1z0-933.

32q

Number: 1z0-933
Passing Score: 800
Time Limit: 120 min

Website: https://vceplus.com
VCE to PDF Converter: https://vceplus.com/vce-to-pdf/
Facebook: https://www.facebook.com/VCE.For.All.VN/
Twitter : https://twitter.com/VCE_Plus

https://www.vceplus.com/

1z0-933

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
 Oracle Cloud Platform Identity and Security Management 2018 Associate
Exam A

QUESTION 1
From which Threat Intelligence providers does Oracle CASB Cloud Service receive information?

A. Oracle CASB Cloud Service provides threat intelligence from digital element/Tor/abuse.ch.
B. Oracle CASB Cloud Service provides threat intelligence from digital element/Open Threat Exchange/MISP.
C. Oracle CASB Cloud Service provides threat intelligence from digital element/Open Threat Exchange/Cymon.io.
D. Oracle CASB Cloud Service provides threat intelligence from digital element/MISP/Cymon.io.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/casb-cloud/palug/tour-oracle-casb-cloud-service-console.html#GUID-342258C9-32F9-4986-
B40C8FB091C4892D

QUESTION 2
You want to configure Oracle Identity Cloud Service so that any users who use an IP address that comes from a country where hacking is rampant are prevented
from accessing Oracle Identity Cloud Service.

https://www.vceplus.com/ How
would you accomplish this?

A. Define a network perimeter, assign it to a rule of a sign-on policy, and set the access for the rule to be denied.
B. Define a network perimeter, assign it to a rule of a sign-on policy, set the access for the rule to be denied, and define risk-related conditions in the rule associated
with the user’s location.
C. Define a network perimeter and assign it to a rule of a sign-on policy.

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
D. Define a network perimeter.

Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/identity-cloud/uaids/understanding-network-perimeters.html

QUESTION 3
Which three security services are provided in the Identity SOC framework? (Choose three.)

A. Oracle Application Performance Monitoring Cloud Service

B. Oracle Orchestration Cloud Service
C. Oracle Configuration and Compliance Cloud Service
D. Oracle Log Analytics Cloud Service
E. Oracle CASB Cloud Service

Correct Answer: BCE

Section: (none)
Explanation

Explanation/Reference:

QUESTION 4
A customer has a Java application deployed to an on-premises WebLogic server. The application uses WebLogic authentication mechanism. The customer has
access to the source code of this application so it can be built and redeployed if necessary.

Which is NOT an option to integrate with Oracle Identity Cloud Service?

A. Use WebLogic’s federation mechanism to delegate authentication to Oracle Identity Cloud Service.
B. Use Secure Form Fill to automatically log the user in the application using credentials stored in Oracle Identity Cloud Service repository.
C. Use WebLogic provider to validate user credentials in Oracle Identity Cloud Service repository.
D. Use Oracle Identity Cloud Service’s Java SDK.

Correct Answer: C
Section: (none)
Explanation

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
Explanation/Reference:

QUESTION 5
How does a threat progression get identified in Identity SOC?

A. Oracle CASB Cloud Service receives the threat intel from various data sources including Oracle Identity Cloud Service, and based on user behavior creates a
threat in the Oracle CASB Cloud Service Threat Dashboard.
B. Configuration and Compliance Cloud Service identifies the Configuration drift and forwards it to Oracle CASB Cloud Service, and based on user behavior
identified from Oracle Identity Cloud Service creates the threat based on the risk score in Oracle CASB Cloud Service Threat dashboard.
C. Oracle Security Monitoring and Analytics Cloud Service receives the threat intel from various data sources including Oracle Identity Cloud Service and Oracle
CASB Cloud Service, and based on user behavior creates a threat based on the risk score in Oracle Security Monitoring and Analytics Cloud Service Threat
dashboard.
D. Oracle Orchestration Cloud Service receives the threat information from Oracle Security Monitoring Cloud Service and Oracle Identity Cloud Service, and various
sources based on the information received from other sources creates a threat in Oracle CASB Cloud Service Threat dashboard.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 6
Which Oracle Identity Security Operations Center (SOC) component detects SQL query anomalies for any database or application?

