New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Legit 1z0-1084-24 Exam Download

Page: 6 / 7
Question 24

Your team has chosen to use master encryption key (MEK) within an Oracle Cloud Infrastructure (OCI) Vault for encrypting Kubernetes secrets associated with your microservice deployments in OCI Container Engine for Kubernetes (OKE) clusters so that you can easily manage key rotation. Which of the following is NOT valid about rotating keys in the OCI Vault service?

Options:

A.

Once rotated, older key versions can be used for encryption until they are deleted.

B.

Both software and HSM-protected MEKS can be rotated.

C.

When you rotate an MEK, a new key version is automatically generated.

D.

Each key version is tracked internally with separate unique OCIDS.

Question 25

You have been asked to update an OKE cluster to a network configuration that has the least attack surface while the deployed applications are still directly available for access from the Internet. Which is a valid OKE cluster network configuration that meets this requirement? (Choose the best answer.)

Options:

A.

Private subnets for nodes, the Kubemetes API endpoint, and load balancers

B.

Private subnets for nodes; public subnets for the Kubemetes API endpoint and load balancers

C.

Private subnets for nodes and the Kubemetes API endpoint; public subnets for load balancers

D.

Private subnet for the Kubemetes API endpoint; public subnets for nodes and load balancers

Question 26

Which two "Action Type" options are NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition? (Choose two.)

Options:

A.

Email

B.

Streaming

C.

Slack

D.

Functions

E.

Notifications

Question 27

As a Cloud Native developer, you have written a web service for your company. However, your security team has suggested that your web service should address Distributed Denial-of-Service (DDoS) attack. You are time-constrained and you need to ensure that this is implemented as soon as possible. What should you do in this scenario? (Choose the best answer.)

Options:

A.

Use a third party service integration to Implement DDoS attack mitigation.

B.

Re-write your web service and implement rate limiting.

C.

Use the OCI Virtual Cloud Network (VCN) segregation to control DDoS.

D.

Use the OCI API Gateway service and configure rate limiting.

Page: 6 / 7
Exam Code: 1z0-1084-24
Exam Name: Oracle Cloud Infrastructure 2024 Developer Professional
Last Update: Dec 22, 2024
Questions: 100
1z0-1084-24 pdf

1z0-1084-24 PDF

$25.5  $84.99
1z0-1084-24 Engine

1z0-1084-24 Testing Engine

$28.5  $94.99
1z0-1084-24 PDF + Engine

1z0-1084-24 PDF + Testing Engine

$40.5  $134.99