You have deployed a web application targeting a global audience across multiple Oracle Cloud Infrastructure (OCI) regions.
You decide to use Traffic Management Geo-Location based Steering Policy to serve web requests to users from the region closets to the user. Within each region you have deployed a public load balancer with 4 servers in a backend set. During a DR test disable all web servers in one of the regions however, traffic Management does not automatically direct all users to the other region.
Which two are possible causes? You did not correctly setup the Load Balancer HTTP health check policy associated with me backend set One of the two working web servers In the other region did not pass Its HTTP health check You did not setup a Route I able associated with load Balancer's subnet You did not setup an HTTP Health Check associated with Load Balancer public IP in the disabled region. Rather than using Geo-Location based Steering Policy, you should use Failover Policy Type to serve traffic.
You are creating an Oracle Cloud Infrastructure Dynamic Group. To determine the members of this group you are defining a set of matching rules. Which of the following are the supported variables to define conditions in the matching rules? (Choose Two) instance.compartment.id -the OCID of the compartment where the instance resides. instance.tenancy.id -the OCID of the tenancy where the instance resides. tag <tagnamespace>, <tagkey>value -the tag namespace and tag key. iam.policy.id - the OCID of the 1AM policy to apply to the group.
You are building a demo for a customer that showcases Oracle Cloud Infrastructure (OCI) Events service and Oracle Functions. You plan to create an event every time an image is uploaded to an OCI Object Storage bucket. You have also created a function that is listening to the event and processes the image for face recognition.
Choose the two actions from below that are NOT required to run the demo successfully. The function must be deployed only to Oracle Kubernetes Engine (OKE). You have to enable Object Storage buckets to emit events for state changes. You must deploy the function that does facial recognition for the demo to work. Creating an event rule is not permitted for OCI Object storage. You must specify an action type while creating an Event service and specify the function you want to trigger.
An online gaming application is deployed to multiple Availability Domains in the Oracle Cloud Infrastructure (OCI) us-ashburn-1 region. Considering the high volume of traffic that the gaming application handles, the company has hired you to ensure that the data stored by the application is scalable, highly available, and disaster resilient. In the event of failure, the Recovery Time Objective (RTO) and Recovery Point Objective (RPO) must be less than 2 hours. Which Disaster Recovery strategy should be used to achieve the RTO and RPO requirements in the event of a system failure? Configure hourly block volumes backups using the OCI Command Line Interface (CLI). Create a user defined backup policy with a schedule of generating daily backups for block volumes. Configure hourly block volumes backups through the OCI Storage Gateway service. Create a user defined backup policy with a schedule of generating hourly backups for block volumes.
A fast growing E-commerce company has deployed their online shopping application on Oracle Cloud Infrastructure. The application was deployed on compute instances with Autoscaling configuration for application servers fronted by a load balancer and OCI Autonomous Transaction Processing (ATP) in the backend. In order to promote their e-commerce platform 50% discount was announced on all the products for a limited period. During the day 1 of promotional period it was observed that the application is running slow and company's hotline is flooded with complaints. What could be two possible reasons for this situation? The health check on some of the backend servers has failed and the load balancer has taken those servers temporarily out of rotation. As part of Autoscaling, the load balancer shape has dynamically changed to a larger shape to handle more incoming traffic and the system was slow for a short time during this change. The health check on some of the backend servers has failed and the load balancer was rebooting these servers. Autoscaling has already scaled to the maximum number of instances specified in the configuration and there is no room for scaling further.
You are tasked with backing up your data using Oracle Cloud Infrastructure Block Volume service. When you are finalizing your block volume backup schedule, which of the following two are valid considerations for your backup plan? (Choose Two) Number of stored backups: How many backups you need to keep available and the deletion schedule for those you no longer need. Governance: Tagging of backups so you can capture backup related API calls through the Audit service. Frequency: How often you want to back up your data. Location: Determine the Object Store Bucket where the backups will be stored. Encryption: Whether to use your own key to encrypt your volume backups.
As a solution architect, you are designing a web application to be deployed across multiple Oracle Cloud Infrastructures (OCI) regions for a global audience. Your goal is that users from each region should access the application web servers deployed in their own geographical OCI location. Which OCI feature can be used to achieve this? OCI Traffic Management IP Prefix steering policy OCI Global Load balancers OCI Public Load Balancers OCI Traffic Management GeoLocation steering policy.
You have decided to migrate your application to Oracle Cloud Infrastructure and use Oracle Functions to deploy your microservices. Which monitoring metrics are available to help you calculate your total cost for using Oracle Functions per month? (Choose Two) Amount of RAM used by your functions. Length of time a function runs. Number of times a function is invoked. Amount of storage used by your functions. Network bandwidth used by your functions.
A global media organization is working on a project which lets users upload their videos to the site. After upload is complete, the video should be automatically processed by an Al algorithm. The algorithm will try to recognize certain actions in the videos so that it can be used to show related advertisements in future. The development team wants to focus on writing Al code and not worry about underlying infrastructure for high availability, scalability, security and monitoring. Which Oracle Cloud Infrastructure (OCI) services would meet these requirements? OCI Object Storage, OCI Events service and OCI Functions. Oracle Container Engine for Kubernetes, OCI Notifications and OCI Object Storage. OCI Events, Oracle Container Engine for Kubernetes and OCI Digital Assistant. OCI Resource Manager, OCI Functions and OCI Events service.
You have deployed a multi-tier application with multiple compute instances in Oracle Cloud Infrastructure. You want to back up these volumes and have decided to use Volume Group's feature. The Block volume and Compute instances exist in different compartments within your tenancy.
Periodically. a few child compartments are moved under different parent compartments, and you notice that sometimes volume group backup fails.
