Oracle Cloud OCI 2023 Architect Associate 1Z0-1072-23

Oracle Cloud Agent is a lightweight process that manages plugins running on compute instances. Which is NOT a valid Oracle Cloud Agent plugin name?. Live Migration Agent. OS Management Service Agent. Compute Instance Run Command. Bastion.

You are part of a team that manages a set of workload instances running in an on-premises environment. The Architect team is tasked with designing and configuring Oracle Cloud Infrastructure (OCI) Logging service to collect logs from these instances. There is a requirement to archive Info-level logging data of these instances into the OCI Object Storage. Which TWO features of OCI can help you achieve this?. Cloud Agent Plugin. Grouping Function. Service Connectors. Agent Configuration. ObjectCollectionRule.

You create a file system and then add a 2 GB file. You then take a snapshot of the file system. What would be the total metered Bytes shown by the File Storage service after the hourly update cycle is complete?. 3 GB. 2.5 GB. 4 GB. 2 GB.

Which is NOT a valid statement regarding the Oracle Cloud Infrastructure (OCI) Audit service?. Retention period for Audit logs is 365 days and it cannot be changed. Changes within the objects stored in an Object Storage bucket are collected as Audit logs. Audit service can record REST API calls executed by a custom client. Audit logs are displayed for Compartments.

A few Object Storage buckets in your Oracle Cloud Infrastructure (OCI) tenancy should remain public, and yet you do not want the Cloud Guard service to detect these as problems. In which TWO ways would you address this requirement?. Fix the base line by configuring Conditional Groups for the detector. Resolve or remediate those problems and you should not see Cloud Guard triggering on these resourcesever again. Cloud Guard will keep detecting it because a public bucket is a security risk. Dismiss the problems associated with those resources.

You are part of an organization with thousands of users accessing Oracle Cloud Infrastructure (OCI). An unknown user action was executed resulting in configuration errors. You are tasked to quickly identify the details of all users who were active in the last six hours along with any REST API calls that were executed. Which OCI service would you use?. Notifications. Service Connectors. Logging. Audit.

You have an instance running in Oracle Cloud Infrastructure (OCI) that cannot be live-migrated during an infrastructure maintenance event. OCI schedules a maintenance due date within 14 to 16 days and sends you a notification. What would happen if you choose not to proactively reboot the instance before the scheduled maintenance due date?. The instance will get terminated. The instance is either reboot-migrated or rebuilt in place for you. You will receive another notification to reboot within the next 14 days. You will receive another notification to reboot within the next 7 days.

Which TWO components are optional while creating the Monitoring Query Language (MQL) expressions in theOracle Cloud Infrastructure (OCI) Monitoring service?. Interval. Statistic. Dimensions. Grouping Function. Metric.

Which statement is NOT correct regarding the Oracle Cloud Infrastructure (OI) File System snapshots?. Even if nothing has changed within the file system since the last snapshot was taken, a new snapshotconsumes more storage. Snapshots are accessible under the root directory of the file system at .snapshot/name. Before you can clone a file system, at least one snapshot must exist for the file system. Snapshots are a consistent, point-in-time view of your file systems.

You are using the Oracle Cloud Infrastructure (OCI) Vault service to create and manage Secrets. For your database password, you have created a secret and rotated the secret one time. The secret versions are as follows: Version Number | Status-----------------------------------------2 (latest) | Current1 | Previous. You later realize that you have made a mistake in updating the secret content for version 2 and want to rollback to version 1. What should you do to rollback to version 1?. Deprecate version 2 (latest). Create new Secret version 3. Create soft link from version 3 to version 1. Create a new secret version 3 and set to Pending. Copy the content of version 1 into version 3. From the version 2 (latest) menu, select "Rollback" and select version 1 when given the option. From the version 1 menu on the OCI console, select "Promote to Current".

You need to implement automatic backups for your database system. You can easily check “Enable Automatic Backup” in the web console. Before you do that though, you need to have which of the following TWO prerequisites in place?. Access to the OCI Object Storage service. Private SSH key to the database. VCN configured with VPN for secure access to the Oracle Cloud Infrastructure (OCI) Object Storage service. Connectivity to Swift endpoints.

