nuevo3gp

1. Which statement is true about File System Replication in Oracle Cloud Infrastructure (OCI)?. A Only a file system that has been exported can be used as a target file system. B You cannot specify a replication interval when you create the replication resource. C You can replicate the data in one file system to another file system only in the same region. D You can replicate the data in one file system to another file system in the same region or a different region.

2. You create a file system and then add a 1 GB file. You then take a snapshot of the file system. After the hourly update cycle is complete, the total meteredBytes shown by the File Storage service remains at 1 GB. You then overwrite the first 0.5 GB of the file. What would be the total meteredBytes shown by the File Storage service after the hourly update cycle is complete?. A. 0.5 GB. B. 2.5 GB. C. 1 GB. D. 1.5 GB.

3. You want to set up a Test compartment for members of the three projects to share. You also need to provide admin access to all three of your existing admin groups. Which policy would you write to accomplish this task?. A) Allow any-user to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'. B) Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup. Role='Admin'. C) Allow dynamic-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup. Role='Admin'. D) Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'.

4. You need to set up instance principals so that an application running on an instance can call Oracle Cloud Infrastructure (OCI) public services, without the need to configure user credentials or a configuration file. A developer in your team has already configured the application built using an OCI SDK to authenticate using the instance principals provider. Which is NOT a necessary step to complete this set up?. A Generate Auth Tokens to enable instances in the dynamic group to authenticate with APIs. B Create a policy granting permissions to the dynamic group to access services in your compartment or tenancy. C Deploy the application and the SDK to all the instances that belong to the dynamic group. D Create a dynamic group with matching rules to specify which instances can make API calls against services.

5. What are the two types of capture filters that can be created for network monitoring?. A Flow log capture filters and VTAP capture filters. B VTAP capture filters and network capture filters. C Flow log capture filters and packet capture filters. D Flow control capture filters and traffic capture filters.

6. Which Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) policy is invalid?. A Allow group 'Default'/'A-Developers' to create volumes in compartment Project-A. B Allow any-user to inspect users in tenancy. C Allow group 'Default'/'A-Admins' to manage all-resources in compartment Project-A. D Allow dynamic-group 'Default'/'FrontEnd' to manage instance-family in compartment Project-A.

You have an instance running in Oracle Cloud Infrastructure (OCI) that cannot be live-migrated during an infrastructure maintenance event. OCI schedules a maintenance due date within 14 to 16 days and sends you a notification. What would happen if you choose not to proactively reboot the instance before the scheduled maintenance due date?. • The instance will get terminated. • The instance is either reboot-migrated or rebuilt in place for you. • You will receive another notification to reboot within the next 14 days. • You will receive another notification to reboot within the next 7 days.

8. By default, OCI IAM policies follow the principle of least privilege. What does this principle mean in the context of policy creation?. A Policies should be identical for all users within a tenancy. B Policies should grant all possible permissions to simplify access control. C Policies should be written in a complex and technical manner to enhance security. D Policies should provide only the minimum set of permissions required for users to performtheir tasks effectively.

9. Which TWO statements about the Oracle Cloud Infrastructure (OCI) File Storage Service are accurate?. A Customer can encrypt data in their file system using their own Vault encryption key. B Communication with file systems in a mount target is encrypted via HTTPS. C Customer can encrypt the communication to a mount target via export options. D File systems use Oracle-managed keys by default. E Mount targets use Oracle-managed keys by default.

10. You have an instance running in Oracle Cloud Infrastructure (OCI) that cannot be live migrated during an infrastructure maintenance event. OCI schedules a maintenance due date within 14 to 16 days and sends you a notification. What would happen if you choose not to proactively reboot the instance before the scheduled maintenance due date?. A The instance will get terminated. B The instance is either reboot-migrated or rebuilt in place for you. C You will receive another notification to reboot within the next 14 days. D You will receive another notification to reboot within the next 7 days.

11. You are managing Oracle Cloud Infrastructure (OCI) with several instances and attached block volumes. To optimize performance and cost-efficiency, you consider enabling the detached volume performance autotuning feature in the Block Volume service. What happens to the performance level of a volume when it is detached from an instance?. A The performance level is adjusted to Higher Performance. B The performance level is adjusted to Lower Cost (0 VPUs/GB). C The performance level remains unchanged. D The performance level is adjusted to Balanced.

12. You can attach resources to a Dynamic Routing Gateway (DRG). Select THREE of these resources. A Subnet. B VNIC. C Local Peering Connection. D IPSec Tunnel. E Remote Peering Connections. F Virtual Circuits.

