Oracle Cloud Infrastructure 2020 Architect Professional

Which three scenarios are suitable for the use of Oracle Cloud Infrastructure (OCI) Autonomous Transaction Processing "" Serverless (ATP-S) deployment? (Choose three.). A manufacturing company is running Oracle E-Business Suite application on-premises. They are looking to move this application to OCI and they want to use a managed database offering for their database tier. A midsize company is considering migrating its legacy on-premises MongoDB database to Oracle Cloud Infrastructure (OCI). The database has significantly higher workloads on weekends than weekdays. A small startup is deploying a new application for eCommerce and it requires a database to store customers' transactions. The team is unsure of what the load will look like since it is a new application. A well-established, online auction marketplace is running an application where there is database usage 24x7, but also has peaks of activity that are hard to predict. When the peaks happen, the total activities may reach 3 times the normal activity level. A developer working on an internal project needs to use a database during work hours but doesn't need it during nights or weekends. The project budget requires her to keep costs low.

You are the Solution Architect that designed this Oracle Cloud Infrastructure (OCI) compartment layout for your organization:The development team has deployed quite a few instances under "˜Compute' Compartment and the operations team needs to list the instances under the same compartment for their testing. Both teams, development and operations are part of a group called "˜Eng-group'. You have been looking for an option to allow the operations team to list the instances without access any confidential information or metadata of the resources. Which IAM policy should you write based on these requirements? (Choose the best answer.). Allow group Eng-group to inspect instance-family in compartment Dev-Team:Compute and attach the policy to "˜SysTest-Team' Compartment. Allow group Eng-group to read instance-family in compartment Dev-Team:Compute and attach the policy to "˜Dev-Team' Compartment. Allow group Eng-group to inspect instance-family in compartment Dev-Team:Compute and attach the policy to "˜Engineering' Compartment. Allow group Eng-group to read instance-family in compartment Compute and attach the policy to "˜Engineering' Compartment.

You are working for a Travel company and your travel portal application is a collection of microservices that run on Oracle Cloud Infrastructure Container Engine for Kubernetes. As per the recent security overview, you have noticed that Oracle has published a newer image of the Operating System used by the worker nodes. You want to make sure that your application doesn't face any downtime but at the same time the worker nodes gets upgraded to the latest version of the Operating System. What should you do to get this upgrade done without application downtime? (Choose the best answer.). Shutdown the worker nodes 2. Create a new node pool 3. Manually schedule the pods on the newly built node pool. Create a new node pool using the latest available Operating System image. 2. Run kubectl cordon <node name> against all the worker nodes in the old pool to stop any new application pods to get scheduled 3. Run kubectl drain <node name> """"delete""local""data """"force """"ignore""daemonsets to evict any Pods that are running 4. Delete the old node pool. Create a new node pool using the latest available Operating System image 2. Run kubectl taint nodes """"all node""role.kubernetes.io/master"" 3. Delete the old node pool. Run kubectl cordon <node name> against all the worker nodes in the old pool to stop any new application pods to get scheduled 2. Run kubectl drain <node name> """"delete""local""data """"force """"ignore""daemonsets to evict any Pods that are running 3. Download the patches for the new Operating System image 4. Patch the worker nodes to the latest Operating System image.

You work for a large bank where security and compliance are critical. As part of the security overview meeting, your company decided to minimize the installation of local tools on your laptop. You have been running Ansible and kubectl to spin up Oracle Container Engine for Kubernetes (OKE) clusters and deployed your application. For authentication, you are using an Oracle Cloud Infrastructure (OCI) CLI config file that contains OCIDs, Fingerprint, and a locally stored PEM file. Your security team doesn't want you to store any local API key and certificate, or any other local tools. Which two actions should you perform to spin up the OKE cluster and interact with it? (Choose two.). Create a developer workstation on OCI. Install Ansible and kubectl on it. Use resource principal to authenticate against OCI API and create the OKE Cluster. Develop your own code using OCI SDK to deploy the OKE cluster. Work on OCI Cloud Shell to use built-in Ansible and kubectl to deploy the OKE cluster. Use OCI_CLI_AUTH=instance_obo_user environment variable to authenticate using built-in token. Work on OCI Cloud Shell to use built-in Ansible and kubectl to deploy the OKE cluster. Bring in your own config file and certificate to authenticate against OCI API. Create a developer workstation on OCI. Install Ansible and kubectl on it. Use instance principal to authenticate against OCI API and create the OKE Cluster.