A customer’s webserver runs a complicated application on three Bare metal instances that serve as backends on a backend set for an OCI public Load Balancer. If one of the Bare metal instances fails, what will the OCI Load Balancer do?. It will send an SOS notification. It will fix the failing Baremetal instance. It will delete the failing Baremetal instance. It will launch an API call. It will no longer send traffic to it.

Which THREE protocols are supported by the Oracle Cloud Infrastructure (OCI) Network Load Balancer?. HTTP. UDP. BGP. TCP. ICMP. iSCSI.

In which TWO ways does Cloud Guard help improve the overall security posture for your tenancy?. Monitors unauthorized or suspicious user activity. Allows you to centrally manage encryption keys. Prevents you from creating misconfigurations on your resources in Oracle Cloud Infrastructure (OCI). Masks sensitive data and monitors security controls on your Oracle databases. Helps detect misconfigured resources, such as publicly accessible Object Storage buckets, instances, andrestricted ports on security lists.

You are a security administrator for your company's Oracle Cloud Infrastructure (OCI) tenancy. Your storage administrator informs you that she cannot associate an encryption key from an existing Vault to a new Object Storage bucket. What could be a possible reason for this behavior?. The Object Storage bucket policy lacks the necessary Access Control List (ACL). The storage administrator forgot to select "Encrypt using Oracle managed keys" while creating the bucket. There is no Identity and Access Management (IAM) policy that allows the Object Storage service to use thekey. The secret for the key was not created beforehand.

You plan to launch a VM instance with the VM.Standard2.24 shape and Oracle Linux 8 platform image. You want to protect your VM instance from low-level threats, such as rootkits and boot kits that can infect the firmware and operating system and are difficult to detect. What should you do?. Use in-transit encryption. Use Vulnerability Scanning Service. Create a burstable instance. Create a shielded instance.

You are launching a new project in the US West (Phoenix) region. You would like to reserve the compute capacity mentioned below so that the capacity is available for your workloads when you need it. 10 VM.Standard2.2 Instances 6 VM.Standard.E4.Flex Instances The project also requires you to be mindful about high availability and place the instances in at least two Availability Domains. At a bare minimum, how many capacity reservations would you create to meet this requirement?. Two. Three. One. Four.

Which statement is true regarding the run command feature in the Oracle Cloud Infrastructure (OCI) Compute service?. The run command feature does not require any Oracle Cloud Agent plugins to be enabled and running. The run command feature is not supported on compute instances that use the Windows Server platformimages. You cannot run commands on an instance if the instance does not have SSH access or open inbound ports. The maximum size for a script file that you upload directly to an instance in plain text is 4 KB.

Which TWO statements are NOT correct regarding the Oracle Cloud Infrastructure (OCI) burstable instances?. If the instance's average CPU utilization over the past 24 hours is below the baseline, the system allows itto burst above the baseline. Baseline utilization is a fraction of each CPU core, either 25% or 75%. Burstable instances cost less than regular instances with the same total OCPU count. Burstable instances are designed for scenarios where an instance is not typically idle and has high CPUutilization. Burstable instances are charged according to the baseline OCPU.

Which are the TWO tools you would use for Logical migration?. Data Pump. RMAN. GoldenGate. Data Guard.

Your cloud developer is using the Oracle Cloud Infrastructure (OCI) Vault service to encrypt plaintext. She runs the following command using the OCI Command Line Interface (CLI) and encounters a service error. oci kms crypto encrypt --key-id ocid1.key.oc1.iad.bbptfrr5aaeuk.abuwcljt32arg6e6xlswgluvc52lnrtk62jq7jenfejfxlhb46nkav3zhsta - plaintext foobar --endpoint https://bbptfrr5aaeuk-management.kms.us-ashburn-1.oraclecloud.com What could be the most likely reason for this error?. The developer forgot to specify the region. The developer should pass the key version OCID instead of the key OCID. The developer has the wrong endpoint. The plaintext needs to be in the JSON form.

You want to run compute virtual machine (VM) instances in Oracle Cloud Infrastructure (OCI). Your business unit has the following requirements that need to be considered before you launch the VMs: Requirement 1: Shared infrastructure should not be used to deploy VMs. Requirement 2: Meet node-based licensing requirements that require you to license an entire server. Which compute capacity type would you select to meet these requirements?. Dedicated host. Preemptible capacity. Capacity reservation. On-demand capacity.

