Sunday, September 04, 2022

1z0-1072-21 | Oracle Cloud Infrastructure 2021 Architect Associate - Part 4

 Q150. What does Terraform use to create, manage, and manipulate infrastructure resources? 

A.       Resources

B.       Provisioner

C.       Instances

D.       Provider 

Answer: D

 
Q151. Which statement is true regarding Autonomous Transaction Processing (ATP)? 

A.       A database name cannot be used concurrently for both an Autonomous Data Warehouse (ADW) and an ATP database

B.       A maximum of 2 TB of storage can be enabled for an ATP database

C.       After terminating a database, the database name is available for immediate reuse

D.       A maximum of 8 cores can be enabled for an ATP database 

Answer: A

 
Q152. Where do you find the tnsnames.ora for your Autonomous Data Warehouse (ADW) database? 

A.       You can download tnsnames.ora from Oracle Cloud Infrastructure web console under ADW details page

B.       The tnsnames.ora file is included in credentials.zip file that you download from service console of ADW

C.       The ADW database will place the tnsnames.ora file in an object storage bucket

D.       You are automatically prompted to download the tnsnames.ora file upon creation of the ADW database

Answer: B

 
Q153. You have a shared file system between two web servers using File Storage Service (FSS) and you were tasked to create a backup plan for this environment to protect the data placed into the shared file system. 

What is the recommended approach to create this backup using FSS features? 

A.       Implement a backup policy to execute a snapshot of the shared volume.

B.       Implement a backup policy to copy data from the shared volume to object storage.

C.       Compress the data that is in the shared volume and copy it into a different folder on the boot volume disk.

D.       Use the rsync tool to send data from the shared volume to a boot volume disk.

E.       Use the rsync tool to send data from the shared volume to a block volume. 

Answer: A 


Q154. Which two parameters are required in a back end set's HTTP health check? (Choose two.) 

A.       response body

B.       URL path

C.       timeout

D.       port

E.       status code 

Answer: B, D

 

Q155. Which two configuration formats does Terraform support? (Choose two.) 

A.       YAML

B.       JSON

C.       HCL

D.       XML 

Answer: B, C 


Q156. Which two statements are true about Oracle Cloud Infrastructure Compute Service? (Choose two.) 

A.       You can launch a virtual or bare metal instance by using the same LaunchInstance API.

B.       You cannot launch a bare metal server in Oracle Cloud Infrastructure Compute Service.

C.       You can attach a block volume in an Availability Domain other than your compute instance.

D.       You can share custom images across tenancies and regions. 

Answer: A, D

 

Q157. Which FIVE are the required parameters to launch an instance in Oracle Cloud Infrastructure? (Choose five) 

A.       subnet

B.       Availability Domain

C.       Virtual Cloud Network

D.       host name

E.       instance shape

F.       image operating system

G.       private IP address 

Answer: A, B, C, E, F

 

Q158. Which DNS resource record type is used to point a host name to an IPv4 address? 

A.       ALIAS

B.       A

C.       CNAME

D.       AAAA 

Answer: B 

 

Q159. Which three can you achieve by using Terraform? (Choose three.) 

A.       Create resources in the right order without regard to the order in the terraform plan file.

B.       Automatically re-provision the resources that are tainted or whose configuration has changed.

C.       Automatically translate a deployed infrastructure and create a plan.

D.       Automatically destroy all the resources that are in tenancy.

E.       Continuously maintain the configuration files in an instance. 

Answer: A, B, D 


Q160. Which scaling option does Database Cloud Service (DBCS) on Bare Metal Shape offer? 

A.       network bandwidth

B.       CPU

C.       storage

D.       memory 

Answer: B

 

Q161. Which three types of credentials are used to manage Oracle Cloud Infrastructure Identity and Access Management (IAM)? (Choose three.) 

A.       Windows Password

B.       API Signing Key

C.       Swift Password / Auth Tokens

D.       SSH Key

E.       Console Password 

Answer: B, C, E

 

Q162. Which two are true for Oracle Cloud Infrastructure DNS? (Choose two.) 

A.       It can function only as a primary DNS.

B.       It supports other cloud providers such as AWS and Azure.

C.       It supports segregation of traffic by using the private pool.

D.       It does not provide DDoS protection. 

Answer: B, C

 

Q163. Why are two subnets required to create a public load balancer when additional subnets are often used for back-end servers? (Choose two.) 