A. Oracle Configuration and Compliance Cloud Service

B. Oracle Identity Cloud Service
C. Oracle Security Monitoring and Analytics Cloud Service
D. Oracle CASB Cloud Service

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/management-cloud/omsma/getting-started-oracle-security-monitoring-and-analytics.html#GUID-42229030-
8D4E49CF-B53A-59B13FC8D07B

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
QUESTION 7
Which two users should run Security Content Automation Protocol (SCAP) assessments? (Choose two.)

A. opc
B. root
C. privileged sudo user
D. oracle

Correct Answer: BC
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/management-cloud/comcs/assessing-compliance-industry-standards.html#GUID-72D97C34-A944-4EC9-
B3871F2529A3D491

QUESTION 8
Which is a top challenge for a Security Operations Center (SOC) Manager?

A. to keep all systems in compliance within 30 days of new security regulations

B. to ensure network and systems uptime to meet organization and customer SLAs
C. to identify threats proactively while maintaining organization and customer SLAs
D. to design and implement a software development life cycle program

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
Reference: https://www.dflabs.com/the-top-5-challenges-faced-by-security-operations-center/

QUESTION 9
Which key feature must be part of a modern Security Operations Center (SOC)?

A. System access life cycle management

B. Mobile Device Management along with adaptive access management
C. Integration with the business through dashboards and reports by the implementation of Big Data and Machine Learning Techniques

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
D. Automation and incident response orchestration

Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:

QUESTION 10
Which two types of severity levels can alerts be generated in, when using Security Monitoring and Analytics (SMA) Cloud Service? (Choose two.)

A. Error
B. Blackout
C. Debug
D. Critical
E. Warning

Correct Answer: DE
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/management-cloud/omsma/using-oracle-security-monitoring-and-analytics.pdf (33)

QUESTION 11
Due to rapid change in technology and regulatory overhead, companies are challenged to maintain and update the rules as per the industry standard benchmarks.

Which Oracle service will help in maintaining the industry standard benchmarks?

A. Oracle Configuration and Compliance Cloud Service

B. Oracle Identity Cloud Service
C. Oracle Cloud Access Security Broker (CASB) Cloud Service
D. Oracle Integration Cloud Service

Correct Answer: A
Section: (none)
Explanation

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
Explanation/Reference:
Reference: https://cloud.oracle.com/compliance

QUESTION 12
How can you synchronize users and groups between Microsoft Active Directory and Oracle Identity Cloud Service?
A. Use the import utility B.
Configure the Bridge
C. Configure Delegated Authentication
D. Use a flat file

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
Reference: http://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/idcs/idcs_idbridge_obe/idbridge.html#summary

QUESTION 13
Which two statements are true about Identity SOC? (Choose two.)

A. Oracle Identity Cloud Service provides SSO only for Cloud applications.
B. Oracle Identity Cloud Service provides SSO for Cloud and on-premises applications.
C. Oracle Identity Cloud Service provides security controls only for Cloud applications such as IaaS and SaaS.
D. Oracle CASB Cloud Service provides security controls for on-premises and Cloud applications.

Correct Answer: BD
Section: (none)
Explanation

Explanation/Reference:
Reference: https://www.oracle.com/assets/idcs-datasheet-3097388.pdf

QUESTION 14
Which does Oracle CASB Cloud Service NOT support when you add an administrator?

A. Allowing that administrator to view only policy alerts

B. Allowing that administrator to access all Oracle CASB Cloud Service functionality

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
C. Allowing that administrator to access only specified application instances
D. Allowing that administrator to access only limited Risk Events features

Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:

QUESTION 15
To add an SSH credential to run custom and industry-standard assessments you need to configure the credential store first.

Which command-line utility would you use?

