🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
1Z0-1104
Coming Soon
Expected availability announced soon

This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.

Notify me
1Z0-1104 Oracle Coming Soon

OCI Security Professional

Oracle Cloud Infrastructure Security Professional certification training teaches IAM, data encryption, network security, security operations, incident response, and Data Safe best practices, preparing professionals to safeguard OCI environments.

90
Minutes
50
Questions
65
Passing Score
$245
Exam Cost

Who Should Take This

It is ideal for cloud engineers, security analysts, and system administrators who already work with Oracle Cloud and seek to validate their expertise in securing OCI workloads. Candidates should have at least two years of experience managing cloud resources and aim to demonstrate proficiency in identity governance, encryption strategies, network controls, and incident handling.

What's Covered

1 Identity and Access Management
2 Data Protection and Encryption
3 Network Security
4 Security Operations
5 Incident Response and Data Safe

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

62 learning goals
1 Identity and Access Management
2 topics

IAM Architecture

  • Design enterprise IAM with Identity Domains, compartment hierarchies, and policy inheritance for multi-team access control.
  • Implement identity federation with SAML, OIDC, and SCIM between OCI and enterprise identity providers for unified authentication.
  • Architect conditional MFA policies, adaptive authentication, and session management for risk-based access control.
  • Evaluate IAM configurations to identify over-permissive policies, unused credentials, and privilege escalation risks.
  • Configure IAM Architecture with appropriate settings, policies, and parameters for a production deployment scenario.
  • Assess IAM Architecture implementations against best practices to identify gaps and recommend improvements for production readiness.

Advanced Access Control

  • Design dynamic groups and instance principals for automated service-to-service authentication without stored credentials.
  • Architect cross-tenancy resource sharing with IAM policies, resource principal authentication, and cross-tenancy data access patterns.
  • Implement API key management, auth token rotation, and OAuth2 client credential flows for application-level OCI access.
  • Analyze access patterns using IAM audit logs and Cloud Guard to detect anomalous behavior and unauthorized access attempts.
  • Evaluate Advanced Access Control alternatives and tradeoffs to recommend the optimal approach for given performance and cost constraints.
  • Formulate Advanced Access Control governance frameworks with policies, standards, and compliance monitoring for organizational alignment.
2 Data Protection and Encryption
2 topics

Encryption Architecture

  • Architect encryption strategies using OCI Vault with software and HSM-protected master keys for data-at-rest encryption.
  • Design BYOK and Hold Your Own Key (HYOK) patterns with external KMS integration for customer-controlled encryption.
  • Implement key rotation policies, key versioning, and automated key lifecycle management for cryptographic hygiene.
  • Design data classification and protection frameworks mapping sensitivity levels to encryption, access control, and audit requirements.
  • Evaluate encryption implementations to identify gaps in key management, rotation compliance, and data protection coverage.
  • Plan Encryption Architecture migration and modernization strategies including phased rollout, testing, and rollback procedures.
  • Implement Encryption Architecture following best practices for security, performance, and reliability in Oracle Cloud Infrastructure Security Professional.

Secrets and Certificate Management

  • Implement OCI Vault secrets management for database credentials, API keys, and connection strings with automatic rotation.
  • Design OCI Certificates service for SSL/TLS certificate provisioning, renewal automation, and certificate authority management.
  • Architect secrets injection patterns for applications using Vault, Kubernetes secrets, and environment-based credential delivery.
  • Analyze certificate and secrets management to identify expiration risks, rotation gaps, and exposure vulnerabilities.
  • Design enterprise-grade Secrets and Certificate Management architectures incorporating high availability, disaster recovery, and security requirements.
  • Apply Secrets and Certificate Management configuration patterns to meet specific business requirements including compliance and governance needs.
3 Network Security
2 topics

Network Security Architecture

  • Design defense-in-depth network security with NSGs, security lists, Network Firewall, and WAF for layered traffic filtering.
  • Implement OCI Network Firewall with stateful inspection rules, intrusion detection/prevention, and URL filtering policies.
  • Architect WAF configurations with access control rules, bot management, rate limiting, and custom protection rules.
  • Design Bastion service deployments for secure SSH/RDP access to private resources with session recording and audit.
  • Evaluate network security to identify exposed services, misconfigured firewalls, and unmonitored traffic flows.
  • Deploy Network Security Architecture with integration to monitoring, logging, and alerting services for operational visibility.
  • Analyze Network Security Architecture configurations to identify security vulnerabilities, performance bottlenecks, and optimization opportunities.

