Oracle Cloud Infrastructure Security 2021 Associate test series | Exam Number: 1Z0-1104-21

The Oracle Cloud ​Infrastructure Security ​certification is intended for ​professionals who are ​responsible for security in ​their Oracle Cloud ​Infrastructure environments. ​The target candidate should ​have 2+ years of experience ​in designing and implementing ​security solutions. ​Additionally, the target ​candidate should have 6 ​months or more of hands-on ​experience in securing ​workloads on OCI. The exam ​validates the following OCI ​Security topics:​ Working knowledge of OCI ​security services to provide ​a secure cloud environment ​ Understanding of OCI ​Identity and Access ​Management service and ​features​ Understanding of OCI ​mechanisms to secure data and ​database workloads ​ Understanding of network ​security in OCI Understanding of how to ​secure applications in OCI Understanding of security ​operations, including ​monitoring, logging, and ​alerting​ Familiarity with compliance ​frameworks Up-to-date OCI training and ​hands-on experience are ​recommended.

Exam Topics:

Cloud Security Business Drivers and Challenges

• Identify the Cloud Security use cases, challenges, and trends (e.g. IDaaS, SIEM, etc)

Manage Identity and Access

• Design a scalable authorization model with users, groups, and policies

• Implement conditional and advanced policies

• Use Compartments to isolate resources

• Configure Dynamic Groups, Network Sources, and Tag-Based Access Control

• Understand MFA, Identity Federation, and SSO

Implement Infrastructure Security

• Secure connectivity of virtual networks (DRG v2, Peering)

• Secure connectivity of hybrid networks (Site-to-Site VPN, FastConnect)

• Configure Network Security Groups (NSGs) and Security Lists

• Describe the use case for VCN Flow Logs

• Implement OCI Bastion

• Configure Vulnerability Scanning

• Configure security for OKE and Oracle Functions

Secure your Apps and Data

• Configure and manage Keys in OCI Vault

• Configure and manage Secrets in OCI Vault

• Describe key capabilities provided by Data Safe

• Configure security for Oracle Autonomous Database and DB Systems

• Configure security for OCI storage services

• Create and configure Web Application Firewall

Improve Cloud Security Posture

• Discuss typical use cases for Cloud Guard

• Execute configurations on Cloud Guard

• Understand and implement Security Zones and Security Advisor

Manage Security Operations

• Implement security monitoring and alerting

• Design and implement a logging and logging analytics solution

• Describe use case for auditing and review OCI Audit Logs

Design for Security and Compliance

• Describe OCI Shared Security Responsibility Model

• Describe use case for Penetration and Vulnerability Testing