A new international hacktivist group, based in London, launched wide scale cyber attacks including SQL Injection and Cross-Site Scripting (XSS) across multiple websites which are hosted in Oracle Cloud Infrastructure (OCI). As an IT consultant, you must configure a Web Application Firewall (WAF) to protect these websites against the attacks. How should you configure your WAF to protect the website against those attacks? (Choose the best answer.). Enable a Protection Rule to block the attacks based on HTTP Headers that contain XSS and SQL strings. Enable an Access Rule to block the IP Address range from London. Enable a Protection Rule to block requests XSS Filters Categories and SQL Filters Categories. Enable a Protection Rule to block requests that came from London. Enable an Access Rule that contains XSS Filters Categories and SQL Filters Categories.

You work for a public health care company based in the United States. Their existing patient records system runs in an on-premise data center and the customer is sending tape backups offsite as part of their disaster recovery planning. You developed an alternative archival solution using Oracle Cloud Infrastructure (OCI) that will save the company a significant amount of money on a yearly basis. The solution involves storing data in an OCI Object Storage bucket. After reviewing your solution with the customer Global Risk and Compliance (GRC) team, they highlighted four security requirements: ✑ All data less than 1 year old must be accessible within 2 hours ✑ All data must be retained for at least 10 years and be accessible within 48 hours ✑ All data must be encrypted at rest ✑ No data may be transmitted across the public internet Which two options meet the requirements outlined by the customer GRC team? (Choose two.). Provision a FastConnect link to the closest OCI region and configure a private peering virtual circuit. Provision a FastConnect link to the closest OCI region and configure a public peering virtual circuit. Create an OCI Object Storage Standard tier bucket. Configure a lifecycle policy to archive any object that is older than 365 days. Create an OCI Object Storage Standard tier bucket. Configure a lifecycle policy to delete any object that is older than 7 years. Create a VPN connection between your on-premises data center and OCI. Create a Virtual Cloud Network (VCN) along with an OCI Service Gateway for OCI Object Storage.

You are helping a customer troubleshoot a problem. The customer has several Oracle Linux servers in a private subnet within a Virtual Cloud Network (VCN). The servers are configured to periodically communicate to the Internet to get security patches for applications installed on them. The servers are unable to reach the internet. An Internet Gateway has been deployed in the public subnet in the VCN and the appropriate routes are configured in the Route Table associated with the public subnet. Based on cost considerations, which option will fix this issue? (Choose the best answer). Create a NAT gateway in the VCN and configure the NAT gateway as the route target for the private subnet. Create another Internet Gateway and configure it as route target for the private subnet. Create a Public Load Balancer in front of the servers and add the servers to the Backend Set of the Public Load Balancer. Implement a NAT instance in the public subnet of the VCN and configure the NAT instance as the route target for the private subnet.

Multiple departments in your company use a shared Oracle Cloud Infrastructure (OCI) tenancy to implement their projects. You are in charge of managing the cost of OCI resources in the tenancy and need to obtain better insights into department's usage. Which three options can you implement together to accomplish this? (Choose three.). Create a budget that matches your commitment amount and an alert at 100 percent of the forecast. Set up a tag default that automatically applies tags to all specified resources created in a compartment. Then use these tags for cost analysis. Set up different compartments for each department. Then track and analyze cost per compartment. Use the billing cost tracking report to analyze costs. Set up a consolidated budget-tracking tags to analyze costs in a granular manner.

After performing maintenance on an Oracle Linux compute instance the system is returned to a running state. You attempt to connect using SSH but are unable to do so. You decide to create an instance console connection to troubleshoot the issue. Which three tasks would enable you to connect to the console connection and begin troubleshooting? (Choose three.). Stop the compute instance using the Oracle Cloud Infrastructure (OCI) Command Line Interface (CLI). Reboot the compute instance using the Oracle Cloud Infrastructure (OCI) Management Console. Edit the Linux boot menu to enable access to console. Upload an API signing key for console connection authentication. Use SSH to connect to the public IP address of the compute instance and provide the console connection OCID as the username. Use SSH to connect to the service endpoint of the console connection service.