DDoS and Perimeter Security

  • Implement OCI DDoS protection with always-on mitigation, edge security, and traffic scrubbing for internet-facing services.
  • Design network segmentation with micro-segmentation patterns using NSGs and private subnets for zero-trust architectures.
  • Architect private endpoint access patterns eliminating public IP exposure for database, object storage, and service access.
  • Analyze perimeter security postures to identify attack surface, recommend mitigation controls, and design incident response plans.
  • Implement DDoS and Perimeter Security following best practices for security, performance, and reliability in Oracle Cloud Infrastructure Security Professional.
  • Diagnose DDoS and Perimeter Security issues by analyzing metrics, logs, and configuration to determine root causes and remediation steps.
4 Security Operations
2 topics

Cloud Guard and Threat Detection

  • Design Cloud Guard configurations with detector recipes, responder recipes, and security scoring for continuous posture management.
  • Implement custom Cloud Guard detectors for organization-specific threat patterns and compliance requirements.
  • Architect Cloud Guard integration with SIEM platforms, ticketing systems, and automated remediation workflows.
  • Analyze Cloud Guard findings to prioritize remediation, track security posture trends, and measure risk reduction over time.
  • Analyze Cloud Guard and Threat Detection configurations to identify security vulnerabilities, performance bottlenecks, and optimization opportunities.
  • Recommend Cloud Guard and Threat Detection optimization strategies balancing performance, cost, operational complexity, and risk management.

Audit and Compliance

  • Design audit logging strategies with OCI Audit service, Logging, and Logging Analytics for comprehensive activity tracking.
  • Implement Security Zones with enforced security policies preventing insecure resource configurations in sensitive compartments.
  • Architect compliance monitoring using Audit logs, Cloud Guard, and custom dashboards for PCI-DSS, HIPAA, and SOC 2 requirements.
  • Evaluate compliance postures to identify regulatory gaps, recommend remediation actions, and design continuous compliance workflows.
  • Architect Audit and Compliance solutions with scalability patterns, capacity planning, and growth accommodation for long-term sustainability.
  • Configure Audit and Compliance with appropriate settings, policies, and parameters for a production deployment scenario.
5 Incident Response and Data Safe
2 topics

Incident Response

  • Design security incident response procedures with detection, containment, eradication, recovery, and post-incident review phases.
  • Implement automated threat response using Cloud Guard responders, Functions, and Events for real-time security remediation.
  • Architect forensic investigation capabilities with audit logs, VCN flow logs, packet captures, and Logging Analytics queries.
  • Analyze security incidents to reconstruct attack timelines, identify root causes, and recommend preventive controls.
  • Explain how to troubleshoot common issues with Incident Response including error messages, logs, and diagnostic procedures.
  • Evaluate Incident Response alternatives and tradeoffs to recommend the optimal approach for given performance and cost constraints.

Oracle Data Safe

  • Implement Data Safe for database security assessment, user assessment, and activity auditing across OCI database services.
  • Design data masking and data discovery policies using Data Safe for protecting sensitive data in non-production environments.
  • Architect database security monitoring with Data Safe alerts, compliance reports, and risk scoring dashboards.
  • Evaluate database security postures using Data Safe findings to prioritize hardening and access control improvements.
  • Compare Oracle Data Safe deployment patterns to determine the best architecture for meeting availability and scalability requirements.
  • Design enterprise-grade Oracle Data Safe architectures incorporating high availability, disaster recovery, and security requirements.

Scope

Included Topics

  • All domains in the Oracle Cloud Infrastructure Security Professional (1Z0-1104) exam guide.
  • Topics: IAM, Data Protection, Network Security, Security Operations, Incident Response, Compliance.
  • Oracle Cloud Infrastructure services, tools, and best practices relevant to this certification.
  • Scenario-based problem solving at the Professional level.

Not Covered

  • Topics outside the official exam guide scope.
  • Programming language specifics and code-level implementation details.
  • Specific pricing values and promotional offers that change over time.
  • Third-party products and non-Oracle services beyond basic integration awareness.

Official Exam Page

Learn more at Oracle

Visit

1Z0-1104 is coming soon

Adaptive learning that maps your knowledge and closes your gaps.

Create Free Account to Be Notified

Trademark Notice

Oracle®, Java®, MySQL®, and all Oracle certification marks are registered trademarks of Oracle Corporation. Oracle does not endorse this product.

AccelaStudy® and Renkara® are registered trademarks of Renkara Media Group, Inc. All third-party marks are the property of their respective owners and are used for nominative identification only.