A.       Routing is simpler when the load balancer is not in the same subnet as the back-end server.

B.       Performance is higher when more subnets are used.

C.       Additional subnets for back-end servers allow for separate route tables for these servers.

D.       Additional subnets for back-end servers allow for separate security lists for these servers. 

Answer: B, D

 

Q164. Which certificate format is used with the load balancer? 

A.       PFX

B.       PEM

C.       PKCS12

D.       CRT 

Answer: B

 

Q165. Which resource is required when connecting to your on-premises network from your Virtual Cloud Network (VCN) via IPSec VPN or FastConnect? 

A.       Internet Gateway (IGW)

B.       Dynamic Routing Gateway (DRG)

C.       local peering gateway

D.       NAT 

Answer: B

 

Q166. Which two resources are availability domain constructs? (Choose two.) 

A.       VCN

B.       Groups

C.       Block Volume

D.       Compute Instance

E.       Object Storage 

Answer: C, D

 

Q167. An instance is launched with a primary VNIC that is created during instance launch. Which two operations are true when you add secondary VNICs to an existing instance? (Choose two.) 

A.       You can remove the primary VNIC after the secondary VNIC's attachment is complete.

B.       You can remove the secondary VNIC later if it is not needed.

C.       The primary and secondary VNIC association should be within the same Availability Domain.

D.       It is not possible to connect two VNICs to an instance. 

Answer: B, C

 

Q168. Which does NOT set a variable in Terraform? 

A.       Passing the variable with a var statement to Terraform

B.       Setting the variable as key value pairs in a file in a subdirectory named tfvar

C.       A default value in the variable declaration within a TF plan file

D.       Setting the environment variable using a TF_VAR_ predicate in front of the variable name 

Answer: B

 

Q169. Which two are required to create an IPSec VPN connection? (Choose two.) 

A.       security list

B.       static route CIDR

C.       name

D.       compute instance 

Answer: A, B 

 

Q170. When deploying a highly available, Internet-facing, 2-tier web application on Oracle Cloud Infrastructure (OCI), which design option would you use? 

A.       Deploy all web servers into one Availability Domain and behind a public load balancer, and deploy two single-node OCI database systems in the same Availability Domain with Data Guard enabled.

B.       Deploy all web servers into multiple Availability Domains and behind a public load balancer, and deploy two single-node OCI database systems across two Availability Domains with Data Guard enabled.

C.       Deploy all web servers into multiple Availability Domains and behind a private load balancer, and deploy two single-node OCI database systems across two Availability Domains with Data Guard enabled.

D.       Deploy all web servers into one Availability Domain, and deploy a single-node OCI database system into a different Availability Domain. 

Answer: B

 

Q171. Which two identity providers can your administrator federate with Oracle Cloud Infrastructure? (Choose two.) 

A.       Microsoft Active Directory

B.       Oracle Identity Cloud Services

C.       AWS Directory Services

D.       Google Directory Federation Services 

Answer: A, B

 

Q172. Which two tools would you use to manage Database Cloud Service (DBCS)? (Choose two.) 

A.       psql

B.       Oracle Swingbench

C.       SQL Developer

D.       Oracle Enterprise Manager 

Answer: C, D

 

Q173. A customer wants to do development on premise while leveraging services such as Java Cloud, Mobile Developer Cloud, and App Builder Services. The customer would also like to scale out the application, stretching from on-premises to the cloud by using a common API.

Which two Infrastructure options can the customer leverage to do this? (Choose two.) 

A.       Oracle Cloud at Customer

B.       Oracle Cloud Infrastructure Classic

C.       Oracle Cloud Ravello service

D.       Oracle Cloud Infrastructure 

Answer: A, D

 

Q174. For a compute instance that is launched in a private subnet in a Virtual Cloud Network (VCN), which action needs to be performed to connect to the Internet, assuming that the required security list is properly set up? 

A.       Assign a Public IP address to the compute instance.

B.       Create and configure Network Address Translation (NAT) in a public subnet and route all traffic to it.

C.       There is no way for an instance in a private subnet to connect to the Internet.

D.       Create a default route entry in the route table to forward all traffic to the Internet gateway. 

Answer: B

 

Q175. Which two are valid options when migrating a database from on-premises to Oracle Cloud Infrastructure (OCI)? (Choose two.) 