What could be the cause? You are exceeding your volume group backup quota configured. You have the same block volume attached to multiple compute instances; if these compute instances are in different compartments then all concerned compartments must be moved at the same time. Compute instance with multiple block volumes attached cannot move when a compartment is moved. The Identity and Access Management policy allowing backup failed to move when the compartment was moved.
Which of the following is NOT a good use case for using the functionality available in the Oracle Cloud Infrastructure (OCI) Events service? Publish all events in a specific compartment to Oracle Streaming service for later analysis. Triggers Function using Oracle Functions when new files are uploaded in an OCI Object Storage bucket. Publish a notification when long lived tasks complete, such as OCI Autonomous Database backup completion. Capture Monitoring Alarms and invoke Autoscaling of compute instances. Trigger a notification when a function completes its execution.
Which of the following is NOT a good use case for the Oracle Cloud Infrastructure (OCI) Streaming service? Meeting compliance requirements for data to remain unchanged over a long time, so that it can be retrieved for audit purposes. Messaging with a pull-based communication model and the ability to feed multiple consumers with the same data independently. Ingesting metric and log data to help make critical operational data more quickly available for indexing, analysis, and visualization. Providing a unified entry point for cloud components to report their life cycle events for audit, accounting, and related activities.
Your organization is planning on using Oracle Cloud Infrastructure (OCI) File Storage Service (FSS). You will be deploying multiple compute instance in Oracle Cloud Infrastructure (OCI) and mounting the file system to these compute instances. The file system will hold payment data processed by a Database instance and utilized by compute instances to create a overall inventory report. You need to restrict access to this data for specific compute instances and must be allowed/blocked per compute instance's CIDR block.
Which option can you use to secure access? Use stateless Security List rule to restrict access from known IP addresses only. Create a new VCN security list, choose SOURCE TYPE as Service and SOURCE SERVICE as FSS. Add stateless ingress and egress rules for specific P address and CIDR blocks. Use 'Export option' feature of FSS to restrict access to the mounted file systems. Create and configure OCI Web Application Firewall service with built in DNS based intelligent routing.
Your security team has informed you that there are a number of malicious requests for your web application coming from a set of IP addresses originating from a country in Europe. Which of the following methods can be used to mitigate these type of unauthorized requests? Web Application Firewall policy using access control rules Deny rules in Virtual Cloud Network Security Group for the specific set of IP addresses. Delete Internet Gateway from Virtual Cloud Network. Deny rules in Virtual Cloud Network Security Lists for the specific set of IP addresses.
Which of the following is NOT a good use case for the volume backup feature of the Oracle Cloud Infrastructure Block Volume service? Support business continuity requirements of reducing the risk of outages or data mutation over time. Meet compliance and regulatory requirements for data to remain unchanged over time, so that it can be retrieved for audit purposes. Rapidly duplicate an environment in seconds to test configuration changes without impacting your production environment. Retain a copy of data in a volume, so that you can duplicate an environment later or preserve the data for future use.
Which of the below options is true regarding Oracle Cloud Infrastructure's load balancing service? You can dynamically change the load balancer shape to handle more incoming traffic. The public load balancer applies a floating public IP address to the primary load balancer. When you create a private load balancer, the service requires 2 or more subnets to host both the primary and standby load balancers. A public load balancer is Availability Domain specific in scope.
You want to automate the processing of new image files to generate thumbnails. The expected rate is 10 new files every hour.Which of the following is the most cost effective option to meet this requirement in Oracle Cloud Infrastructure (OCI)? Upload all files to an Oracle Streaming Service (OSS) stream. Setup a cron job to invoke a function in Oracle Functions to fetch data from the stream. Invoke another function to process the image files and generate thumbnails. Store thumbnails in another OSS stream. Upload files to an OCI Object storage bucket. Every time a file is uploaded, an event is emitted. Write a rule to filter these events with an action to trigger a function in Oracle Functions. The function processes the image in the file and stores the thumbnails back in an Object storage bucket. Build a web application to ingest the files and save them to a NoSQL Database. Configure OCI Events service to trigger a notification using Oracle Notification Service (ONS). ONS invokes a custom application to process the image files to generate thumbnails. Store thumbnails in a NoSQL Database table. Upload files to an OCI Object storage bucket. Every time a file is uploaded, trigger an event with an action to provision a compute instance with a cloud-init script to access the file, process it and store it back in an Object storage bucket. Terminate the instance using Autoscaling policy after the processing is finished.
An organization has its mission critical application consisting of multiple application servers and databases running inside Virtual Cloud Network (VCN) in uk-london-1 region. Their solution architect wants to further strengthen their architecture by planning for Disaster Recovery (DR) in eu-frankfurt-1 region.
Which two solutions should their architect keep in mind while designing for DR? It is not possible to use Active Data Guard to synchronize a database in uk-london-1 region to equivalent database in eu-frankfurt-1 region. Load balancer will automatically distribute traffic between both the regions. A remote VCN peering connection is required to establish secure and reliable connectivity between different VCNs created in uk-london-1 and eu-frankfurt-1 region. rsync utility can be used to asynchronously copy file systems or snapshot data to another region. The RTO is the acceptable timeframe of lost data that application can tolerate.
You are working with a customer who needs to attach an Oracle Cloud Infrastructure (OCI) block volume to a VM instance with read/write access type. The customer wants to know if the number of IOPS and throughput performance differs between the following two choices:
* Option A: attach a single 1 TB block volume to the VM instance
* Option B: attach two separate 500 GB block volumes In a RAID 0 array configuration to the VM instance You can assume that the customer is using iSCSI attachment type to attach the volumes to the instance. In addition, you can assume 1 MB block size for throughput and 4 KB block size for IOPS consideration.