13. Which statement is NOT correct regarding the Oracle Cloud Infrastructure (OCI) File System snapshots?. A Before you can clone a file system, at least one snapshot must exist for the file system. B Even if nothing has changed within the file system since the last snapshot was taken, a new snapshot consumes more storage. C Snapshots are accessible under the root directory of the file system at .snapshot/name. D Snapshots are a consistent, point-in-time view of your file systems.

14. Which TWO statements are TRUE about Private IP addresses in Oracle Cloud Infrastructure (OCI)?. A. By default, the primary VNIC of an instance in a subnet has one primary private IP address. B. Each VNIC can only have one private IP address. C. By default, the primary VNIC of an instance in a subnet has one primary private IP address and one secondary private IP address. D. A private IP can have an optional public IP assigned to it if it resides in a public subnet.

15. Company XYZ is spending $300,000.00 USD per month in egress fees for 7 Petabytes (1 Petabyte = 1000 Terabytes) that they consume for Outbound Data Transfer in North America with their current cloud provider. The company is seeking to lower that expense considerably without reducing consumption. You propose migration to OCI because the Gigabyte Outbound Data Transfer in North America costs just $0.0085 USD per month. With OCI, how much will they spend per month for 7 Petabytes of Outbound Data Transfer? (1 Terabyte = 1000 Gigabytes). A $59,500.00. B $0.00 (free with OCI). C $150,000.00. D $59,415.00.

16. Which statement is TRUE about restoring a volume from a block volume backup in the Oracle Cloud Infrastructure (OCI) Block Volume service?. A You can only restore a volume to the same availability domain in which the original block volume resides. B You can restore only one volume from a manual block volume backup. C You can restore a block volume backup to a larger volume size. D You can restore a volume from any full volume backup but not from an incremental backup.

17. Which THREE protocols are supported by the Oracle Cloud Infrastructure (OCI) private Network Load Balancers?. UDP. HTTP. ICMP. iSCSI. BGP. TCP.

18. Which components are required at a high level for establishing remote peering between two Virtual Cloud Networks (VCNs) in Oracle Cloud Infrastructure (OCI)?. A. A single VCN with nonoverlapping CIDRS in each region, a dynamic routing gateway (DRG) attached to each VCN, and a direct connection between the DRGS. B. Two VCNs with overlapping CIDRS in different regions, a virtual private network (VPN) gateway attached to each VCN, and a direct connection between the VPN gateways. C. Two VCNs with nonoverlapping CIDRS in the same region, a dynamic routing gateway (DRG) attached to each VCN, and a direct connection between the DRGs. D. Two VCNS with nonoverlapping CIDRS in different regions, a dynamic routing gateway (DRG) attached to each VCN, a remote peering connection (RPC) on each DRG, and a connection established between the RPCs.

19. What is the primary function of the Network Path Analyzer (NPA) tool provided by Oracle Cloud Infrastructure (OCI)?. A Sending actual traffic between source and destination to diagnose connectivity issues. B Optimizing network performance by dynamically adjusting routing paths based on traffic patterns. C Collecting and analyzing network configuration to identify virtual network configuration issues impacting connectivity. D Providing real-time monitoring of network traffic to detect security threats and unauthorized access attempts.

20. Which is NOT a valid action within the Oracle Cloud Infrastructure (OCI) Block Volume service?. A Cloning an existing volume to a new, larger volume. B Restoring from a volume backup to a larger volume. C Attaching a block volume to an instance in a different availability domain. D Expanding an existing volume in place with offline resizing.

21. As a network architect you have been tasked with creating a fully redundant connection from your on- premises data center to your Virtual Cloud Network (VCN) in the us-ashburn-1 region. Which TWO options will accomplish this requirement?. A Configure one FastConnect virtual circuit to the us-ashburn-1 region and a Site-to-Site VPN to the us-ashburn-1 region. B Configure one FastConnect virtual circuit to the us-ashburn-1 region and the second FastConnect virtual circuit to the us-phoenix-1 region. C Configure two FastConnect virtual circuits to the us-ashburn-1 region and terminate them in diverse hardware on-premises. D Configure a Site-to-Site VPN from a single on-premises CPE.

22. You have a block volume created in the US West (Phoenix) region. You enabled Cross Region Replication for the volume and selected US West (San Jose) as the destination region. Now, you would like to create a new volume from the volume replica in the US West (San Jose) region. What should you do?. A Trigger the replica. B No action required. By default, the replica is available as a block volume. C Initiate the replica. D Activate the replica.