You plan to upload a large file (3 TiB) to Oracle Cloud Infrastructure (OCI) Object Storage. You would like to minimize the impact of network failures while uploading, and therefore you decide to use the multipart upload capability. Which TWO statements are true about performing a multipart upload using the Multipart Upload API?. You do not need to split the object into parts. Object Storage splits the object into parts and uploads all of the parts automatically. While a multipart upload is still active, you can keep adding parts as long as the total number is less than10,000. You do not have to commit the upload after you have uploaded all the object parts. When you split the object into individual parts, each part can be as large as 50 GiB.

What security consideration should you be mindful of before performing a database migration?. Place the database in the restricted mode so that no one accesses it during migration. Migration can only be done in the web-based interface of Oracle. Encrypt all files that are used for migration. Backup and restore your TDE wallets from the source to the target database.

You have a block volume created in the US West (Phoenix) region. You enabled Cross Region Replication for the volume and selected US West (San Jose) as the destination region. Now, you would like to create a new volume from the volume replica in the US West (San Jose) region. What should you do?. Activate the replica. Trigger the replica. No action required. By default, the replica is available as a block volume. Initiate the replica.

You are responsible for creating and maintaining an enterprise application that consists of multiple storage volumes across multiple compute instances in Oracle Cloud Infrastructure (OCI). The storage volumes include boot volumes and block volumes for your data storage. You need to create a backup for the boot volumes that will be done daily and a backup for the block volumes that will be done every six hours. How can you meet this requirement?. Create clones of all boot volumes and block volumes one at a time. Group the boot volumes into a volume group and create a custom backup policy. Group the block volumes and create a custom backup policy. Create on-demand full backups of block volumes, and create custom images from the boot volumes. Use afunction to run at a specific time to start the backup process. Group together multiple storage volumes in a volume group and create volume group backups.

Your customer would run month-end jobs on their on-premises databases that would take around 14 hours to complete and sometimes even fail due to overloaded database systems. After a detailed evaluation, they migrated their database to Oracle Autonomous Data Warehouse. They realized they could also move their analytics platform to Oracle Analytics Cloud (OAC) and have their best of breed technology platforms meet their critical business requirements. After migrating their analytics platform, they want to use one consumer group for running month-end jobs and another consumer group that can be used by the analytics team for performing data analytics tasks everyday. How can your customer implement this requirement?. Use consumer group high for data analytics and consumer group low for month-end jobs. Use consumer group high for month-end jobs and consumer group medium for data analytics. Use consumer group medium for month-end jobs and consumer group low for data analytics. Use consumer group high for both month-end jobs and data analytics.

The volume of transactions of your rental business is increasing. You anticipate a rise in workload during the upcoming holiday sales event. You want to ensure that the business is not impacted during the event due to an overloaded database system. Based on your database administrator's suggestion, you intend to scale up your Virtual Machine DB System during the event period to address the resource demand. Which of the following TWO statements are true about scaling the Virtual Machine DB System?. You can only scale up a database system, but cannot scale it down. You can scale up storage in a Virtual Machine DB System without any downtime. You can only scale up OCPUs, but not storage. You can perform scaling operations only after the database system is down. You can change the shape of a Virtual Machine DB System to change the number of OCPU cores.

You want to have an exact copy of your database system to demonstrate the feasibility of a method you have in mind. You decide to clone your database system. Which of the following statement is true about cloning a database system?. Cloning creates a copy of the source DB System as it exists at a later time, including the storageconfiguration software and database volumes. Cloning creates a copy of the source DB system as it exists at the time of scheduling the cloning operation,including the storage configuration software and database volumes. Cloning creates a copy of the source DB system as it exists at the time of the cloning operation, including the storage configuration software and database volumes. Cloning creates a copy of the source DB system as it exists at an earlier time, including the storageconfiguration software and database volumes.

In an Object Storage bucket you have two objects named ObjectA and ObjectB. ObjectA was last modified sixmonths ago and ObjectB was modified 14 months ago. You create a retention rule and specify a duration of 1year. What does the rule do?. It prevents the modification or deletion of ObjectA for the next 12 months and prevents the modification or deletion of ObjectB for the next 14 months. It prevents the modification or deletion of ObjectA and ObjectB for the next 12 months. It prevents the modification or deletion of ObjectA for the next 6 months and allows the modification or deletion of ObjectB. It prevents the modification or deletion of ObjectA for the next 6 months and prevents the modification or deletion of ObjectB for the next 2 months.

