Compute > Instances).

Port: 80 (HTTP, as configured on the web server).

Protocol: HTTP.

Click Create.

Step 4: Attach the Security List to the Subnet

Navigate to Networking > Virtual Cloud Networks.

Select PBT-CERT-VCN-01 and click Subnets.

Click on LB-Subnet-PBT-CERT-SNET-02.

Under Security Lists, ensure PBT-CERT-LB-SL-01 is attached. If not:

Click Edit.

Remove the default security list and add PBT-CERT-LB-SL-01.

Click Save Changes.

Step 5: Verify the Configuration

Ensure the load balancer health status is OK (check under Backend Sets > Health).

Test by accessing https://<load-balancer-public-ip> in a browser (replace with the public IP from the load balancer details).


Get All 36 Questions & Answers Explore Other Oracle Exam Dumps

100%

Security & Privacy

10000+

Satisfied Customers

24/7

Committed Service

100%

Money Back Guranteed