23. You want to run compute virtual machine (VM) instances in Oracle Cloud Infrastructure (OCI). Your business unit has the following requirements that need to be considered before you launch the VMs: Requirement 1: Shared infrastructure should not be used to deploy VMs. Requirement 2: Meet node-based licensing requirements that require you to license an entire server. Which compute capacity type would you select to meet these requirements?. A On-demand capacity. B Capacity reservation. C Preemptible capacity. D Dedicated host.

24. You plan to launch a VM instance with the VM. Standard2.24 shape and Oracle Linux 8 platform image. You want to protect your VM instance from low-level threats, such as rootkits and bootkits that can infect the firmware and operating system and are difficult to detect. What should you do?. A Create a shielded instance. B Create a burstable instance. C Use Vulnerability Scanning Service. D Use in-transit encryption.

25. Which TWO are key benefits of setting up Site-to-Site VPN on Oracle Cloud Infrastructure (OCI)?. A When setting up Site-to-Site VPN, it creates a private connection that provides consistent network experience. B When setting up Site-to-Site VPN, OCI provisions redundant VPN tunnels. C When setting up Site-to-Site VPN, customers can expect bandwidth above 2 Gbps. D When setting up Site-to-Site VPN, customers can configure it to use static or dynamic routing (BGP).

26. A financial firm is designing an application architecture for its online trading platform that should have high availability and fault tolerance. Their solutions architect configured the application to use an Oracle Cloud Infrastructure (OCI) Object Storage bucket located in the US West (us-phoenix-1) region to store large amounts of financial data. The stored financial data in the bucket should not be impacted even if there is an outage in one of the Availability Domains or a complete region. What should the architect do to avoid any costly service disruptions and ensure data durability?. A Create a lifecycle policy to regularly send data from the Standard to Archive storage. B Create a replication policy to send data to a different bucket in another OCI region. C Create a new Object Storage bucket in another region and configure recycle policy to move data every 5 days. D Copy the Object Storage bucket to a block volume.

27. Which Traffic Management Steering Policy facilitates the distribution of DNS traffic to specific endpoints based on the geographical location of end users?. ASN Steering. Geolocation Steering. Proximity Steering. IP Prefix Steering.

28. Which statement accurately describes the key features and benefits of OCI Confidential Computing?. A It optimizes network performance and reduces latency through advanced routing algorithms and caching mechanisms. B It encrypts and isolates in-use data and the applications processing that data, thereby preventing unauthorized access or modification. C It provides automatic scalability and load balancing capabilities, which allow seamless integration with other cloud providers. D It enables users to securely store and retrieve data by using distributed file systems, ensuring high availability and fault tolerance.

29. Which TWO statements are NOT correct regarding the Oracle Cloud Infrastructure (OCI) burstable instances?. A Burstable instances are charged according to the baseline OCPU. B If the instance's average CPU utilization over the past 24 hours is below the baseline, the system allows it to burst above the baseline. C Burstable instances cost less than regular instances with the same total OCPU count. D Burstable instances are designed for scenarios where an instance is not typically idle and has high CPU utilization. E Baseline utilization is a fraction of each CPU core, either 25% or 75%.

30. You are launching a new project in the US West (Phoenix) region. You would like to reserve the compute capacity mentioned below so that the capacity is available for your workloads when you need it. 10 VM. Standard2.2 Instances 6 VM. Standard. E4. Flex Instances The project also requires you to be mindful about high availability and place the instances in at least two Availability Domains. At a bare minimum, how many capacity reservations would you create to meet this requirement?. One. Two. Three. Four.

31. You plan to upload a large file (3 TiB) to Oracle Cloud Infrastructure (OCI) Object Storage. You would like to minimize the impact of network failures while uploading, and therefore you decide to use the multipart upload capability. Which TWO statements are true about performing a multipart upload using the Multipart Upload API?. A While a multipart upload is still active, you can keep adding parts as long as the total number is less than 10,000. B You do not need to split the object into parts. Object Storage splits the object into parts and uploads all of the parts automatically. C You do not have to commit the upload after you have uploaded all the object parts. D When you split the object into individual parts, each part can be as large as 50 GIB.