Which TWO statements about the Oracle Cloud Infrastructure (OCI) File Storage Service are accurate?. Communication with file systems in a mount target is encrypted via HTTPS. File systems use Oracle-managed keys by default. Customer can encrypt data in their file system using their own Vault encryption key. Mount targets use Oracle-managed keys by default. Customer can encrypt the communication to a mount target via export options.

Which TWO are key benefits of setting up Site-to-Site VPN on Oracle Cloud Infrastructure (OCI)?. When setting up Site-to-Site VPN, it creates a private connection that provides consistent network experience. When setting up Site-to-Site VPN, customers can configure it to use static or dynamic routing (BGP). When setting up Site-to-Site VPN, OCI provisions redundant VPN tunnels. When setting up Site-to-Site VPN, customers can expect bandwidth above 2 Gbps.

You have multiple applications running on a compute instance that generate a large amount of log files. You are required to retain these log files retained for a total of 60 days; at least 15 days on the boot volume, and an additional 45 days in any location. Which is the most cost-effective way to meet the 15-day boot volume retention requirement and the 60-day total retention requirement?. Terminate the instance while preserving the boot volume. Create a new instance from the boot volume and select a DenseIO shape to take advantage of the local NVMe storage. Create an Object Storage bucket and use a script that runs daily to move log files older than 15 days fromthe boot volume to the bucket. Create a lifecycle rule for the bucket to delete any logs over 60 days old. Do not delete any logs but resize the boot volume of the instance every time additional space is needed. Attach a block volume and use a script that moves log files older than 15 days to the new volume anddeletes them completely after 60 days.

As a network architect you have been tasked with creating a fully redundant connection from your on-premises data center to your Virtual Cloud Network (VCN) in the us-ashburn-1 region. Which TWO options will accomplish this requirement?. Configure two FastConnect virtual circuits to the us-ashburn-1 region and terminate them in diverse hardware on-premises. Configure a Site-to-Site VPN from a single on-premises CPE. Configure one FastConnect virtual circuit to the us-ashburn-1 region and the second FastConnect virtual circuit to the us phoenix-1 region. Configure one FastConnect virtual circuit to the us-ashburn-1 region and a Site-to-Site VPN to theus-ashburn-1 region.

You are responsible for deploying an application on Oracle Cloud Infrastructure (OCI). The application is memory intensive and performs poorly if enough memory is not available. You have created an instance pool of Linux compute instances in OCI to host the application and defined Autoscaling Configuration for the instance pool. What should you do to ensure that the instance pool autoscales to prevent poor application performance?. Install OCI SDK on all compute instances and create a script that triggers the autoscaling event if there is high memory usage. Configure the autoscaling policy to monitor memory usage and scale up the number of instances when it meets the threshold. Install the monitoring agent on all compute instances, which triggers the autoscaling group. Configure the autoscaling policy to monitor CPU usage and scale up the number of instances when itmeets the threshold.

You are backing up your on-premises data to the Oracle Cloud Infrastructure (OCI) Object Storage Service. Your requirements are: 1. Backups need to be retained for at least full 31 days. 2. Data should be accessible immediately if and when needed after the backup. Which OCI Object Storage tier is suitable for storing the backup to minimize cost?. Infrequent Access tier. Archive tier. Standard tier. Auto-Tiering tier.

Which TWO statements are TRUE about Private IP addresses in Oracle Cloud Infrastructure (OCI)?. Each VNIC can only have one private IP address. By default, the primary VNIC of an instance in a subnet has one primary private IP address. By default, the primary VNIC of an instance in a subnet has one primary private IP address and one secondary private IP address. A private IP can have an optional public IP assigned to it if it resides in a public subnet.

Which of the following is a valid RFC 1918 CIDR prefix that can be used for creating an Oracle Cloud Infrastructure(OCI) Virtual Cloud Network (VCN)?. 192.168.0.0/16. 172.16.0.0/12. 10.0.0.0/8. 0.0.0.0/0. 192.268.0.0/24. 189.215.154.89/32.

