Oracle Exam 1Z0-1104-23 Topic 2 Question 20 Discussion

Actual exam question for Oracle's 1Z0-1104-23 exam

Question #: 20
Topic #: 2

[All 1Z0-1104-23 Questions]

Which three Oracle Cloud Infrastructure (OCI) services are covered by Cloud Guard? (Choose three.)

AOracle Integration Osud (OIC)

BBlockchain

CObject Storage

DDatabase Cloud Service

EIdentity and Access Management (IAM)

Show Suggested Answer

Suggested Answer: A

SOLUTION:

From the navigation menu, select Networking and then click Load Balancer.

From the left navigation pane, under List Scope, select <your working compartment> from the drop-down menu.

Select the load balancer IAD-SP-PBT-VM-01. Note down the Public IP address.

Open a web browser and enter the URL http://<Public IP of IAD-SP-PBT-VM-01>.

Verify the text in index.html is displayed:

arduino

129.153.147.141

You are visiting WAF Based Web Server 1

Now enter the following URL:

less

http://Public IP of IAD-SP-PBT-VM-01/index.html?

arduino

129.153.147.141

Service Unavailable; Web Server is secured against XSS attacks.

This format keeps the instructions intact while preserving the original content.

by Lyndia at Jun 01, 2024, 12:52 PM

Limited Time Offer

25%

Off

Get Premium 1Z0-1104-23 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Frederica

10 months ago

Oof, 'Service Unavailable' as the expected response - guess they don't want any successful XSS attacks getting through!

upvoted 0 times

Vanesa

9 months ago

upvoted 0 times

...

Millie

10 months ago

upvoted 0 times

...

Deangelo

10 months ago

Wait, we have to use the assigned compartment and region? That's a nice touch to make sure we're following the instructions to the letter.

upvoted 0 times

...

Kanisha

10 months ago

Haha, 'javascript:alert(1)' - classic XSS payload. I wonder if the WAF will detect that immediately or if I'll need some more advanced rules.

upvoted 0 times

Sommer

10 months ago

Yeah, it's a common one. But it's always good to have more advanced rules in place just to be safe.

upvoted 0 times

...

Sherita

10 months ago

I think the WAF should be able to detect that XSS payload easily.

upvoted 0 times

...

Kenneth

11 months ago

The XSS attack script in the scenario is a clever way to test the configured WAF rules. I'll need to make sure my rules are tight enough to block that.

upvoted 0 times

Laurel

10 months ago

Let's test the environment by connecting to the web server and appending the XSS script to see if the WAF blocks it.

upvoted 0 times

...

Jolanda

10 months ago

I agree, the XSS attack script provided in the scenario is a good test to ensure our rules are effective.

upvoted 0 times

...

Bo

10 months ago

Make sure to configure the WAF policy with strong protection rules against XSS attacks.

upvoted 0 times

...

Annita

11 months ago

I agree, XSS attacks can be very harmful. It's important to have strong protection in place.

upvoted 0 times

...

Deonna

11 months ago

This looks like a pretty straightforward WAF configuration task. I'd start by setting up the VCN and compute instance as required.

upvoted 0 times

Lawrence

10 months ago

Finally, we can create a WAF policy and configure Protection Rules against XSS attacks.

upvoted 0 times

...

Abel

10 months ago

User 2

upvoted 0 times

...

Tina

10 months ago

After that, we need to create a Load Balancer and update the Security List.

upvoted 0 times

...

Germaine

10 months ago

Setting up the VCN and compute instance is the first step.

upvoted 0 times

...

Yesenia

11 months ago

User 1

upvoted 0 times

...

Francine

11 months ago

After that, we can create the WAF policy and configure protection rules against XSS attacks.

upvoted 0 times

...

Diane

11 months ago

Setting up the VCN and compute instance is the first step.

upvoted 0 times

...

Mendy

11 months ago

I think configuring a WAF to protect against XSS attacks is crucial for web security.

upvoted 0 times

...