32. A company has deployed a multitier application in Oracle Cloud Infrastructure (OCI), with web servers in a public subnet and database servers in a private subnet. The database servers need to access data from OCI Object Storage, and the company wants to ensure that this communication is secure and not exposed to the public Internet. Which OCI feature should be used?. A Use a VPN Gateway to create an encrypted tunnel to Object Storage. B Use a NAT Gateway to enable private access to Object Storage. C Use a Service Gateway to establish a secure connection to Object Storage. D Use a Local Peering Gateway to peer with the Object Storage subnet.

33. Which statement is NOT true about the Oracle Cloud Infrastructure (OCI) Object Storage service?. A Object Versioning is enabled at the namespace level. B Immutable option for data stored in Object Storage can be set via retention rules. C Object Storage resources can be shared across tenancies. D Object lifecycle rules can be used to either archive or delete objects.

34. You created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system, therefore you have provisioned one using the file storage service (FSS). You have also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that the application servers can access FSS. The security team changed the settings for the DB System to have read-only access to the file system. However when they test it, they are unable to access FSS. How would you allow access to FSS?. A Create an instance principal for the DB System. Write an Identity and Access Management (IAM) policy that allows the instance principal read-only access to the file storage service. B Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet. C Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateful. D Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateless.

35. You just got a last minute request to create a set of instances in Oracle Cloud Infrastructure (OCI). The configuration and installed software are identical for every instance, and you already have a running instance in your OCI tenancy. Which image option allows you to achieve this task with the least amount of effort?. A Use Oracle-provided images and customize the installation using a third-party tool. B Bring your own image and use it as a template for the new instances. C Create a custom image and use it as a template for the new instances. D Select an image from the OCI Marketplace.

36. As a network engineer responsible for managing the virtual network infrastructure on Oracle Cloud Infrastructure (OCI) for your organization, you decide to utilize the Network Visualizer tool provided by OCI. Why is the Network Visualizer tool valuable for managing virtual network infrastructure on OCI?. A It visualizes the topology of all VCNS in a selected region and tenancy, allowing for a concise understanding of their relationships and connections. B It provides detailed information about the physical network components. C It generates automated reports on network performance metrics, facilitating decision-making for optimizing network resources and bandwidth allocation. D It offers real-time monitoring of network traffic, enabling proactive identification of security threats and unauthorized access attempts.

37. You are managing a complex environment consisting of compute instances running Oracle Linux on Oracle Cloud Infrastructure (OCI). You want to apply all the latest kernel security updates to all instances. Which OCI service would you use?. A Data Safe. B Artifact Registry. C Container Registry. D OS Management Service.

38. You are using a custom application with third-party APIs to manage the application and data hosted in an Oracle Cloud Infrastructure (OCI) tenancy. Although your third-party APIs do not support OCI's signature- based authentication, you want them to communicate with OCI resources. Which authentication option should you use to ensure this?. A Auth Tokens. B OCI Username and Password. C SSH Key Pair with 2048-bit algorithm. D API Signing Key.

39. You want a full-featured Identity-as-a-Service (IDaaS) solution that helps you manage workforce authentication and access to all of your Oracle and non-Oracle applications, whether they are SaaS apps, on- premises enterprise apps, or apps that are hosted in the cloud. Which IAM Identity Domain type should you create?. External User. Free. Oracle Apps Premium. Premium.

40. Which of the following is a valid RFC 1918 CIDR prefix that can be used for creating an Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN)?. 192.168.0.0/16. 192.268.0.0/24. 0.0.0.0/0. 10.0.0.0/8. 172.16.0.0/12. 189.215.154.89/32.

41. A company accidentally moved a critical database instance to a different compartment within their OCI tenancy. The existing IAM policies were previously mapped to the database's original compartment and granted access to authorized users. How will this impact user access to the database?. A Compartments prevent resource movement; once a resource is placed in a compartment, it cannot be moved. B Access to the database will be immediately revoked for all authorized users due to the compartment change. C Existing IAM policies will continue to function normally, regardless of the compartment move. D Compartments are not covered by IAM policies; they only apply to resources.

42. An organization plans to create an identity domain in the US East (Ashburn) region for a development team. However, some developers might occasionally need access to resources in the Germany (Frankfurt) region. How can OCI IAM be configured to facilitate such cross-region access?. A The identity domain automatically replicates to the Germany (Frankfurt) region. B The administrator can grant users permissions to access specific resources in the Germany (Frankfurt) region. C No additional configuration is needed; users can access resources in all regions by default. D Identity domain replication must be enabled for the development domain to allow access to other regions.