How should you respond to the customer? Option B provides better IOPS and throughput performance. Option B provides higher level of throughput, but lower level of IOPS performance. Both options provide the same number of IOPS and throughput performance. Option A provides better IOPS, but lower throughput performance.
You are running a legacy application In a compute Instance on Oracle Cloud Infrastructure (OCI). To provide enough space for it to store internal data, a block volume is attached to the instance in paravirtualized mode. Your application is not resilient to crash-consistent backup. What should you do to securely backup the block volume? Create a volume group, add the block volume and boot volume and then run the volume group backup. Before creating a backup, save your application data and detach the block volume. Create a backup, detach the block volume and save your application data. Use the block volume clone feature to save cost and speed up the backup process.
You have deployed a multi-tier application with multiple compute instances in Oracle Cloud Infrastructure. You want to back up these volumes and have decided to use Volume Group's feature. The Block volume and Compute instances exist in different compartments within your tenancy.
Periodically. a few child compartments are moved under different parent compartments, and you notice that sometimes volume group backup fails.
What could be the cause? You are exceeding your volume group backup quota configured. You have the same block volume attached to multiple compute instances; if these compute instances are in different compartments then all concerned compartments must be moved at the same time. Compute instance with multiple block volumes attached cannot move when a compartment is moved. The Identity and Access Management policy allowing backup failed to move when the compartment was moved.
You are part of a project team working in the development environment created in OCI. You have realized that the CIDR block specified for one of the subnet in a VCN is not correct and want to delete the subnet. While deleting you are getting an error indicating that there are still resources that you must delete first. The error includes the OCID of the VNIC that is in the subnet.
Which of the following action you will take to troubleshoot this issue? Use OCI CLI to call "GetVnic" operation to find out the parent resource of the VNIC Copy and Paste OCID of the VNIC in the search box of the OCI Console to find out the parent resource of the VNIC Use OCI CLI to delete the VNIC first and then delete the subnet Use OCI CLI to delete the subnet using --force option.
An insurance company is storing critical financial data in the OCI block volume. This volume is currently encrypted using oracle managed keys. Due to regulatory compliance, the customer wants to encrypt the data using the keys that they can control and not the keys which are controlled by Oracle.
What of the following series of tasks are required to encrypt the block volume using customer managed keys? Create a vault, import your master encryption key into the vault, generate data encryption key, assign data encryption key to the block volume Create a master encryption key, create a data encryption key, decrypt the block volume using existing oracle managed keys, encrypt the block volume using the data encryption key Create a vault, create a master encryption key in the vault, assign this master encryption key to the block volume Create a master encryption key, create a new version of the encryption key, decrypt the block volume using existing oracle managed keys and encrypt using new version of the encryption key.
A customer has a Virtual Machine instance running in their Oracle Cloud Infrastructure tenancy. They realized that they wrongly picked a smaller shape for their compute instance. They are reaching out to you to help them fix the issue.
Which of the below options is best recommended to suggest to the customer? Delete the running instance and spin up a new instance with the desired shape. Change the shape of instance without reboot, but stop all the applications running on instance beforehand to prevent data corruption. Change the shape of the virtual machine instance using the Change Shape feature available in the console. OCI doesn't allow such an operation.
A FinTech startup is developing a new blockchain based application to provide Smart Contracts using micro- services architecture. The development team is planning to deploy the application using containers and looking for a reliable way to build, deploy and manage their cloud- native application.
Additionally, they need an easy way to store, share and manage their application artifacts. Which option should you recommend for this application? Install and manage a Kubernetes cluster on OCI Compute Instances and use OCI Resource Manager for management of application artifacts Use and OCI Resource Manager to manage cloud-native application and make the application artifacts available using OCI Functions Use Oracle Container Engine for Kubernetes (OKE) to manage of cloud-native applications and OCI Registry for application artifacts Use Oracle Container Engine for Kubernetes (OKE) to manage the deployment environment and OCI Functions for application artifacts.
A cloud consultant is working on a implementation project on Oracle Cloud Infrastructure (OCI). As part of the compliance requirements, the objects placed in OCI Object Storage should be automatically archived first and then deleted. He is testing a lifecycle policy on Object Storage and created a policy as below:
All the objects with names starting with "doc" will be archived 5 days after object creation and will be deleted 5 days after archival. All the objects having file extension "doc" will be archived 5 days after object creation. All the objects having file extension "doc" will be archived for 5 days and will be deleted 10 days after object creation. All objects with names starting with "doc" will be deleted after 5 days of object creation.
A manufacturing company is planning to migrate their on-premises database to OCI and has hired you for the migration. Customer has provided following information regarding their existing onpremises database:
Database version, host operating system and version, database character set, storage for data staging, acceptable length of system outage.
What additional information do you need from customer in order to recommend a suitable migration method? Choose two Elapsed time since database was last patched On-premises host operating system and version Number of active connections Data types used in the on-premises database Top 5 longest running queries.
You are working as a solution architect for a customer in Frankfurt, which uses multiple compute instance VMs spread among three Availability Domains in the Oracle Cloud Infrastructure (OCI) eu-frankfurt-1 region. The compute instances do not have public IP addresses and are running in private subnets inside a Virtual Cloud Network (VCN). You have set up OCI Autoscaling feature for the compute instances, but find out that instances cannot be auto scaled. You have enabled monitoring on the instances.
What could be wrong in this situation? Autoscaling only works for instances with public IP addresses. Autoscaling only works with single availability domains. You need to assign a reserved public IP address to the compute instances. You need to set up a Service Gateway to send metrics to the OCI Monitoring service.