You designed and deployed your Autonomous Data Warehouse (ADW) so that it is accessible from your on-premise data center and servers running on both private and public networks in Oracle Cloud Infrastructure (OCI). As you are testing the connectivity to your ADW database from the different access paths, you notice that the server running on the private network is unable to connect to ADW. Which two steps do you need to take to enable connectivity from the server on the private network to ADW? (Choose two.). Add an entry in the Security List of the ADW allowing ingress traffic for CIDR block 10.2.2.0/24. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/0; target type of NAT Gateway, add a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols. Add an entry in the access control list of ADW for IP address 129.146.160.11. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/0; target type of Internet Gateway, add a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols. Add an entry in the access control list of ADW for CIDR block 10.2.2.0/24.

An Oracle Cloud Infrastructure (OCI) Public Load Balancer's SSL certificate is expiring soon. You noticed the Load Balancer is configured with SSL Termination only. When the certificate expires, data traffic can be interrupted and security compromised. What steps do you need to take to prevent this situation? (Choose the best answer.). Add the new SSL certificate to the Load Balancer and update backend servers to use the new certificate bundle. Add the new SSL certificate to the Load Balancer and update listeners to use the new certificate bundle. Add the new SSL certificate to the Load Balancer, update listeners and backend sets so they can use the new certificate bundle. Add the new SSL certificate to the Load Balancer, update backend servers to work with a new certificate and edit listeners so they can use the new certificate bundle. Add the new SSL certificate to the Load Balancer and implement end to end SSL so it can encrypt the traffic from clients all the way to the backend servers.

Your company will soon start moving critical systems into Oracle Cloud Infrastructure (OCI) platform. These systems will reside in the us-phoenix-1 and us- ashburn-1 regions. As part of the migration planning, you are reviewing the company's existing security policies and written guidelines for the OCI platform usage within the company. Your security processes for critical systems require that all data is encrypted at rest using Customer-Managed Keys. Which two options ensure compliance with this policy? (Choose two.). You do not need to perform any additional actions because the OCI Block Volume service always encrypts all block volumes, boot volumes, and volume backups at rest by using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption. When you create a new OCI Object Storage bucket through OCI console, you need to choose "ENCRYPT USING CUSTOMER-MANAGED KEYS" option. When you create a new block volume through OCI console, select "Encrypt using Customer-Managed Keys" checkbox and use encryption keys generated and stored in OCI Vault. When you create a new compute instance through OCI console, you use the default options for "configure boot volume" to speed up the process to create this compute instance. When you create a new compute instance through OCI console, you use the default shape to speed up the process to create this compute instance.

A hospital in Austin has hosted its web-based medical records portal entirely in Oracle Cloud Infrastructure (OCI) using compute instances for its web-tier and DB System database for its data tier. To validate compliance with Health Insurance Portability and Accountability (HIPAA), the hospital hired an IT security professional to check their systems. It was found that there were a lot of unauthorized requests coming from a set of IP addresses originating from a county in Southeast Asia. Which option can mitigate this type of attack? (Choose the best answer.). Block the attacking IP addresses by creating a Security List rule to deny access to the subnet where the web server is running. Block the attacking IP addresses by creating a Network Security Group rule to deny access to the compute instance where the web server is running. Implementing an OCI Web Application Firewall Bot Management policy to identify the attacking IP addresses and mitigate the threat. Block the attacking IP addresses by implementing an OCI Web Application Firewall policy using Access Control Rules.

You work for a large bank where your main application is a payment processing gateway API. You deployed the application on Oracle Container Engine for Kubernetes (OKE) and used API Gateway with several policies to control the access of the API endpoint. However, your customers are complaining about the unavailability of the API endpoint. Upon checking, you noticed that the Gateway URL is throwing Service Unavailable error. You need to check the backend latency and backend responses when this error started last night. What should you do to get this data? (Choose the best answer.). Check with the application owner and search the log file for the container to get the metrics from the log file. Go to Governance Menu and click on Audit to see the Audit log for the API Gateway. Filter it using Start and End date with a 503 response status. Go to Developer Services and click on API Gateway. Go to the detail page of the gateway and select Metrics. Change the Start and End time to filter the metrics. Go to Monitoring and click on Service Metrics. Choose the Metric Namespace as oci_apigateway. Change the Start and End time accordingly. Add a Dimension and select httpStatusCode: 503. Check the backend latency and backend responses metric.

You are running a legacy application in a compute instance on Oracle Cloud Infrastructure (OCI). To provide enough space for it to store internal data, a block volume is attached to the instance in paravirtualized mode. Your application is not resilient to crash-consistent backup. What should you do to backup the block volume in a secure and cost effective way? (Choose the best answer.). Save your application data, detach the block volume and create a clone. Create a volume group, add the boot volume and then run the volume group backup. Create a backup, detach the block volume and save your application data. Save your application data, detach the block volume and create a backup.