43. When compared to IAM policies, what is a KEY advantage of utilizing administrator roles for access control within OCI IAM identity domains?. A Simplify access management by eliminating the need for complex policy creation. B Can be used to grant access to resources outside of the associated identity domain. C Offer a wider range of permission combinations than IAM policies. D Provide granular control over user access to specific compartments within the domain.

44. You are backing up your on-premises data to the Oracle Cloud Infrastructure (OCI) Object Storage Service. Your requirements are: 1. Backups need to be retained for at least full 31 days. 2. Data should be accessible immediately if and when needed after the backup. Which OCI Object Storage tier is suitable for storing the backup to minimize cost?. A Standard tier. B Auto-Tiering tier. C Archive tier. D Infrequent Access tier.

45. You have objects stored in an OCI Object Storage bucket that you want to share with a partner company. You decide to use pre-authenticated requests to grant access to the objects. Which statement is true about pre-authenticated requests?. A Deleting a pre-authenticated request does not revoke user access to the associated bucket or object. B You need to provide your OCI credentials to the partner company. C You cannot edit a pre-authenticated request. D Pre-authenticated requests can be used to delete buckets or objects.

46. As a cloud infrastructure manager at a multinational company, you're tasked with optimizing data transfer and backup strategies across different regions on Oracle Cloud Infrastructure (OCI). You decide to utilize the Inter Region Latency dashboard provided by OCI to gain insights into latency between regions. Why is the OCI Inter Region Latency dashboard useful for your task?. A It's designed for troubleshooting latency issues within your specific applications, providing targeted insights for optimizing performance. B It focuses solely on latency within your own tenancy ensuring accurate monitoring of data transfer. C It provides real-time data specific to your tenancy's workloads. D It offers a current and historical view of latency snapshots, enabling you to analyze up to a 30- day history.

47. Which statement is TRUE about delegating an existing domain to the Oracle Cloud Infrastructure (OCI) DNS service?. All domains can be retrieved to OCI DNS via DYN. Domains can be delegated to OCI DNS from the OCI Marketplace. Domains can be self-delegated to OCI DNS from its own service portal. Domains can be delegated to OCI DNS via FastConnect partners. Domains can be delegated to OCI DNS from the Domain Registrar's self-service portal.

48. What is the primary purpose of the Web Application Acceleration service offered by Oracle Cloud Infrastructure (OCI)?. A Improving the reliability of layer 7 HTTP load balancers by implementing redundancy measures. B Monitoring and analyzing HTTP traffic patterns to identify potential security vulnerabilities. C Encrypting HTTP traffic to ensure secure communication between clients and servers. D Speeding up traffic on layer 7 HTTP load balancers through caching and compression techniques.

49. In the context of Oracle Cloud Infrastructure (OCI) Compute service, which statement about instance configurations and instance pools is true?. A You can delete an instance configuration if it is associated with an instance pool. B You can only delete an instance configuration if it is not associated with any instance pool. C You cannot reuse the same instance configuration for multiple instance pools. D An instance pool can have multiple instance configurations associated with it.

50. A recently hired network administrator has been given the task of removing SSH permissions from all compute instances in the company's tenancy. She finds all Virtual Cloud Networks (VCNs) in the tenancy using Tenancy Explorer. She removes port 22 from the Security Lists in all VCNs. After she completes the task, the very first compute instance that she tests SSH against, allows her to still SSH into it. Why is that?. A The VCN where that compute instance resides still has an Internet Gateway. B The VNIC of that compute instance is attached to a Cluster Network that has a stateful ingress rule for all protocols on source CIDR 0.0.0.0/0. C The VNIC of that compute instance is attached to a Network Security Group (NSG) that has a stateful ingress rule for all protocols on source CIDR 0.0.0.0/0. D The VCN where that compute instance resides still has a route rule that allows port 22.

12. In the context of OCI IAM, which statement accurately describes ephemeral principals?. A Ephemeral principals are another term for dynamic groups with frequently changing membership. B Ephemeral principals are user accounts with limited lifespans for short-term access. C Ephemeral principals are temporary credentials granted to resources for specific tasks. D Ephemeral principals represent long-lived service accounts used by OCI services.

34. How can an organization securely grant a third-party application access to specific OCI (Oracle Cloud Infrastructure) resources without compromising security?. A. By creating an IAM policy granting full access to the tenancy and assigning it to a dedicated user for the application. B. By sharing user credentials for an OCI administrator with the application. C. By configuring the application to utilize Instance Principal for accessing OCI resources. D. By implementing OAuth 2.0 with the application, allowing it to obtain temporary tokens with limited permissions.