You are trying to troubleshoot the configuration of your Oracle Cloud Infrastructure (OCI) Load Balancing service. You have a backend HTTP service for which you have created a backend set in the load balancer. You have configured health checks for the backend set. Although the health checks appear good, customers sometimes experience transaction failures. Which of the following options will definitely lead to this problem? You are NOT using regional subnets in your Virtual Cloud Network. With Availability Domain (AD) specific subnet. the compute instances of the backend service running in the subnet have issues when the AD is down. You are using OCI Domain Name System. You have misconfigured the 'A' record with the wrong IP address leading to requests not getting routed correctly. You are using iSCI for block volume attachment to the compute instances in your backed HTTP service. TCP/IP configuration of your block volume attachment is not configured correctly, leading to issues in your backend service. You are running a TCP-level health check against your HTTP service. The TCP handshake can succeed and indicate that the service is up even when the HTTP service has issues.
You have been asked to implement a bespoke financial application in Oracle Cloud Infrastructure using virtual machine instances controlled by Autoscaling across multiple Availability Domains. The application stores transaction logs, intermediate transaction data, and audit data and needs to store this on a persistent, durable data store accessible from all of the application servers. The application requires the file system to be mounted in the /audit folder on the Linux file system. The system needs to tolerate the failure of two or more Fault Domains and still maintain data integrity. The solution should be as low maintenance as possible.
What storage architecture should you suggest? Use locally attached NVMe instances and configure RAID 0 replication between servers. Use File Storage Service(FSS). Configure FSS to operate from all Availability Domains the application servers operate in and mount the file system in the /audit folder. Implement a single instance and install an NFS server, configure and create an NFS share, and mount this as /audit on the application instances. Store the data on Oracle Object Storage mounted at the /audit mount point on all the Linux instances using the default mount options.
You are a solution architect working with a startup that has decided to move their workload to Oracle Cloud Infrastructure. Since their workload is small, upon architecting, you decide its sufficient to use 8 compute instances to run their workload. The company wants to use a common storage for their instances. So, you propose the idea of attaching a block volume to multiple instances to provide a common storage.
Which of the below option is NOT true for such a solution? If the block volume is already attached to an instance as read/write non-shareable you can't attach it to another instance until you detach it from the first instance. You can delete a block volume from one instance without detaching it from all other instances there by keeping other instance's storage intact. Block volumes attached as read-only are configured as shareable by default. Once you attach a block volume to an instance as read-only, it can only be attached to other instances as read-only.
Which of the following features is NOT supported by Oracle Cloud Infrastructure Multi-factor authentication (MFA)? Only the user can enable MFA for their own account. Members of the Administrators group can disable MFA for other users. Users can disable MFA for their own accounts. Members of the Administrators group can enable MFA for other users.
A cloud consultant is working on implementation project on OCI. As part of the compliance requirements, the objects placed in object storage should be automatically archived first and then deleted. He is testing a Lifecycle Policy on Object Storage and created a policy as below:
[ { "name": "Archive_doc", "action": "ARCHIVE", "objectNameFilter": { "inclusionPrefixes": "doc"] },
"timeAmount": 5, "timeunit": "DAYS", "isEnabled": true },
{ "name": "Delete_doc", "action": "DELETE", "objectNameFilter": "inclusionPrefixes": [ "doc"]
1."timeAmount": 5, "timeunit": "DAYS", "isEnabled": true }
What will happen after this policy is applied? All objects with names starting with "doc" will be deleted after 5 days of object creation All the objects having file extension ".doc" will be archived for 5 days and will be deleted 10 days after object creation All the objects having file extension ".doc" will be archived 5 days after object creation All the objects with names starting with "doc" will be archived 5 days after object creation and will be deleted 5 days after archival.
Your customer has gone through a recent departmental re structure. As part of this change, they are organizing their Oracle Cloud Infrastructure (OCI) compartment structure to align with the company's new organizational structure.
They have made the following change:
Compartment x Is moved, and its parent compartment is now compartment c.
Policy defined in compartment A: Allow group networkadmins to manage subnets in compartment X Policy defined in root compartment: Allow group admins to read subnets in compartment Finance:A:X After the compartment move, which action will provide users of group networkadmins and admins with similar privileges as before the move?
Define a policy in Compartment C as follows: Allow group network admins to manage subnets in compartment X. No change in any policy statement is required as compartments move automatically moves alt the policy statements associated with compartments as well. Define a policy in compartment C as follows: Allow group admins to read subnets in compartment HR:C:X Define a policy in compartment HR as follows: Allow group network admins to manage subnets in compartment X. Define a policy in compartment C as follows Allow group admins to read subnets in compartment HR:C:X.
You have multiple IAM users who launch different types of compute Instances and block volumes every day. As a result, your Oracle cloud Infrastructure (OCF) tenancy quickly hit the service limit and you can no longer create any new instances. As you are cleaning up environment, you notice that the majority of the Instances and block volumes are untagged. Therefore, It is difficult to pinpoint the owner of these resources verify if they are safe to terminate.
Because of this, your company has issued a new mandate, which requires adding compute instances.
Which option is the simplest way to implement this new requirement? Create a policy to automatically tag a resource with the user name. Create a policy using 1AM requiring users to tag specific resources. This will allow a user to launch compute instances on\y if certain tags were defined. Create tag variables to automatically tag a resource with the user name. Create a default tag for each compartment, which ensure that appropriate tags are applied at resource creation Create tag variables for each compartment to automatically tag a resource with the user name.
An insurance company is storing critical financial data in the Oracle Cloud Infrastructure block volume. This volume is currently encrypted using oracle managed keys. Due to regulatory compliance, the customer wants to encrypt the data using the keys that they can control and not the keys which are controlled by Oracle.