You work as a solutions architect for an online retail store creating a portal to allow the users to pay for their groceries using credit cards. Since the application is not fully compliant with the Payment Card Industry Data Security Standard (PCI DSS), your company is looking to use a third-party payment service to process credit card payments. The third-party service allows a maximum of 5 public IP addresses at a time. However, your website is using Oracle Cloud Infrastructure (OCI) Instance Pool Auto Scaling policy to create up to 15 instances during peak traffic demand, which are launched in VCN private subnets and attached to an OCI public Load Balancer. Upon user payment, the portal connects to the payment service over the Internet to complete the transaction What solution can you implement to make sure that all 15 compute instances can connect to the third party system to process the payments during peak traffic demand? (Choose the best answer.). Route credit card payment request from the compute instances through the NAT Gateway. On the third-party services, whitelist the public IP associated with the NAT Gateway. Create an OCI Command Line Interface (CLI) script to automatically reserve public IP address for the compute instances. On the third-party services, whitelist the Reserved public IP. Whitelist the Internet Gateway Public IP on the third party service and route all payment requests through the Internet Gateway. Route payment request from the compute instances through the OCI Load Balancer, which will then be routed to the third party service.

You are developing a Serverless function for your company's IoT project. This function should access Oracle Cloud Infrastructure (OCI) Object Storage to store some files. You choose Oracle Functions to deploy this function on OCI. However, your security team doesn't allow you to carry any API Token or RSA Key to authenticate the function against the OCI API to access the Object Storage. What should you do to get this function to access OCI Object Storage without carrying any static authentication files? (Choose the best answer.). Set up a Dynamic Group using the format below: Create a policy using the format below to give access to OCI Object Storage:. Add these two policy statements for your compartment and then include a call to a "˜resource principal provider' in your function code:. There is no way that you can access the OCI resources from a running function. Add these two policy statements for your compartment to give your function automatic access to all other OCI resources:.

You work for a retail company and they developed a Microservices based shopping application that needs to access Oracle Autonomous Database from the application. As an Architect, you have been tasked to treat all of the application components as Kubernetes native objects, such as the microservices, Oracle Autonomous database, Kubernetes services, etc. What should you do to make sure that you can use Kubernetes constructs to manage the life cycle of the application components, including Oracle Autonomous Database? (Choose the best answer.). Create an Oracle Cloud Infrastructure (OCI) Service Gateway and connect to the Oracle Autonomous Database using the private IP address from the microservice. Provision an Oracle Autonomous Database and then use OCI Service Broker to access the database as a native component to your Kubernetes cluster. Create a service from the Kubernetes cluster and point to the Oracle Autonomous Database using its FQDN. Install and secure the OCI Service Broker for Kubernetes. Then provision and bind to the required Oracle Cloud Infrastructure services.

A large London based eCommerce company is running Oracle DB Systems Virtual Machine RAC database on Oracle Cloud Infrastructure (OCI) for their eCommerce application in the uk-london-1 region. They are currently taking automatic backups of the database, as configured during the database provisioning activity. They are launching a new product soon, which is expected to sell in large quantities all over the world. The application architecture should have minimal cost, no data loss, no performance impacts during the database backup windows and should have minimal downtime. What is the most efficient and cost-effective mechanism of modifying the database deployment architecture to meet these application goals? (Choose the best answer.). Launch a new VM RAC database in another availability domain, launch a compute instance, deploy Oracle GoldenGate on it and then configure it to replicate the data from the eCommerce Database over to the new VM RAC database using GoldenGate. Take backups from the new VM RAC database. Turn off automatic backups from the eCommerce database, implement Oracle Active Data Guard with the standby database deployed on another availability domain, and take backups from the standby database. Launch a new VM RAC database in another availability domain, launch a compute instance, deploy Oracle GoldenGate on it and then configure bi-directional replication from the eCommerce Database over to the new VM RAC database using GoldenDate. Take backup from the new VM RAC database. Turn off automatic backups from the eCommerce database, implement Oracle Data Guard with the standby database deployed on another availability domain, take backups from the standby database.