A financial firm is designing an application architecture for its online trading platform that should have high availability and fault tolerance. Their solutions architects configured the application to use an Oracle Cloud Infrastructure (OCI) Object Storage bucket located in the US West (us-phoenix-1) region to store large amounts of financial data. The stored financial data in the bucket should not be impacted even if there is an outage in one of the Availability Domains or a complete region. What should the architect do to avoid any costly service disruptions and ensure data durability?. Create a replication policy to send data to a different bucket in another OCI region. Copy the Object Storage bucket to a block volume. Create a lifecycle policy to regularly send data from the Standard to Archive storage. Create a new Object Storage bucket in another region and configure lifecycle policy to move data every 5days.

Which statement is NOT true about the Oracle Cloud Infrastructure (OCI) Object Storage service?. Object Versioning is enabled at the namespace level. Object Storage resources can be shared across tenancies. Object lifecycle rules can be used to either archive or delete objects. Immutable option for data stored in Object Storage can be set via retention rules.

Which is NOT a valid Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) approach?. Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IPnetwork ranges. Ensure not all IP addresses are allocated at once within a VCN or subnet; instead reserve some IPaddresses for future use. Private subnets should ideally have individual route tables to control the flow of traffic within and outside of VCN. Use OCI tags to tag VCN resources so that all resources follow organizational tagging/naming conventions.

Your company sells services to photographers where patrons can preview the photos that they want prints for. To avoid unauthorized copies, the sample photos have lower resolution and are watermarked. The photos are processed after they are uploaded. The process is fast but not immediate. It creates samples and sends them to storage outside of the instances. Which type of instance is ideal for a process like this; short lived and one that keeps the cost low?. Preemptible instances. Spot instances. On-demand instances. Burstable instances.

Which TWO statements are TRUE about Public IP addresses in Oracle Cloud Infrastructure (OCI)?. Public IP addresses can be ephemeral or reserved. You must use OCI provided public IP addresses. You cannot bring your own IP addresses to OCI. By default, an instance in a public subnet has one primary public IP address. You can assign a given instance multiple public IPs across one or more VNICs.

Your IT team has asked you to provision an Autonomous Database in Oracle Cloud Infrastructure (OCI), but they want it to operate similar to what you have currently on-premises. What are the TWO prerequisites for successfully deploying an Autonomous Dedicated Database in OCI?. Autonomous Container Database. Object Storage. Exadata Infrastructure. Identity and Access Management (IAM) Policies.

Which of the following statements is true about cloning a volume in the Oracle Cloud Infrastructure (OCI) BlockVolume service?. You need to detach a volume before cloning it. Creating a clone takes longer than creating a backup of a volume. You can clone a volume to another region. You can change the block volume size when cloning a volume.

You just got a last minute request to create a set of instances in Oracle Cloud Infrastructure (OCI). The configuration and installed software are identical for every instance, and you already have a running instance in your OCI tenancy. Which image option allows you to achieve this task with the least amount of effort?. Bring your own image and use it as a template for the new instances. Select an image from the OCI Marketplace. Use Oracle-provided images and customize the installation using a third-party tool. Create a custom image and use it as a template for the new instances.

Which is NOT a valid action within the Oracle Cloud Infrastructure (OCI) Block Volume service?. Expanding an existing volume in place with offline resizing. Restoring from a volume backup to a larger volume. Attaching a block volume to an instance in a different availability domain. Cloning an existing volume to a new, larger volume.

When creating an Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) with the VCN wizard, which THREE gateways are created automatically?. Internet Gateway. Local Peering Gateway. Dynamic Routing Gateway. NAT Gateway. Storage Gateway. Bastion Host. Service Gateway.

Which THREE capabilities are available with the Oracle Cloud Infrastructure (OCI) DNS service?. Creating and managing records. Creating and managing WAF rules. Creating and managing Identity Access Management (IAM) policies. Creating and managing zones. Viewing all zones. Creating and managing security lists.

Which Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) policy is invalid?. Allow dynamic-group FrontEnd to manage instance-family in compartment Project-A. Allow any-user to inspect users in tenancy. Allow any-group A-Developers to create volumes in compartment Project-A. Allow group A-Admins to manage all-resources in compartment Project-A.

As a solution architect, you are showcasing the Oracle Cloud Infrastructure (OCI) Object Storage feature about Object Versioning to a customer. Which statement is true regarding OCI Object Storage Versioning?. Objects are physically deleted from a bucket when versioning is enabled. Object Versioning is disabled on a bucket by default. A bucket that is versioning-enabled can and will always have the latest version of the object in the bucket. Object Versioning does not provide data protection against accidental or malicious object update, overwrite, or deletion.