What of the following series of tasks are required to encrypt the block volume using customer managed keys? Create a vault, create a master encryption key in the vault, assign this master encryption key to the block volume. Create a master encryption key, create a data encryption key, decrypt the block volume using existing oracle managed keys, encrypt the block volume using the data encryption key. Create a master encryption key, create a new version of the encryption key, decrypt the block volume using existing oracle managed keys and encrypt using new version of the encryption key. Create a vault import your master encryption key into the vault, generate data encryption key, assign data encryption key to the block volume.
As an administrator you want to give users of ObjectWriters group full access to bucket Bucket-A and its objects in compartment comp-images. You want users of ObjectWriters to not be able to access or modify properties of any other buckets and its objects in the compartment comp-images. Allow group ObjectWriters to inspect buckets in compartment comp-images Allow group ObjectWriters to read buckets in compartment comp-images where target.bucket.name=' Bucket-A" Allow group ObjectWriters to manage objects in compartment comp-images where target.bucket.name=' Bucket-A' Allow group ObjectWriters to manage buckets in compartment comp-images where target.bucket.name=' Bucket-A' Allow group ObjectWritexs to read buckets in compartmentcomp-images
Allow group ObjectWriters to manage objects in compartment comp- images where target.bucket.name= 'Bucket-A' Allow group ObjectWriters to mange buckets in compartment comp- images Allow group ObjectWriters to manage objects in compartment comp-images where target.bucket.name= 'Eucket-A'.
You have created compartment called Dev for developers. There are two 1AM groups for developers: group-devl and group-dev2. You need to write an Identity and Access Management (1AM) policy to give users in these groups access to manage all resources in the compartment Dev.
Which of the following 1AM policy will accomplish this? Allow any-user to manage all resources in compartment Dev where request.group= /group-dev*/ Allow group /group-dev*/ to manage all resources in compartment Dev Allow group group-devl group-dev2 to manage all resources in compartment Dev Allow any-user to manage all resources in tenancy where target.comparment= Dev.
Many development engineers are deploying new instances as part of their projects in Oracle Cloud Infrastructure tenancy, but majority of these instances have not been tagged. You as an administrator of this tenancy want to enforce tagging to identify owners who are launching these instances.
Which option below should be used to implement this requirement? Create a predefined tag with tag variables to automatically tag a resource with usemame. Create a default tag for each compartment which ensure appropriate tags are allowed at resource creation. Create tag variables for each compartment to automatically tag a resource with user name. Create an IAM policy to automatically tag a resource with the usemame.
A manufacturing company is planning to migrate their on-premises database to Oracle Cloud Infrastructure and has hired you for the migration. Customer has provided following information regarding their existing on-premises database:
Database version, database character set, storage for data staging, acceptable length of system outage.
What additional information do you need from customer in order to recommend a suitable migration method? (Choose Two) Top 5 longest running queries. Data types used in the on-premises database. On-Premises host operating system and version. Number of active connections. Elapsed time since database was last patched.
You are working on the migration of the web application infrastructure of your company from on- premises to Oracle Cloud Infrastructure. You need to ensure that the DNS cache entries of external clients will not direct them to the on-premises infrastructure after switching to the new infrastructure.Which of the following options will minimize this problem? Reduce the TTL of the DNS records after the switch. DNS changes propagate fast enough that it is not necessary to take any action. Increase the TTL of the DNS records before the switch. Increase the TTL of the DNS records after the switch. Reduce the TTL of the DNS records before the switch.
An eCommerce company is running on Oracle Cloud Infrastructure (OCI) and many compute instances remain unused for the most part of the year except during Black Friday and Christmas. You suggest them to use OCI's Autoscaling feature and present them a slide to showcase the features of Autoscaling. Which option below is inaccurate in your presentation to the customer? A cooldown period between Autoscaling events lets the system stabilize at the updated level. When an instance pool scales in, instances are terminated in this order: the number of instances is balanced across Availability Domains, and then balanced across Fault Domains. Finally, within a Fault Domain, the newest instance is terminated first. Autoscaling relies on performance metrics such as CPU utilization that are collected by OCI Monitoring service to trigger an Autoscaling event. Autoscaling requires an instance pool as a pre-requisite so that it can automatically adjust the number of compute instances in an instance pool.
You have to migrate your application to Oracle Cloud Infrastructure (OCI). The database is constantly being updated and needs to be online without interruptions. How can you transition the database to OCI without interrupting its use? It is impossible to migrate without interruption. Use an on-premises database with two-way synchronization to a cloud-based database and allow clients to connect to either databases. Use an on-premises database with one-way synchronization to a cloud-based database and allow clients to connect only to the cloud database. Use an on-premises database with one-way synchronization to a cloud-based database and allow clients to connect only to the on-premises database until it is synchronized.
A company is running High Performance Computing workloads on Oracle Cloud Infrastructure and are using OCI bare metal compute shape. They have decided to create a custom image of the bare metal instance's boot disk and use it to launch other instances.<br />Which of the following is a NOT a true statement? Before you create a custom image of an instance, you must disconnect all iSCSI attachments and remove all iscsid node configurations from the instance. Editing custom Windows images is not supported due to hardware differences between shapes. Custom images do not include the data from any attached block volumes. You can create additional custom images of an instance while the instance is engaged in the image creation process.
Identify the correct statements about OCI Functions service metrics.
select THREE correct answers. The number of requests to invoke a function that failed with an error response The number of times a function is invoked The number of times a function is deleted The amount of time a function runs for.
A number of malicious requests for a web application is coming from a set of IP addresses originating from Antartica.