A. cURL
B. OPC CLI
C. Oracle Compute CLI
D. OMCLI

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/management-cloud/comcs/using-oracle-configuration-and-compliance.pdf (p. 14)

QUESTION 16
If you want to reduce the number of "false positives" appearing in Risk Events, which action would NOT help?

A. filtering custom policy alerts to exclude trusted geographic areas

B. adding trusted users to the User Exclusion List
C. adding suspicious IP addresses to a "blacklist"
D. changing custom policy alerts with Resource or Action set to "Any" to target specific resources and actions

Correct Answer: A
Section: (none)
Explanation

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
Explanation/Reference:

QUESTION 17
From the Oracle Management Cloud dashboard, you noticed a threat or suspicious browsing activity by a user to execute a brute force attack against an application.
Which two remedial actions will happen implicitly to mitigate some risk? (Choose two.)

A. Multi-factor Authentication (MFA) is imposed

B. User added to suspicious data access watchlist
C. Application policy gets created
D. Host AV update enforced

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:

QUESTION 18
Which service can help you to detect Separation of Duties (SOD) violations in your cloud applications?

A. Oracle CASB Cloud Service

B. Oracle Log Analytics Cloud Service
C. Oracle Security Monitoring and Analytics Cloud Service
D. Oracle Configuration and Compliance Service

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
Reference: https://cloud.oracle.com/opc/paas/datasheets/OracleCASBforOraSaaS.pdf (p.3)

QUESTION 19
Which omcli command is used to return the status of the agent?

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
 https://www.vceplus.com/

A. agent property
B. agent status
C. status agent D. status

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/management-cloud/gfadg/omcli-command-options.html

QUESTION 20
Which two features describe the monitoring capabilities of Oracle Security Monitoring and Analytics (SMA) Cloud Service? (Choose two.)

A. Monitor application performance comprehensively

B. Detect security threats
C. Proactively monitor, alert, and notify across all infrastructure tiers
D. Dashboard for infrastructure-related metrics like CPU utilization

Correct Answer: CD
Section: (none)
Explanation

Explanation/Reference:
Reference: https://cloud.oracle.com/opc/paas/datasheets/OMC_InfraMon_Datasheet.pdf

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
QUESTION 21
Click the exhibit.

According to the diagram, which Oracle Identity Security Operations Center (SOC) component allows you to monitor Oracle Human Capital Management (HCM)
users’ activity and access management to avoid service misuse?

A. Oracle CASB Cloud Service

B. Oracle Management Cloud

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
C. Oracle Database Security
D. Oracle Security Monitoring and Analytics Cloud Service
Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 22
Which Oracle CASB Cloud Service feature could you use to quickly determine whether there is a concentration of security threats that is originating from a specific
geographic area?

A. Access Map
B. Key Security Indicators
C. Risk Events
D. Reports

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/casb-cloud/palug/tour-oracle-casb-cloud-service-console.html#GUID-BC092C8F-88D6-4DCA-
B8F81C4189C93E09

QUESTION 23
Which Identity SOC Cloud Service supports auto-access to the configurations in dynamic application environments?

A. Oracle Orchestration Cloud Service

B. Oracle Configuration and Compliance Cloud Service
C. Oracle Identity Cloud Service
D. Oracle Log Analytics Cloud Service

Correct Answer: C
Section: (none)
Explanation

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
Explanation/Reference:
QUESTION 24
Which two features does Oracle CASB Cloud Service support? (Choose two.)

A. automatically resolves suspicious events that occur

B. security controls for custom applications running on AWS
C. prevents unauthorized access to cloud application files
D. security controls for Oracle ERP Cloud Service

Correct Answer: BC
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/casb-cloud/palwn/index.html#PALWN-GUID-868CBB58-D1CA-4873-9C93-11A02E4DE196

QUESTION 25
Suspicious events that you or Oracle CASB Cloud Service determine to be serious, result in an entry in which of these pages?