You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin group set up: A Admins, B-Admins, and C-Admins. Each admin group has full access over their respective compartments as shown in the graphic below. Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'. You want to set up a Test compartment for members of the three projects to share. You also need to provide admin access to all three of your existing admin groups. Which policy would you write to accomplish this task?. Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'. Allow dynamic-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'. Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'. Allow any-user to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'.

Which TWO predefined service names can you use when connecting to an Oracle Cloud Infrastructure (OCI)Autonomous Data Warehouse?. High for the highest level of resources to process each SQL statement. TP for a connection service when you do not want to run with parallelism. TPUrgent for a connection service when you do want to run with parallelism. Medium for a lower level of resources to process each SQL statement.

As your company’s cloud architect, you have been invited by the CEO to join his staff meeting. They want your input on interconnecting Oracle Cloud Infrastructure (OCI) to another cloud provider in London, with some specific requirements: • They want resources in the other cloud provider to leverage OCI Autonomous Data Warehouse ML capabilities. • The connection between OCI and the other cloud provider should be provisioned as quickly as possible. • The connection should offer high bandwidth and predictable performance. Which other cloud provider should you recommend to interconnect with OCI and meet the above requirements?. IBM Cloud. Google Cloud. OCI. Microsoft Azure. Digital Ocean. Amazon Web Services. Alibaba Cloud.

You want to create a policy to allow the Network Admins group to manage Virtual Cloud Network (VCN) in compartment C. You want to attach this policy to the tenancy. The compartment hierarchy is shown below. Which policy statement can be used to accomplish this task?. Allow group NetworkAdmins to manage virtual-network-family in compartment B:C. Allow group NetworkAdmins to manage virtual-network-family in compartment C. Allow group NetworkAdmins to manage virtual-network-family in tenancy. Allow group NetworkAdmins to manage virtual-network-family in compartment A:B:C.

What should be created before provisioning an Oracle Cloud Infrastructure (OCI) DB System?. Bucket in Object Storage. Virtual Cloud Network. Compute Instance. Compartment.

You are in the process of migrating several legacy applications from on-premises to Oracle Cloud Infrastructure(OCI). The current servers are already virtualized. However, you notice that the version of CentOS currently running does not align with any of the Oracle-provided compute images. How would you migrate your existing virtual server images to OCI?. Export your current image in the VMDK format and copy to an Object Storage bucket. Import it as acustom image. Select native mode to ensure the best possible performance. Export your current image in the VDI format and copy to an Object Storage bucket. Import it as a customimage. Select native mode to ensure the best possible performance. Export your current image in the QED format and copy to an Object Storage bucket. Import it as a customimage. Select emulated mode to ensure compatibility with legacy drivers. Export your current image in the QCOW2 format and copy to an Object Storage bucket. Import it as a customimage. Select emulated mode to ensure compatibility with legacy drivers.

Your DevOps team needs to interconnect the on-premises network to the Oracle Cloud Infrastructure (OCI)resources, such as a managed database that resides in a private subnet. They indicate that they have a low budget and their bandwidth requirements are minimal, so you decide that a site-to-site VPN is the best option. They provide you with their router public IP address. You need to create an object in OCI that represents this router. Which object would you create?. Internet Gateway. Dynamic Routing Gateway (DRG). Customer Premises Equipment (CPE). Virtual Network Interface Card (vNIC). IPSec Tunnel. Bastion Host.

Which statement is TRUE about delegating an existing domain to the Oracle Cloud Infrastructure (OCI) DNS service?. Domains can be delegated to OCI DNS via FastConnect partners. Domains can be delegated to OCI DNS from the OCI Marketplace. Domains can be self-delegated to OCI DNS from its own service portal. Domains can be delegated to OCI DNS from the Domain Registrar’s self-service portal. All domains can be retrieved to OCI DNS via DYN.

As a network architect you have deployed a public subnet on your Virtual Cloud Network (VCN) with this securitylist: You have also created a network security group (NSG) as shown in the table here, and assigned it to your bastionhost: You have confirmed that routing is correct but when you SSH to the VM from your home over the Internet you are unable to connect. What could be the problem?. User will be able to SSH to the VM from the Internet as SSH is open on the NSG. Public subnet does not have a route rule to the Internet Gateway. Internet traffic should be allowed only on the NSG. SSH traffic is not allowed in the security list nor on the NSG from the Internet.