Which of the following statement will help to reduce these types of unauthorized requests? Delete NAT Gateway from Virtual Cloud Network Use WAF policy using Access Control Rules List specific set of IP addresses then deny rules in Virtual Cloud Network Security List Change your home region in which your resources are currently deployed.
A company's data center has been hit by a tsunami in Japan which has damaged buildings, although still operational which needs to migrate 377 TB of data to OCI in seventeen days. The company has 150 mbps internet connectivity but the connection is intermittent due to the damages caused to the electrical grid.
Which is the most effective service for this scenario? Use object storage multipart to upload data to OCI Establish OCI storage gateway to connect your data center and VCN. Then upload all data to OCI Establish 1 Gbps FastConnect between your data center and OCI. Use CLI to automate the migration of data to OCI using
object storage multipart upload Use numerous OCI Data Transfer appliances to transfer data to OCI.
An automobile company is designing a website to be deployed across multiple OCI regions for worldwide audience. The target should be that users from each region should access the application web servers deployed in their own geographical OCI location.
Which feature will help you achieve this goal? OCI Traffic Management GeoLocation steering policy Global Load Balancer OCI Traffic Management IP Prefix steering policy Public Load Balancer.
A global e-commerce company wants to set up durable, cost-effective solution to archive data from on-premises to OCI.
What is most feasible way to meet the requeriment? Use File Storage to copy data from om-premise to OCI Setup FastConnect and use rsync tool to copy data to OCI Object Storage Archive Tier Setup on-premise storage gateway which will back up data to OCI Object Storage Standard tier Setup on-premise storage gateway which will back up data to OCI Object Storage Archive tier.
A leading e-commerce company announced Black Friday Sale due which they noticed a dramatic increase in the incoming traffic to their e-commerce website. Customer support line is flooded with tickets that the users are getting 503 error(Service Unavailable).
What can be the root cause of the issue? Database is down since patching of updates is in progress Web servers are overloaded or down for maintenance and hence unable to answer requests Traffic management policy is using IP prefix steering instead of geolocation steering Internet Gateway is not configured properly between load balancers and web servers.
A global web series compnay wants to focus on AI code without worrying about underlying infrastructure for scalability, high-availability, monitoring and security. Users are allowed to upload videos on their website for making reviews.
Which OCI services should you recommended? OCI Functions, OCI Event Service and Object Storage for storing videos OCI Object Storage, OCI Notifications and OKE for deployment of AI Code OCI Functions, OCI Event Service and OCI Resource Manager to manage infrastructure OCI Event Service for videos and OKE for application development.
Operation team is planning to migrate an on premise database to Autonomous Transaction Processing Dedicated.
As a solutions architect, which TWO statements plays a key role during the migration from on-premise legacy databaseto OCI? To keep on-premise database online while the migration is in progress use GoldenGate replication To keep the on-premise database active during migration, use data guard Any changes to Oracle stored procedures, views and shipped privileges must be kept Convert on-premise database to PDB, then upgrade to 19c and encrypt.
A company which has multiple departments and use shared OCI tenancy for various projects,
As a solutions architect, you need to manage the cost of resources in the tenancy in order to obtain better view of department's usage.
Which TWO statements can help you meet the requeriment? Create multiple compartments for each department. Then analyze and track costs Use CLI to send an automated mail to all users whenever the budget meets the threshold Create consolidated budget-tracking tags to analyze costs in a granular manner Create tag default which automatically applies tags to all specified resources created in a compartment. For cost analysis, use these tags .
An online tourism company is hosting a competition where contestants are allowed to upload their videos and photos of the places they have travelled . The online portal must offload the videos and photos to an Object Storage for a duration of 48 hours. After the time has elapsed, the portal will hold all the photos and videos locally.
Which statement will help you meet this goal? Set up a dynamic group and grant access to the object storage for 48 hours Set up PAR URL for each object uploaded to object storage and grant write permission with an expiration time of 48 hours Set up PAR URL for entire object storage bucket and grant read permission with an expiration time of 48 hours Set up PAR URL for entire object storage bucket and grant write permission with an expiration time of 48 hours.
Compartment A policy: Allow group networkadmins to manage subnets in compartment Z. Root compartment policy: Allow group admins to read subnets in compartment Dev: A : Z
Compartment Z is moved, and now it's parent compartment is C.
Which TWO IAM policies would be required to ensure both groups have the same permissions to compartment Z that is had before? (Draw) Define a policy in compartment C : allow group networkadmins to read subnets in compartments Z Define a policy in UAT compartment: allow group networkadmins to manage subnets in compartment C:Z Define a policy in root compartment : allow group admins to read subnets in compartment UAT: C: Z Define a policy in root compartment: allow group admins to manage subnets in compartment Dev: A : Z.
An e-commerce company is running Black Friday sale for limited period of time. During first day of promotion, the website was running slow and customer support is flooded with complaints.
What can be the TWO reasons for this scenario? Backend servers was restarting during that time as load balancer health check failed The load balancer has taken some of servers temporarily out of rotation as health check on few backend servers has failed Load balancer dynamically changed the servers to a larger shape so that more incoming traffic can be handled and due this website was slow for short duration There is no room for scaling out as autoscaling has scaled to maximum number of instances as specified in the configuration.
An automobile company needs OCI Object Storage for storing data for sales records.
-- Data must be encrypted at rest and should not get transmit over the public internet
-- Data must be retained for 7 years and should be accessible within 3 hours if data is less than 2 years old.
Which TWO statements will satisfy the requeriment of the automobile company? Configure a public peering virtual circuit and set up a Fastconnect link to the nearest OCI region Configure a private peering virtual circuit and set up a FastConnect link to the nearest OCI region Configure a lifecycle policy for object storage standard bucket to delete any object older than 5 years Configure a lifecycle policy for object storage standard bucket to move objects to archive tier for objects older than 2 years.