A.       snapping or cloning storage form on-premises to OCI

B.       performing a backup to OCI object storage, and then restoring to a database server on OCI

C.       performing RMAN backup to an on-premises storage device, and then shipping to OCI

D.       converting the Oracle database to a NoSQL database and migrating to OCI by using rsync file copy 

Answer: B, C

 

Q176. Which two statements are true about the Oracle Cloud Infrastructure object storage service? (Choose two.) 

A.       It provides higher IOPS than block storage.

B.       It can be directly attached to or detached from a compute instance.

C.       Data is stored redundantly in a single AD.

D.       Data is stored redundantly across multiple availability domains (ADs).

E.       It provides strong consistency. 

Answer: D, E

 

Q177. Which three load-balancing policies can be used with a backend set? (Choose three.) 

A.       throughput

B.       IP hash

C.       weighted round robin

D.       CPU utilization

E.       least connections 

Answer: B, C, E

 

Q178. You are in the process of setting up a highly available student registration website on Oracle Cloud Infrastructure (OCI). You use a load balancer and a database service on OCI. You launch two compute instances each in a different subnet and add them to the back end set of a public load balancer. The load balancer is configured correctly and working. You then deploy the student registration application on these two compute instances. The application can communicate with the database service.
However, when you type the URL of this student registration application in your browser, no web page appears.What could be the cause? 

A.       The security lists of the subnets on which the two instances are located do not have "allow" rules for port 80 and 443.

B.       The load balancer performed a health check on the application and found that compute instances were not in a healthy state and terminated the instances.

C.       The client requested https access to the application and the load balancer service does not support end-to-end SSL from the client to the listener to the back- end set.

D.       The Dynamic Routing Gateway is preventing the client traffic from your data center network from reaching the public IP of the load balancer. 

Answer: A 


Q179. You need to transfer over 12 TB of data from on-premises to your cloud account. You started copying this data over the internet and noticed that it will take too long to complete. Without increasing the costs of your subscription, what is the recommended way to send this amount of data to your cloud account? 

A.       Use Data Transfer Service to send your data.

B.       Split the data into multiple parts and use the multipart tool.

C.       Use a 10 GB FastConnect line to send the data.

D.       Send the data over a VPN IPsec tunnel.

E.       Compress the data and use the multipart tool. 

Answer: A

 

Q180. Which two statements are true about encryption on Oracle Cloud Infrastructure (OCI)? (Choose two.) 

A.       By default, Object Storage and Block Storage are encrypted at rest.

B.       A customer is responsible for data encryption in all services of OCI.

C.       By default, DB Systems offer an encrypted database.

D.       By default, NVMe drives are encrypted, but the block volume service is not. 

Answer: A, C 

Q181. You are the Cloud Architect of a company, and are designing a solution on Oracle Cloud Infrastructure where you want to have all your compute instances resistant to hardware failure. Which two are recommended best practices to achieve the requirement on Oracle Cloud Infrastructure? (Choose two.) 

A.       Create a custom image of your system drive each time you change the image.

B.       Attach block volumes from different Availability Domains to compute instances in different Availability Domains for high availability.

C.       Design your system with redundant compute modes in different Availability Domains to support the failover capability.

D.       Create backups of your block volumes that are associated with compute instances in different regions. 

Answer: A, C

 

Q182. You need to create a high performance shared file system service, and have been advised to use OCI File Storage Service. You have logged into the OCI Console, created a File System in an availability domain, and followed the steps to mount the shared file system on your Oracle Linux virtual Instance. However, you are still unable to access the shared file system from your Linux instance.

What is the likely reason for this? 

A.       There are no security list rules for mount target traffic

B.       There is no internet gateway set up for mount target traffic

C.       There is no Identity and Access Management (IAM) policy set up to allow you to access the mount target

D.       There is no route in your VCN's route table for mount target traffic 

Answer: A 


Q183. You are the Solutions Architect of a large company and are tasked with migrating all your services to Oracle Cloud Infrastructure. As part of this, you first design a Virtual Cloud Network (VCN) with a public subnet and a private subnet. Then in order to provide Internet connectivity to the instances in your private subnet, you create an Oracle Linux instance in your public subnet and configure NAT on it. However, even after adding all related security list rules and routes in the Route Table, your private subnet instances still cannot connect to the Internet. 