Your organization is using Oracle Cloud Infrastructure (OCI) and wants to setup a disaster recovery plan by copying block volume backups to another region at regular intervals. This makes it easier to rebuild applications and data in the destination region if a region wide disaster occurs in the source region. Which IAM Policy statement allows the VolumeAdmins group to copy volume backups between regions? (Choose the best answer.). Allow group VolumeAdmins to inspect volumes""family in tenancy. Allow group VolumeAdmins to use volume-backups in tenancy where request.permission='VOLUME_BACKUP_COPY'. Allow group VolumrAdmins to manage volumes in tenancy. Allow group VolumeAdmins to copy volume""backups in tenancy.

You have multiple IAM users who launch different types of compute instances and block volumes every day. As a result, your Oracle Cloud Infrastructure (OCI) tenancy quickly hit the service limit and you can no longer create any new instances. As you are cleaning up the environment, you notice that the majority of the instances and block volumes are untagged. Therefore, it is difficult to pinpoint the owner of these resources and verify if they are safe to terminate. Because of this, your company has issued a new mandate, which requires adding a predefined set of tags to identify owners before launching compute instances. Which option is the simplest way to implement this new requirement? (Choose the best answer.). Create tag variables to automatically tag a resource with the user name. Create a policy to automatically tag a resource with the user name. Create a policy using IAM requiring users to tag specific resources. This will allow a user to launch compute instances only if certain tags were defined. Create tag variables for each compartment to automatically tag a resource with the user name. Create a default tag for each compartment, which ensures that appropriate tags are applied at resource creation.

You have an Oracle database system in a virtual cloud network (VCN) that needs to be accessible on port 1521 from your on-premises network CIDR 172.17.0.0/24. You have the following configuration currently: ✑ Virtual cloud network (VCN) is associated with a Dynamic Routing Gateway (DRG), and DRG has an active IPSec connection with your on-premises data center. ✑ Oracle database system is hosted in a private subnet. ✑ The private subnet route table has following configuration. ✑ The private subnet security list has following INGRESS security rule. ✑ The Oracle database system is part of a network security group with following security rules. However, you are still unable to connect to the Oracle Database system. Which action will resolve this issue? (Choose the best answer.). Add an EGRESS rule in private subnet security list as following. (destination port rage: all). Add an EGRESS rule in network security group as following. Add a route rule in the private subnet route table as following. Add an EGRESS rule in private subnet security list as following. (destination port rage: 1521).

A retail company runs their online shopping platform entirely on Oracle Cloud Infrastructure (OCI). This is a 3-tier web application that includes a 100 Mbps Load Balancer, Virtual Machine Instances for web and application tiers, and an Oracle DB Systems Virtual Machine. Due to unprecedented growth, they noticed an increase in the incoming traffic to their website and all users start getting 503 (Service Unavailable) errors. What is the potential problem in this scenario? (Choose the best answer.). You did not configure a Service Gateway to allow connection between web servers and Load Balancer. The Traffic Management Policy is not set to Load Balancer the traffic to the web servers. The Load Balancer health check status indicates critical situation for half of the backend web servers. The Database is down hence users cannot access the web site. All the web servers are too busy and not able to answer any request from users.

An automobile company wants to deploy their CRM application for Oracle Database on Oracle Cloud Infrastructure (OCI) DB Systems for one of its major clients. In compliance with the business continuity program of the client, they need to provide a Recovery Point Objective (RPO) of 24 hours and a Recovery Time Objective (RTO) of 1 hour. The CRM application should be available even in the event that an entire OCI Region is down. Which approach meets these requirements in the most cost effective manner? (Choose the best answer.). Deploy a 1 node VM Oracle database in one region. Manually Configure a Recovery Manager (RMAN) database backup schedule to take hourly database backups. Asynchronously copy the database backups to object storage in another OCI region. If the primary OCI region is unavailable, launch a new 1 node VM Database in the other OCI region and restore the production database from the backup. Deploy a 1 node VM Oracle database in one region and replicate the database to a 1 node VM Oracle database in another region using a manual setup and configuration of Oracle Data Guard. Deploy an Autonomous Transaction Processing database in one region and replicate it to an Autonomous Transaction Processing database in another region using Oracle GoldenGate. Deploy a 2 node Virtual Machine (VM) Oracle RAC database in one region and replicate the database to a 2 node VM Oracle RAC database in another region using a manual setup and configuration of Oracle Data Guard.

Your team is conducting a root cause analysis (RCA) following a recent, unplanned outage. One of the block volumes attached to your production WebLogic server was deleted and you have been tasked with identifying the source of the action. You search the Audit logs and find several Delete actions that occurred in the previous 24 hours. Given the sample excerpt of this event: Which item from the event log helps you identify the individual or service that initiated the DeleteVolume API call? (Choose the best answer.). eventId. requestAgent. eventource. requestOrigin. principalId.