With regard to OCI Event Service, which of statement is NOT best use case? Upon function execution, trigger a notificacion Initiate autoscalling of compute instance and capturing monitoring alarms Upon longer task completion, publish a notification When new files arrives in OCI bucket, trigger an OCI function.
An artificial intelligence (AI) company has realised that they have incorrectly picked up a smaller shape for their compute instance which is unable to handle a complex algorithm.
As a solutions architect, how can you help fix the issue? Instance shape is permanent and changing of instance shape is not supported Delete the instance with smaller shape and then spin up a new instance with larger shape Stop all applications running on the first to prevent data loss then change the shape of instance without reboot Using change shape feature from OCI console, change the shape of the VM instance.
An IT company needs to ensure that the data stored by it's application is high available, scalable and disaster resilient . In the even of failure of the application which is deployed over numerous availability domains, the RPO & RTO should be less than 3 hours.
Which strategy will help you to achieve the above requriments? Using OCI CLI, automate and configure hourly block volume backup Using OCI Storage Gateway, configure hourly block volume backup Using user defined backup policy, schedule block volume backups for daily backups Using user defined backup policy, schedule block volume backups for hourly backups.
Which of the following statement is INCORRECT about private access to services in OCI? Private endpoint cannot be used for hosts in the on-prem network Within your VCN private endpoint gives hosts access to a given service Request from an OCI compute instance going via service gateway to object storage is routed without being sent over the internet Private access can be enabled to certain services from VCN using either service gateway or a private endpoint.
An automobile company is having multiple instances which do not have public IP addresses and are running in private subnet inside a VCN spread among two avilability domain. Monitoring is enabled for instances and you find out that instances cannot be auto scaled inspite of setting up the autoscaling feature.
What can be the root cause of the problem? Autoscaling can only be set up for single availability domain Set up Service Gateway so that metrics can be send to OCI monitoring service Autoscaling works only for instances having public IP address Reserved public IP needs to be assigned for the compute instances .
Which of the following statement is INCORRECT about block volumes? If a block volume attached to an instance as read-only then it can only be attached to other instance as read-only read-only block volumes are configured by default as shareable Block volume from one instance can be deleted without detaching it from other instances so that other instances can use the storage for time being Block volume already attached to an instance as write/read non-shareable then it can't be attached to another instance until the block volume is detached from first instance.
Compartment Z contains compute instances which is moved to Compartment B. The VCN into which the compute instances was deployed previously also resides in it. What will be the result of moving compute instance to new compartment ?
Move will fail as VCN needs to be moved first VNIC associated with the compute instance needs to be also moved after moving the compute instance The compute instance's private and public IP will change. Moving compute instance to new compartment will be successful The compute instance's private and public IP will remain as it is. Moving compute instance to new compartment will be successful.
An automobile company has customers from two major geographical regions: Antartica and Africa. The requeriment is as follows:
--Antartica customers should be served by app running in Antartica & Africa customers should be served by app running in Africa which should be available 24X7 to avoid any outages.
-- Solution must be resilient in case of regional outages and should be fault tolerant
Which solution will meet the above requeriment with lowest latency? Geolocation steering policy, OCI DNS Failover steering policy, OCI DNS Geolocation steering policy with health checks, OCI DNS Failover steering policy with health checks, OCI DNS.
An application is running on a non-resilent crash-consistent backup which has block volume attached to an instance in paravirtualized mode.
How can you backup the block volume in a cost-friendly and secure manner? Create a clone, detach the block volume and save application data Save a application data first then detach the block volume and finally create a backup Save application data first then detach the block volume and finally create a clone First create volume group, then add the boot volume and finally run the volume group backup.
When planning for a database migration from on-premise to OCI, which additional factors should be taken into considerations apart from database character set, storage for data staging, acceptable length of system outage and database version?
Select TWO correct answers. On-premise database data type usage. Total number of connections active Host operating system and version used in on-premise Top 7 longest running queries.
A company is migrating an application from on-premise to OCI which needs zero downtime when the migration is in progress. The company decided to divert 20% of the traffic to new application in OCI and rest 80% traffic to on-premises.
How can the above requeriment be met? Establish VPN connectivity between OCI and on-prem and use route tables Using Load Balancer to distribute the traffic between OCI and on-premise Using traffic management with failover steering policy to distribute traffic between on-prem and OCI Using traffic management with load balancer steering policy to distribute traffic between on-prem an OCI.
As a solutions architect, you need to copy the latest data from production environment to Development environment as quickly as possible to carry out some urgent tasks as instructed by your manager. The size of data to be copied is 100GB from an autonomous database in OCI.
Which steps should you recommended to the operations team for this activity? Use Data pump utility to export data from production and import data to dev environment Create a non-production database using a full clone a production autonomuos database Use ZDM to export data from production and import data to dev environment Create a non-production database using a full database backup of production autonomous database.
Which of the statement is INCORRECT about autoscaling? Cooldown duration between autoscaling events stabilizes the system at updated level Autoscaling needs an instance pool asa pre-requisite Autoscaling works on performance metrics like CPU utilization Instances are terminated in the following order: the number of instances accross availability domain is balanced, and then balanced across fault domains. The newest instance in the fault domain is terminated first.
As a solutions architect, you need to assist operations team to write an IAM policy to give users in group-uat1 and group-uat2 access to manage all resources in the compartment Uat.
Which is the CORRECT IAM policy? Allow any-user to manage all resources in tenancy where target.compartment=Uat Allow any-user to manage all resources in compartment Uat where request.group=/group-uat*/ Allow group /group-uat*/ to manage all resources in compartment Uat Allow group group-uat1 group-uat2 to manage all resources in compartment Uat.