Which statement is true about File System Replication in Oracle Cloud Infrastructure (OCI)?. You can replicate the data in one file system to another file system only in the same region. You can replicate the data in one file system to another file system in the same region or a different region. Only a file system that has been exported can be used as a target file system. You cannot specify a replication interval when you create the replication resource.

You are a system administrator of your company and you are managing a complex environment consisting of compute instances running Oracle Linux on Oracle Cloud Infrastructure (OCI). It's your task to apply all the latest kernel security updates to all instances. Which OCI service will allow you to complete this task?. OCI Streaming service. OS Management service. OCI Registry. OCI Security Zones to achieve automatic security updates. OCI Cloud Guard to monitor and install the security updates.

Which tool provides a diagram of the implemented topology of all Virtual Cloud Networks (VCNs) in a selected region and tenancy?. Network Watcher. Traffic Analytics. VCN Flow Logs. Network Visualizer.

Which is NOT a valid option for an Oracle Cloud Infrastructure (OCI) compute shape?. Bare Metal. Dedicated Virtual Machine Host. Virtual Machine. Exadata Virtual Machine.

You have objects stored in an OCI Object Storage bucket that you want to share with a partner company. You decide to use pre-authenticated requests to grant access to the objects. Which statement is true about pre-authenticated requests?. You cannot edit a pre-authenticated request. Deleting a pre-authenticated request does not revoke user access to the associated bucket or object. You need to provide your OCI credentials to the partner company. Pre-authenticated requests can be used to delete buckets or objects.

You want a full-featured Identity-as-a-Service (IDaaS) solution that helps you manage workforce authentication and access to all of your Oracle and non-Oracle applications, whether they are SaaS apps, on-premises enterprise apps, or apps that are hosted in the cloud. Which IAM Identity Domain type should you create?. Free. Oracle Apps Premium. Premium. External User.

You can attach resources to a Dynamic Routing Gateway (DRG). Select THREE of these resources. Remote Peering Connections. VNIC. Virtual Circuits. Local Peering Connection. IPSec Tunnel. Subnet.

Which TWO statements are TRUE about restoring a volume from a block volume backup in the Oracle Cloud Infrastructure (OCI) Block Volume service?. You can restore a volume to any availability domain within the same region where the backup is stored. You can restore only one volume from a manual block volume backup. You can only restore a volume to the same availability domain in which the original block volume resides. You can restore a volume from any full volume backup but not from an incremental backup. You can restore a block volume backup to a larger volume size.

Which statement accurately describes the key features and benefits of OCI Confidential Computing?. It encrypts and isolates in-use data and the applications processing that data, thereby preventing unauthorized access or modification. It optimizes network performance and reduces latency through advanced routing algorithms and caching mechanisms. It enables users to securely store and retrieve data by using distributed file systems, ensuring high availability and fault tolerance. It provides automatic scalability and load balancing capabilities, which allow seamless integration with other cloud providers.

You created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system, therefore you have provisioned one using the file storage service (FSS). You have also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that the application servers can access FSS. The security team changed the settings for the DB System to have read-only access to the file system. However when they test it, they are unable to access FSS. How would you allow access to FSS?. Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DBSystem subnet. Create an instance principal for the DB System. Write an Identity and Access Management (IAM) policy that allows the instance principal read-only access to the file storage service. Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateless. Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateful.

Which of the following statements is true about the Oracle Cloud Infrastructure (OCI) Object Storage server-side encryption?. Encryption of data encryption keys with a master encryption key is optional. Each object in a bucket is always encrypted with the same data encryption key. Encryption is enabled by default and cannot be turned off. Customer-provided encryption keys are always stored in the OCI Vault service.

You need to set up instance principals so that an application running on an instance can call Oracle Cloud Infrastructure (OCI) public services, without the need to configure user credentials. A developer in your team has already configured the application built using an OCI SDK to authenticate using the instance principals provider. Which is NOT a necessary step to complete this set up?. Create a dynamic group with matching rules to specify which instances can make API calls against services. Generate Auth Tokens to enable instances in the dynamic group to authenticate with APIs. Create a policy granting permissions to the dynamic group to access services in your compartment or tenancy. Deploy the application and the SDK to all the instances that belong to the dynamic group.