A. Configuration, Threat Management

B. Risk Events
C. Incidents
D. Reports

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/casb-cloud/palug/viewing-suspicious-activity-threats.html#GUID-F97300DD-8E6A-44C2-952D-ED1860E97D61

QUESTION 26
From the Oracle Management Cloud Security Monitoring and Analytics dashboard, you noticed a threat of key transfer and suspicious SMB communication activity
by a user.

Which two remedial actions will be taken automatically to mitigate some risk? (Choose two.)

A. User added to suspicious data access watchlist

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
B. Multi-factor Authentication (MFA) is imposed
C. Host anti-virus (AV) update enforced
D. Targets added to file change watchlist

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:

QUESTION 27
Which is a major concern with regards to Line of Business (LOB) buyers when acquiring cloud services?

A. Line of Business (LOB) buyers were buying IT services without notifying their security team.
B. Customers are acquiring services that may not be in compliance with external regulations.
C. Line of Business (LOB) buyers do not have executive approval to acquire such services.
D. End users have no visibility over an organization’s cloud strategy.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 28
Which two are the main differentiators of Oracle Identity Cloud Service NOT supported by first-generation Identity-as-a-Service (IDaaS) vendors? (Choose two.)

A. It implements OAuth by default for easy integration with Oracle CASB Cloud Service and Oracle Security Monitoring and Analytics Cloud Service.
B. It provides the ability to manage the life cycle of identities on hybrid environments.
C. It provides support for multiple Software-as-a-Service (SaaS) vendors.
D. It provides support for Open Standard.

Correct Answer: AD
Section: (none)
Explanation

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
Explanation/Reference:
QUESTION 29
In your organization you want to do the security validation of development environments in the cloud.

Which two can be used along with Configuration and Compliance Cloud Service? (Choose two.)

A. Use the Secure Technical Implementation Guides (STIGs) industry-standard benchmarks.

B. Use out-of-the-box, REST-based rules to check for the restriction of cloud provider’s administrative port address to corporate IP addresses.
C. Use the rules to check that auditing is turned on in the cloud.
D. Use custom in-house rules along with Security Content Automation Protocol (SCAP) assessments

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.oracle.com/en/cloud/paas/management-cloud/comcs/getting-started-configuration-and-compliance.html#GUID-9EFDEA9D-111B-
474DB4C4-7007F6822E59

QUESTION 30
Which two steps are needed to integrate Oracle CASB Cloud Service with Oracle Identity Cloud Service? (Choose two.)

A. In Oracle CASB Cloud Service navigate to Configuration and then to Identity Management providers. Select Oracle Identity Cloud Service and specify the
Instance name/Client ID/Client Secret and URL to the Provider.
B. Create an Oracle CASB Cloud Service application in Identity Cloud Service and collect the Client ID/Client Secret for the application created.
C. Create a trusted application in Identity Cloud Service and collect the Client ID/Client Secret for the application created.
D. In Oracle CASB Cloud Service navigate to Configuration and then to Identity Management providers. Select Oracle Identity Cloud Service and specify the Client
ID/Client Secret.

Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:

QUESTION 31
You want to implement Oracle Configuration and Compliance Cloud Service for the hybrid cloud environments in your organization.

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com
Which two benefits will you get from implementing this? (Choose two.)
A. integration of the different services using open standards
B. Assessment, scoring, and reporting of the compliance in an enterprise can be automated
C. Compliance violation dashboard displays the most severe violations
D. application-wide assessment of compliance score

Correct Answer: BD
Section: (none)
Explanation

Explanation/Reference:

QUESTION 32
Can you customize which of your identity providers appear on the Sign In page when users are accessing Oracle Identity Cloud Service either locally or through a
specific app?

A. No, because users should always sign in using their local authentication credentials.
B. Yes, by using identity provider policies.
C. Yes, by using sign-on policies.
D. No, because any identity provider that’s set to appear in the Sign In page will be displayed.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

https://www.vceplus.com/

https://www.vceplus.com/
www.vceplus.com - Free Questions & Answers - Online Courses - Convert VCE to PDF - VCEplus.com