A company is currently running an application in Azure and want to implement Oracle Autonomous Data warehouse (ADW) instance for running e-commerce analytics services which should be secure.
As a solution architect, how can you achieve this goal? Connect Azure Vnet to Oracle ADW in your VCN via internet Use data transfer appliance to transfer the data from Azure to Oracle ADW Establish an interconnect between Azure and OCI using Fastconnect and ExpressRoute. Use Service Gateway in OCI VCN to establish connectivity to Oracle ADW instance Establish an interconnect between Azure and OCI using Directconnect and ExpressRoute. Use Service Gateway in OCI VCN to establish connectivity to Oracle ADW instance.
Database backup failed for OCI 2-node RAC DB systems on virtual machines.
What can be the possible reason for failed backup status? Incorrect auth token is used by Object Store Swift endpoints Versioning mismatch between RMAN backup and database being used Allocated storage on OCI Object Storage attached with the full database Master key stored in OCI Key Management is inaccessible for backup service.
What are the use case of Autonomous Transaction Processing Serverless (ATP-S)?
Select TWO use case scenario? An e-commerce company migrating its DynamoDB database to OCI Manufacturing company using new applications which requires a database to store customers transactions An automobile company migrating Oracle e-business suite to OCI A start up company which needs to usea database during office hours but doesn't need during weekends.
What is the correct IAM policy which allows VolGroup group to copy boot volume backups to another region? Allow group VolGroup to inspect volumes in tenancy where request.permission='BOOT_VOLUME_BACKUP_COPY' Allow group VolGroup to use backups in tenancy where request.permission='BOOT_VOLUME_BACKUP_COPY' Allow group VolGroup to manage volumes in tenancy where request.permission='BOOT_VOLUME_BACKUP_COPY' Allow group VolGroup to copy volumes in tenancy where request.permission='BOOT_VOLUME_BACKUP_COPY'.
An Oracle function returns a FunctionInvokeImageNotAvailable message and a 502 error.
What can be the root cause of it? Function is absent in the mentioned location in OCI Registry Current location of the function in OCI Registry is not configured properly in OCI Event Service Current location of the function in OCI Vault not configured properly in OCI Event Service OCI function is inaccessible as NAT gateway is not configured properly.
As a solutions architect, how should you configure WAF to protect an application from SQL injection and Cross-Site Scripting (XSS) originating in China? Protection rule should be enabled to block attacks based on HTTP Protection rule should be enabled to block requests XSS Filters and SQL Categories Access rule should be enabled which contain XSS Filters and SQL Categories Access rule should be enabled to block IP Address range from China.
An e-commerce company needs the following architecture from their on-premise data center to an OCI region:
-- Low latency with Dedicated network bandwidth
-- High Availability with service level redundancy
Which solution is most cost-friendly which meets the above requeriment? Use IPSec VPN as primary connection and another IPSec VPN as a secondary connection Use IPSec VPN as primary connection and FastConnect as secondary connection Use FastConnect as primary connection and IPSec VPN as secondary connection Use FastConnect as primary connection and another FastConnect as secondary connection.
Which solution should you implement to stop PII data leakage through input forms? WAF with threat intelligence WAF with caching rules WAF with access rules WAF with protection rules.
An e-tourism website uses OCI Functions and OCI Event Service which should create an event whenever an image is uploaded to an OCI Object Storage by it's customers. OCI function is listening to the event and processes the images for facial recognition.
Which TWO statements are NOT essential for the above scenario? OCI function should be deployed to Kubernates Engine State changes should be enabled for Object Storage to emit events Facial recognition function should be deployed to recognise faces in the images Event rule cannot be created for Object Storage.
A company needs to enforce a security policy such that credentials used by the web server to allow access to Object Storage must not be stored locally on the compute instance.
As a solutions architect, what should you implement to achieve this with least effort? Store credentials in a compute instance which is in the private subnet Use Instance principal to allow API calls to OCI Object Storage Use Transparent Data Encryption to automatically allow API calls to OCI Object Storage Use OCI Key Vault to allow API calls to OCI Object Storage.
A company needs to migrate from on-prem to OCI where database needs to be online without downtime for its clients.
How can you meet the above requeriment? Database will face some downtime during migration Use on-premise database with bi-directional synchronization to allow clients to connect to any one of the database Use on-premise database with one-way synchronization to allow clients to connect only to cloud database Use on-premise database with one-way synchronization to allow clients to connect only to on-premise database until it's fully synchronized.
A e-tourism company uses a single bare metal compute instance to store customer's data such as images and videos in ablock volume.
The website becomes unresponsive during promotional sales and attached block volumes are insufficient to store ever growing data by it's customers.
Which is the highly scalable and most effective statement for this scenario? Use OCI Object Storage instead of block volume and ingest data using OCI Streaming Service by replacing single bare metal instance and use autoscaling to distribute the task accross instances Use Notification Service to distribute tasks across instances in parallel, dynamically adjust to workload using autoscalling. Use more block volumes as volume of data increases Replace Block volume with SSD for quick data access and ingest data using OCI Streaming Service by replacing single bare metal instance and use autoscaling to distribute the task across instances. Use additional block volume for ever increasing data. Use multiple compute instances instead of single bare metal instance and implement auto scaling to adjust to the changing workloads during promotional sales.
A company needs to establish connectivity between two VCNs using single FastConnect and on-premise in the same region.
As a solutions architect, how can you configure such connectivity? Use DRG and create a private virtual circuit for FastConnect connection Use two DRG and two private virtual circuit for FastConnect connection Use remote peering to peer with FastConnect and on-premise environment Use hub-VCN with DRG to establish connectivity with on-premise network over FastConnect.
|