Which action should you perform to enable Internet connectivity?

A.       Disable "Source and Destination Check" on the VNIC of your Linux instance.

B.       There is no way that a private subnet can connect to the Internet.

C.       Create a Dynamic Routing Gateway (DRG) and route your private IP traffic to the DRG.

D.       Restart the NAT instance. 

Answer: A

 

Q184. There are multiple options of migrating Oracle Databases from on-premises to Oracle Cloud Infrastructure. Which two characteristics do you need to consider when choosing a migration method? (Choose two.) 

A.       On-premises database character set and application version

B.       On-premises database version and quantity of data, including indexes

C.       On-premises host operating system platform and network bandwidth

D.       On-premises connectivity using remote and local VCN peering 

Answer: B, C

 

Q185. Which two resources are available by default when your Oracle Cloud Infrastructure tenancy is provisioned? (Choose two.) 

A.       an NVMe SSD boot disk for each instance, whose size is determined by the image and shape of the instance

B.       a range of public IP addresses that are reserved for your tenancy

C.       a set of images, where each image is a template of a virtual hard drive that consists of the OS and installed software and applications

D.       a variety of shapes, where each shape determines the number of CPUs and memory allocated to an instance. 

Answer: C, D

 

Q186. You are an administrator with an application running in Oracle Cloud Infrastructure (OCI). The company has a fleet of OCI compute virtual instances behind a load balancer. The load balancer backend set health check API is providing a "˜Critical' level warning. You have confirmed that your application is running healthy on the backend servers.

What is the possible reason for this "˜Critical' warning? 

A.       The load balancer listener is not configured correctly.

B.       A user does not have correct Identity and Access Management (IAM) credentials on the backend servers.

C.       The security list associated with the subnet in which the backend server is provisioned does not include the IP range for the source of the health check requests.

D.       The route table associated with the subnet in which the backend server is provisioned does not include the route for OCI load balancer. 

Answer: C

 

Q187. Which option lists Virtual Cloud Networks (VCNs) that can be peered? 

A.       VCN A (172.16.0.0/24) and VCN B (172.16.0.0/28)

B.       VCN A (10.0.0.0/16) and VCN B (10.1.0.0/16)

C.       VCN A (10.0.2.0/16) and VCN B (10.0.2.0/25)

D.       VCN A (10.0.0.0/16) and VCN B (10.0.16.0/24) 

Answer: B

 

Q188. Which two statements are true about an Oracle Cloud Infrastructure (OCI) virtual cloud network (VCN)? (Choose two.) 

A.       A VCN can reside in multiple OCI regions and availability domains.

B.       A VCN covers a single, contiguous IPv4 CIDR block of your choice.

C.       The allowable VCN size range is: /16 to /30.

D.       A VCN creates the dynamic routing gateway by default. 

Answer: B, C

 

Q189. Which three actions need to be performed before attempting a data transfer service job? 

A.       Obtain an available host machine which can run the dts utility on-premises with SATA or USB drives attached for the transfer job.

B.       Get access to a high-speed internet connection

C.       Data Transfer Service and Storage Service Limits should be checked and raised if required.

D.       Set up SSH access to a host on OCI to coordinate the transfer job.

E.       Create an object bucket to receive the job. 

Answer: A, C, E

 

Q190. Which two statements are true about policies? 

A.       You can use read, write, manage, and inspect as verbs for defining a policy.

B.       A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how.

C.       Users need not do anything but still have to be added to a group with appropriate policies defined.

D.       You can deny access to a group via policies. 

Answer: B, C

 

Q191. You have an application server that needs to copy data on Oracle Cloud Infrastructure (OCI) object storage in the same region. You have created a service gateway for OCI object storage in your virtual cloud network (VCN) and modified security lists associated with the subnet to allow traffic to the service gateway. You are able to connect to the OCI object storage, however, you notice that the connectivity is over the internet instead of the service gateway. 

What is the reason for this behavior? 

A.       The route table associated with the subnet has no route rule where the destination is object storage service

B.       The service gateway created in the VCN resides in a different availability domain

C.       The security list associated with the subnet has an egress rule that allows all traffic to be forwarded to a destination CIDR 0.0.0.0/0

D.       Identity and Access Management (IAM) policies restrict the access to the object storage bucket 

Answer: A

 

Q192. Which two statements are true about adding secondary VNICs to an existing compute instance? (Choose two.) 