You are responsible for migrating your on-premises legacy databases on 11.2.0.4 version to Autonomous Transaction Processing "" Dedicated (ATP""D) in Oracle Cloud Infrastructure (OCI). As a solution architect, you need to plan your migration approach. Which two options do you need to implement together to migrate your on-premises databases to OCI? (Choose two.). Use Oracle Golden Gate replication to keep on-premises database online during migration. Convert on-premises databases to PDB, upgrade to 19c, and encrypt. Use Oracle Data Guard to keep on-premises database always active during migration. Retain changes to Oracle shipped privileges, stored procedures or views in the on-premises databases. Retain all legacy structures and unsupported features (e.g. legacy LOBs) in the on-premises databases for migration.

An online stock trading application is deployed to multiple Availability Domains in the us-phoenix-1 region. Considering the high volume of financial transactions that the trading application handles, the company has hired you to ensure that the data stored by the application is scalable, highly-available, and disaster resilient. In the event of failure, the Recovery Time Objective (RTO) must be less than 2 hours to meet regulatory compliance requirements. Which Disaster Recovery strategy should be used to achieve the RTO requirement in the event of system failure? (Choose the best answer.). Configure your application to use synchronous master-slave data replication between Availability Domains. Configure hourly block volumes backups through the Storage Gateway service. Store hourly block volumes backup to NVME device under a compute instance and generate a custom image every 5 minutes. Configure hourly block volumes backups using the Oracle Cloud Infrastructure (OCI) Command Line Interface (CLI).

An organization has its IT infrastructure in a hybrid setup with an on-premises environment and an Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) in the us-phoenix-1 region. The on-premises applications communicate with compute instances inside the VCN over a hardware VPN connection. They are looking to implement an Intrusion Detection and Prevention (IDS/IPS) system for their OCI environment. This platform should have the ability to scale to thousands of compute instances running inside the VCN. How should they architect their solution on OCI to achieve this goal? (Choose the best answer.). Set up an OCI Private Load Balancer and configure IDS/IPS related health checks at TCP and/or HTTP level to inspect traffic. Configure autoscaling on a compute instance pool and set vNIC to promiscuous mode to collect traffic across the VCN and send it to the IDS/IPS platform for inspection. Configure each host with an agent that collects all network traffic and sends that traffic to the IDS/IPS platform for inspection. There is no need to implement an IPS/IDS system as traffic coming over IPSec VPN tunnels is already encrypted.

You work for a bank as the lead Oracle Cloud Infrastructure architect. You designed a highly scalable solution for your company's banking application. The architecture includes a load balancer, application servers with autoscaling configuration based on CPU utilization, and an Autonomous Database with Transaction Processing workload type running in a Virtual Cloud Network (VCN). During the peak utilization period, the application users complain that the application runs slow. What are two possible reasons for the application running slow at times? (Choose two.). The VCN does not have a Network Security Group configured to allow traffic from the load balancer to all the application servers in the backend set. Instance pool in autoscaling configuration for the application servers did not scale out due to compartment quota breach of the VM shapes used by the application servers. The load balancer is not configured correctly to send traffic to all the listeners of the application servers in the backend set. Instance pool in autoscaling configuration for the Autonomous Database did not scale out due to misconfigured scaling policy. Instance pool in autoscaling configuration for the application servers did not scale out due to service limit breach of the VM shapes used by the application servers.

You are working as a solution architect with a global automotive provider who is looking to create a multi-cloud solution. They want to run their application tier in Microsoft Azure while utilizing the Oracle DB Systems in the Oracle Cloud Infrastructure (OCI). What is the most-fault tolerant and secure solution for this customer? (Choose the best answer.). Deploy the Oracle database system into a public subnet in your VCN and assign a public IP address. Connect your application tier running in Azure to the public IP address of the database system over the internet. Create a FastConnect virtual circuit with Microsoft Azure as the provider to establish a private interconnect between the application tier running in the Azure Virtual Network and the OCI VCN that contains the Oracle Databases. Create an encrypted, Virtual Private Network connection between the Microsoft Azure Virtual Network that contains the application tier and the OCI Virtual Cloud Network (VCN) that contains the Oracle Databases. Use an OCI Virtual Cloud Network remote peering connection to create a remote network connection between the application tier running in Microsoft Azure Virtual Network and Oracle Databases running in the OCI Virtual Cloud Network (VCN).