Which statement is TRUE about patching an Oracle Cloud Infrastructure (OCI) DB System?. There is no automation with patching. You need to check for patches and manually schedule when to apply the patches. Once you pre-check the patches for your database, you can decide to apply the patches immediately or schedule a time to apply the patches. Once you pre-check the patches for your database, the system automatically applies the patches. Patching is automatically pre-checked and applied to the database.

When defining a query for metric data in Monitoring, which field provides the time window for aggregating metric data points plotted on the metric chart?. Dimension. Namespace. Statistic. Interval.

You are using a custom application with third-party APIs to manage the application and data hosted in an Oracle Cloud Infrastructure (OCI) tenancy. Although your third-party APIs do not support OCI’s signature-based authentication, you want them to communicate with OCI resources. Which authentication option should you use to ensure this?. Auth Tokens. OCI Username and Password. API Signing Key. SSH Key Pair with 2048-bit algorithm.

Which database option in Oracle Cloud Infrastructure (OCI) provides Oracle Active Data Guard?. Enterprise Edition. Enterprise Edition High Performance. Enterprise Edition Extreme Performance. Standard Edition.

A recently hired network administrator has been given the task of removing SSH permissions from all compute instances in the company’s tenancy. She finds all Virtual Cloud Networks (VCNs) in the tenancy using Tenancy Explorer. She removes port 22 from the Security Lists in all VCNs. After she completes the task, the very first compute instance that she tests SSH against, allows her to still SSH into it. Why is that?. The VNIC of that compute instance is attached to a Network Security Group (NSG) that hasa stateful ingress rule for all protocols on source CIDR 0.0.0.0/0. The VCN where that compute instance resides still has a route rule that allows port 22. The VCN where that compute instance resides still has an Internet Gateway. The VNIC of that compute instance is attached to a Cluster Network that has a stateful ingress rule for allprotocols on source CIDR 0.0.0.0/0.

Company XYZ is spending $300,000.00 USD per month in egress fees for 7 Petabytes that they consume for Outbound Data Transfer in North America with their current cloud provider. The company is seeking to lower that expense considerably without reducing consumption. You propose migration to OCI because the Gigabyte Outbound Data Transfer in North America costs just $0.0085 USD per month. With OCI, how much will they spend per month for 7 Petabytes of Outbound Data Transfer? (1 Petabyte = 1000 Terabytes). $59,500.00. $150,000.00. $59,415.00. $0.00 (free with OCI).

You have a high-demand web application running on Oracle Cloud Infrastructure (OCI). Your tenancy administrator has set up a schedule-based autoscaling policy on instance pool with an initial size of 5 instances for the application. Policy 1: Target pool size:10 instances Execution time:8:30 a.m. on every Monday through Friday, in every month, in every year Cron expression:0 30 8 ? * MON-FRI * Which statement accurately explains the goal of this policy?. Goal: A one-time schedule with only one scaling out event. At 8:30 a.m., on December 31, 2021, scale theinstance pool to 10 instances from 5. Goal: A recurring monthly schedule. On all days of the month, set the initial pool size to 5 instances. At8.30 a.m., on every day of the month, scale out to 10 instances. Goal: A recurring daily schedule. On weekday mornings at 8.30 a.m., scale out to 10 instances. Goal: A recurring weekly schedule. On all days of the week at 8.30 a.m., scale out the pool to 10 instances from the initial size of 5.

In which two ways can Oracle Security Zones assist with the cloud security shared responsibility model?. Encrypt storage resources with a customer-managed key. Allow access to an unsecured compartment, which is moved from a standard compartment. Deny public access to Oracle Cloud Infrastructure resources, such as databases and object storage buckets. Add or move a standard compartment to a highly secured security zone compartment.

You want to distribute DNS traffic to different endpoints based on the location of the end user. Which Traffic Management Steering Policy would you use?. IP Prefix. Load Balancer. Geolocation. Failover.

Which TWO predefined service names can you use when connecting to an Oracle Cloud Infrastructure (OCI)Autonomous Data Warehouse?. High for the highest level of resources to process each SQL statement. TP for a connection service when you do not want to run with parallelism. TPUrgent for a connection service when you do want to run with parallelism. Medium for a lower level of resources to process each SQL statement.