A.       The primary and secondary VNIC association must be in the same availability domain

B.       You can assign an Ephemeral Public IP to a secondary VNIC

C.       You can remove the primary VNIC after the secondary VNIC's attachment is complete

D.       The primary and secondary VNIC association can be in different virtual cloud networks (VCNs) 

Answer: A, D

 

Q193. Which two statements are true about Data Guard Service on DB Systems in Oracle Cloud Infrastructure (OCI)? (Choose two.) 

A.       Data guard implementation requires two DB Systems, one running the primary database on a virtual machine and the standby database running on bare metal.

B.       Data guard implementation requires two DB Systems, one containing the primary database and one containing the standby database.

C.       Data guard configuration on the OCI is limited to a virtual machine only.

D.       Both DB Systems must use the same VCN, and port 1521 must be open 

Answer: B, D

 

Q194. You are managing a tier-1 OLTP application on an Autonomous Transaction Processing (ATP) database. Your business needs to run hourly batch processes on this ATP database that may consume more CPUs than what is available on the server. 

How can you limit these batch processes to not interfere with the OLTP transactions? 

A.       Copy OLTP data into new tables in a new table space and run batch processes against these new tables

B.       ATP is designed for OLTP workload only; you should not run batch processes on ATP

C.       Disable automated backup during the batch process operations

D.       Configure ATP resource management rules to manage runtime and IO consumption for the consumer group of batch processes 

Answer: D

 

Q195. You are responsible for creating and maintaining an enterprise application that consists of multiple storage volumes across multiple instances. The storage volumes include boot volumes and block volumes for your data storage. You need to create backups of these storage volumes in the most time-efficient manner. 

How can you meet this requirement? 

A.       You can create clones of storage volumes one at a time

B.       You can group together multiple storage volumes in a volume group and create volume group backups

C.       You can create on-demand one-off backups of boot volumes, but not block volumes

D.       You can create on-demand one-off backups of block volumes, but not boot volumes

Answer: B

 

Q196. You have an Oracle Cloud Infrastructure (OCI) load balancer distributing traffic via an evenly-weighted round robin policy to your backend web servers. You notice that one of your web servers is receiving more traffic than other web servers. 

How can you resolve this imbalance? 

A.       Check security lists and route tables of your virtual cloud network (VCN) and fix any issues associated with the rules

B.       Create separate listeners for each backend web server

C.       Delete and re-create your OCI load balancer

D.       Disable session persistence on your backend set 

Answer: D

 

Q197. You deployed a web server in Oracle Cloud Infrastructure using an ephemeral public IP. After a few changes in your web server configuration, you rebooted the server and a new public IP was associated to your instance. 

What should you do to prevent this from happening again? 

A.       Create a reserved public IP and associate it with the security list that your compute instance is using

B.       Create a reserved public IP and associate it with the subnet of your compute instance

C.       Create a reserved public IP and associate it with the VNIC of your compute instance

D.       Create a reserved public IP and associate it with the hosts file of your web server 

Answer: C

 

Q198. You currently manage an E-Commerce application that utilizes 25 identical compute resources to handle customer traffic. The stakeholders have asked you to create another 25 identical compute resources in order to deploy and test a new version of the software? 

What is the most efficient process to create 25 additional compute resources that are identical to the first 25? 

A.       Create a custom image from 1 of the 25 servers. Use this custom image to provision 25 more servers

B.       Create a manual backup of each boot volume belonging to the 25 servers. Restore each backup to create 25 new boot volumes, from which you will provision 25 more servers

C.       Provision a new server and configure it to be identical to the first 25. Create a custom image from the new server, then use the custom image to provision 24 more servers

D.       Clone the boot volume of 1 of the 25 servers. Use the boot volume clone to provision 25 more servers 

Answer: A

 

Q199. Which two statements are true about restoring a block volume from a manual or policy-based block volume backup? (Choose two.) 

A.       It can be restored as new volumes with different sizes from the backups

B.       It can be restored as a new volume to any AD across different regions

C.       It must be restored as a new volume to the same availability domain (AD) on which the original block volume backup resides

D.       It can be restored as a new volume to any AD in the same region 

Answer: A, D

at
Labels: