Saturday, September 03, 2022

1z0-1072-21 | Oracle Cloud Infrastructure 2021 Architect Associate - Part 3

 Q100. Which statement is true about cloning a volume?

A.       You need to detach a volume before cloning from it.

B.       A cloned volume is the same as a snapshot that has a dependency on the source volume.

C.       You can change the block volume size when cloning a volume.

D.       You can create a clone for a volume across regions.

Answer: C

Q101. Which two actions will occur when a back-end server that is registered with a backend set is marked to drain connections? (Choose two.)

A.       It disallows new connections to that backend server.

B.       It keeps the connections to that instance open and attempts to complete any in-flight requests.

C.       It redirects the requests to a user-defined error page.

D.       It immediately closes all existing connections to that instance.

E.       It forcibly closes all connections to that instance after a timeout period.

Answer: A, B

Q102. Which two statements are true about subnets within a VCN? (Choose two.)

A.       You can have multiple subnets in an Availability Domain for a given VCN.

B.       Private and Public subnets cannot reside in the same Availability Domain for a given VCN.

C.       Subnets can have their IP addresses overlap with other subnets in another network for a given VCN.

D.       Instances obtain their private IP and the associated security list from their subnets.

Answer: A, D

Q103. Your on-premises hosted application uses Oracle database server. Your database administrator must have access to the database server for managing the application. Your database server is sized for seasonal peak workloads, which results in high licensing costs. You want to move your application to Oracle Cloud Infrastructure (OCI) to take advantage of CPU scaling options.

Which database offering on OCI would you select?

A.       bare metal DB systems

B.       VM DB systems

C.       Autonomous Transactions Processing (ATP)

D.       Autonomous Data Warehouse (ADW)

Answer: A

Q104. Which three actions are required to configure a highly available and secure hybrid network between Oracle Cloud and your data center? (Choose three.)

A.       Define a non-overlapping IP Address Space between the data center and the cloud.

B.       Configure each of the CPEs to leverage each of the IPSec Tunnels created by the connection process.

C.       Create two or more CPEs that map to the private IP addresses of the customer routers used in the IPSec VPN Tunnel.

D.       Define a default route table entry for the VCN that directs all traffic to the data center network to a single DRG.

E.       Create dynamic routing gateways in more than one AD within your region.

Answer: A, B, C

Q105. Which two statements are true about Database Cloud Service (DBCS)? (Choose two.)

A.       Data Guard as a Service is offered among regions.

B.       You have full control over backup schedule and retention.

C.       You can manage Oracle parameters at a global system level.

D.       You cannot manage the database as sys/sysdba.

Answer: B, C


Q106. At the end of a terraform apply operation, what is the default output?

A.       nothing by default

B.       statistics about what was added, changed, and destroyed

C.       statistics about what was added, changed, and destroyed, and the values of outputs

D.       the entire state file

Answer: C

Q107. Which service would you use if your big data workload required shared access and NFS-based connectivity?

A.       archive storage

B.       block volume

C.       file storage

D.       object storage

Answer: C

Q108. For a compute instance that is launched in a private subnet in a Virtual Cloud Network (VCN), which action needs to be performed to connect to the Internet, assuming that the required security list is properly set up?

A.       Create a default route entry in the route table to forward all traffic to the Internet gateway.

B.       Assign a Public IP address to the compute instance.

C.       There is no way for an instance in a private subnet to connect to the Internet.

D.       Create and configure Network Address Translation (NAT) in a public subnet and route all traffic to it.

Answer: D

Q109. Which two statements about fault domains are true? (Choose two.)

A.       A fault domain is a grouping of hardware and infrastructure within an availability domain

B.       Each availability domain contains three fault domains

C.       A failed instance in a fault domain is automatically relaunched

D.       A fault domain is selected automatically based on usage data

Answer: A, B

Q110. When terminating a compute instance, which statement is true?

A.       The instance needs to be stopped first, and then terminated.

B.       The boot volume is always deleted.

C.       All block volumes attached to the instance are terminated.

D.       Users can preserve the boot volume associated with the instance.

Answer: D

Q111. Which two statements define the types of DNS resolvers that exist? (Choose two.)

A.       A custom resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.

B.       A VCN resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.

C.       A VCN resolver allows instances to use host names to communicate with instances on other VCNs in your tenancy.

D.       An Internet resolver allows instances to use the host names that are published on the Internet.

Answer: A, D

Q112. Which three are capabilities of the dbaascli utility? (Choose three.)

A.       Patching the primary database deployment

B.       Open port 1521 in the VCN to allow for traffic to the listener

C.       Start and open the database instance

D.       Switchover and failover in an Oracle Guard configuration

E.       Clone a DB

Answer: A, C, D

Q113. How can you provide users access to an existing compartment?

A.       by granting users access to a compartment when the compartment is created

B.       by adding users to a group and defining a policy to provide the group access to the compartment

C.       by adding users to a compartment. All users in the compartment will have access to the objects in the compartment.

D.       by granting access directly to the user when the user is created

Answer: B

Q114. Which three components can you configure in Oracle Infrastructure Identity and Access Management? (Choose three.)

A.       Groups

B.       Users

C.       Instances

D.       Policies

E.       VCNs

Answer: A, B, D

Q115. Which two are valid options when migrating a database from on-premise to Oracle Cloud Infrastructure? (Choose two.)

A.       performing a backup to Oracle Cloud Infrastructure Object Storage, and then restoring to a database server on Oracle Cloud Infrastructure

B.       snapping or cloning storage form on-premise to Oracle Cloud Infrastructure

C.       converting the Oracle database to a NoSQL database and migrating to Oracle Cloud Infrastructure by using rsync file copy

D.       performing RMAN backup to an on-premise storage device, and then shipping to Oracle Cloud Infrastructure

Answer: A, D

Q116. Which two are a valid image source when launching a new compute instance? (Choose two.)

A.       bare metal instance

B.       object storage

C.       custom image

D.       boot volume

Answer: C, D

Q117. You must implement a backup solution for your Autonomous Data Warehouse (ADW) that will enable you to restore data as old as one year with a recovery point objective (RPO) of 10 days.

Which database backup strategy would you select?

A.       Take weekly manual backups to supplement the automated backups and preserve them for 12 months.

B.       Use the automated backups.

C.       Take monthly manual backups to supplement the automated backups and preserve them for 12 months.

D.       Take quarterly manual backups to supplement the automated backups and preserve them for 12 months.

Answer: B

Q118. A new employee has just started working for your company. You create an Oracle Cloud Infrastructure user account for this employee, following which they are able to log in, but still cannot create any resources.

What should you do to resolve this?

A.       Send the employee API Signing Keys to log in.

B.       Delete the account and create another one.

C.       Make sure that the employee is logging in to the Oracle Cloud Infrastructure account from your corporate network only.

D.       Add the employee to a group with policies to grant access to relevant resources.

Answer: D

Q119. Where is the tenancy Oracle Cloud Identifier (OCID) located?

A.       given by support on account creation

B.       at the bottom of every console page

C.       on the Identity – Users page

D.       contained within the compartment OCID

Answer: D

Q120. Which storage service is used on OCI for a Data Transfer Service job?

A.       An instance with enough storage to accommodate the job

B.       An object bucket

C.       A File System service instance

D.       Block Volume

Answer: B

Q121. You are an administrator with an application running on OCI. The company has a fleet of OCI compute virtual instances behind an OCI Load Balancer. The OCI Load Balancer Backend Set health check API is providing a ‘Critical’ level warning. You have confirmed that your application is running healthy on the backend servers.

What is the possible reason for this ‘Critical’ warning?

A.       A user does not have correct IAM credentials on the Backend Servers.

B.       The Backend Server VCN’s Route Table does not include the route for OCI LB.

C.       OCI Load Balancer Listener is not configured correctly.

D.       The Backend Server VCN’s Security List does not include the IP range for the source of the health check requests.

Answer: D

Q122. When creating a subnet, one or more placeholder security lists are often associated with the subnet. Why?

A.       Each operator needs its own security list.

B.       Each protocol needs its own security list.

C.       Each network endpoint or instance in the subnet needs its own security list.

D.       It is not possible to add or remove security lists after a subnet is created.

Answer: C

Q123. Which two features are offered natively on Oracle Cloud Infrastructure Database Cloud Service (DBCS)? (Choose two.)

A.       Data Guard in Async mode within a region

B.       GoldenGate replication between two regions

C.       Data Guard in Maximum Protection mode

D.       backup to Object Storage

Answer: A, D

Q124. Which storage would you use if your big data workload required shared access and an NFS based interface?

A.       File Storage

B.       Storage Softare Cloud Appliance

C.       Object Storage

D.       Archive Storage

E.       Block Volume

Answer: A

Q125. Which statement is true about Oracle Cloud Identifiers (OCID)?

A.       mytenancy.oc.ocid is a valid OCID

B.       If you delete a user, and then create a new user with the same name, the user will be considered a different user because of different OCIDs

C.       Users can customize OCID for all the resources in their compartments

D.       If you delete a user, and then create a new user with the same name, the new user will be assigned the exact same OCIDs as the system remembers

Answer: B

Q126. You have launched a compute instance running Oracle database in a private subnet in the Oracle Cloud Infrastructure US East region. You have also created a Service Gateway to back up the data files to OCI Object Storage in the same region. You have modified the security list associated with the private subnet to allow traffic to the Service Gateway, but your instance still cannot access OCI Object Storage.

How can you resolve this issue? 

A.       Add a rule in the Route Table associated with the private subnet with Target type as "Service Gateway" and destination service as all IAD services in the Oracle Service Network.

B.       Add a stateful rule that enables egress HTTPS (TCP port 443) traffic to OCI Object Storage in the security list associated with the private subnet

C.       Use the default Security List, which has ports open for OCI Object Storage

D.       Add a stateful rule that enables ingress HTTPS (TOP port 443) traffic to 001 Object Storage in the security list associated with the private subnet

 Answer: A


Q127. Where are DB Systems backups stored by default?

A.       block volume

B.       object storage on Oracle Cloud Infrastructure

C.       locally attached NVMe on virtual machine

D.       ASM disk group

Answer: B

Q128. Your company has decided to move a few applications to Oracle Cloud Infrastructure and you have been asked to design it for Disaster Recovery (DR). One of the items of your design is to deploy the DR at least 300 miles from the home site and minimize the network latency as much as possible. Based on that, what will be the recommended deployment? 

A.       Deploy applications in different regions and have them connected using VCN Remote Peering

B.       Deploy applications in two separated VCNs in different Availability Domains and use VCN Remote Peering

C.       Deploy applications on the same region splitting workloads across Availability Domains

D.       Deploy applications in two separated VCNs in different regions and use VCN Local Peering

Answer: A

Q129. You have an external facing web server running in the Oracle Cloud Infrastructure (OCI) London region. You are notified that customers in North America and Australia are facing high latency while connecting to your web server. Which services are available on OCI that can help you get current latency statistics to your web server from these markets? 

A.       Setup an IPsec VPN with customers in those markets and check latency over that connection

B.       Setup a FastConnect with customers in those markets and check latency over that connection

C.       Use DNS Zone Management service to check latency over that connection

D.       Use the Internet Intelligence tool. Run tests using the web server's public IP address and review traceroute details from different vantage points

Answer: D

Q130. Which is a customer's responsibility on an Oracle Cloud Infrastructure database? 

A.       installing the operating system (OS), Grid Infrastructure, and database software

B.       creating the first default database on the DBCS server

C.       patching the database and OS

D.       creating an ASM diskgroup for data file or temp file storage

Answer: C

Q131. Which statement is true about the Oracle Cloud Infrastructure File Storage Service Snapshots? 

A.       Snapshots are not incremental

B.       You can restore the whole snapshot, but not the individual files

C.       It is not possible to create snapshots from OCI console, but just the CLI

D.       Snapshots are created under the root folder of file system, in a hidden directory named .snapshot

Answer: D

Q132. Your company is moving an Internet-facing, 2-tier web application into Oracle Cloud Infrastructure. The application must have a highly available architecture. 

Which two design options would you consider? (Choose two.) 

A.       Configure a NAT instance in your Virtual Cloud Network (VCN). Create a route rule by using the private IP of the NAT instance as a route target for all the private subnets in your VCN

B.       Configure a Dynamic Route Gateway in your VCN and make it highly available.

C.       Place all web servers behind a public load balancer

D.       Create an Internet Gateway and attach it to your VCN. Deploy public load balancer nodes into two Available Domains.

Answer: C, D

Q133. A customer has launched a compute Instance in the Virtual Cloud Network (VCN), which has an Internet gateway, a service gateway, a default security lists and a default route table. Customer has opened up Port 22 in the security lists attached to the compute instance subnet, however is still unable to connect to compute instances using ssh. Which option would remedy this situation? 

A.       Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table. Destination CIDR: 0.0.0.0/0. Target: Service Gateway (SGW)

B.       Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful egress rule to allow icmp traffic in addition to the port 22.

C.       Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table. Destination CIDR: 0.0.0.0/0. Target: Internet Gateway (IGW)

D.       Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table. Destination CIDR: 0.0.0.0/0. Target: Dynamic Routing Gateway (DRG)

Answer: C

Q134. You are designing a two-tier web application in Oracle Cloud Infrastructure (OCI). Your clients want to access the web servers from anywhere, but want to prevent access to the database servers from the Internet. Which is the recommended way to design the network architecture? 

A.       Create public subnets for web servers and private subnets for database servers in your VCN, and associate separate security lists and route tables for each subnet

B.       Create a single public subnet for your web servers and database servers, and associate only your web servers to internet gateway.

C.       Create public subnets for web servers and associate a dynamic routing gateway with that subnet, and a private subnet for database servers with no association to dynamic gateway.

D.       Create public subnets for web servers and private subnets for database servers in your virtual cloud network (VCN), and associate separate internet gateways for each subnet.

Answer: A

Q135. For what business need should you use Database Cloud Service (DBCS) instead of Oracle DB on a compute instance? 

A.       to bring your own license on a compute service

B.       to lower license and infrastructure cost

C.       to build an Oracle database on a compute service

D.       to implement Oracle RAC for high availability

Answer: D

Q136. Which two options are true for Autonomous Transaction Processing (ATP) database? (Choose two.) 

A.       You can scale CPU up or down in ATP

B.       You can add/remove Diskgroup in ATP

C.       You can scale storage up or down in ATP

D.       You can add more Pluggable Database for consolidating multiple databases in ATP

E.       You can add new ORACLE_HOME for bringing older versions of on-premises databases to ATP

Answer: A, C

Q137. Which two options are available when configuring DNS resolution for your virtual cloud network? (Choose two.)

A.       custom resolver

B.       Internet and virtual cloud network (VCN) resolver

C.       Google DNS servers

D.       Internet and custom resolver

Answer: A, B

Q138. Which two statements are true about Oracle Cloud Infrastructure IPSec VPN Connect?

A.       OCI IPSec VPN tunnel supports only static routes to route traffic

B.       OCI IPSec VPN can be configured in tunnel mode only

C.       OCI IPSec VPN can be configured in trans port mode only

D.       Each OCI IPSec VPN consists of multiple redundant IPSec tunnels

Answer: B, D

Q139. When terminating a compute instance, you want to preserve the boot volume and its data. Which step will you need to perform? 

A.       You cannot preserve the boot volume; it will always be deleted when you terminate the instance.

B.       Disable the default option to delete the boot volume when terminating an instance.

C.       Reboot the instance first, and then terminate the instance.

D.       Before terminating the instance, you must detach the boot volume.

Answer: B

Q140. What is a valid option when exporting a custom image? 

A.       archive storage URL

B.       block volume

C.       file storage service

D.       object storage URL

Answer: D

Q141. Which three methods can you use to manage Oracle Cloud Infrastructure services? (Choose three.) 

A.       Oracle Cloud Infrastructure Desktop Client

B.       SSH or RDP

C.       REST API

D.       Command-line Interface

E.       Oracle Cloud Infrastructure Console

Answer: C, D, E

Q142. Which three are valid Terraform configuration components? (Choose three.) 

A.       region

B.       metadata

C.       variable

D.       resource

E.       instance

F.       data source

Answer: C, D, F

Q143. Which statement is true about Oracle Cloud Infrastructure (OCI) object storage support for server-side encryption? 

A.       You must manually enable server-side encryption for each object as you upload to OCI object storage

B.       Objects are automatically encrypted as they are uploaded to object storage and decrypted upon retrieval

C.       You must manually decrypt the data when retrieving from OCI object storage

D.       Only the object data is encrypted and the user-defined metadata that is associated with the object is not encrypted

Answer: B

 
Q144. You have provisioned an Autonomous Data Warehouse (ADW) database with 16 enabled OCPUs and need to configure the consumer group for your application. Which two are true when deciding the number of sessions for each application? (Choose two.) 

A.       The MEDIUM and LOW consumer group can run up to 16 concurrent SQL statements if HIGH consumer group has 0 SQL statements

B.       The HIGH consumer group can run up to 16 concurrent SQL statements as long as MEDIUM and LOW consumer groups have 0 SQL statements

C.       The MEDIUM consumer group can run 20 concurrent SQL statements when HIGH consumer group has 0 SQL statements

D.       The HIGH consumer group can run up to 16 concurrent SQL statements in addition to 32 concurrent SQL statements in MEDIUM and LOW consumer group each

E.       The HIGH consumer group can run 3 concurrent SQL statements when MEDIUM consumer group has 0 SQL statements 

Answer: C, E

 
Q145. You have an application running on Oracle Cloud Infrastructure. You identified that the read and write operations are slowing your application down enough to impair user access. The application is currently using a VM.Standard 1.2 compute without any block storage attached to it. 

Which two options allow you to increase disk performance? (Choose two.) 

A.       Terminate the compute instance preserving the boot volume. Create a new compute instance using a VM Dense IO shape using the boot volume preserved.

B.       Terminate the compute instance preserving the boot volume. Create a new compute instance using a VM Standard shape and attach a new block volume to host your application

C.       Create a backup of the boot volume. Create a new compute instance using a VM Dense IO shape and restore the backup

D.       Terminate the compute instance and create a backup of the boot volume. Create a new compute instance using a VM Dense IO shape and restore the backup. 

Answer: A, C 


Q146. A company currently uses Microsoft Active Directory as its identity provider. The company recently purchased Oracle Cloud Infrastructure (OCI) to leverage the cloud platform for its test and development operations. As the administrator, you are now tasked with giving access only to developers so that they can start creating resources in their OCI accounts.

Which step will you perform to achieve this requirement? 

A.       Create a group for developers on OCI and map the group to a similar group in Microsoft Active Directory during the federation process.

B.       Federate all Microsoft Active Directory groups with OCI to allow users to use their existing credentials.

C.       Create a new user account for each user, and then create policies to provide access to developers.

D.       Create a group for developers on OCI, export all the developers from Microsoft Active Directory, and then import them into the Identity and Access Management (IAM) group.

Answer: A

 
Q147. You are responsible for setting up access for all the cloud users of a large enterprise. You log in to the Phoenix region and start creating users and policies. You then realize that some users might be creating resources in the Ashburn region. Which step should you perform to enable those users? 

A.       You need to log in to each region separately to create users for that particular region.

B.       You can assign a region to each of the users at the time of creation.

C.       IAM users are global. As an administrator, make sure that you subscribe to the Ashburn region.

D.       IAM users are global and non-admin users can add resources to any region by default. 

Answer: C 


Q148. Your company has decided to move a few applications to Oracle Cloud and you have been asked to design it for both High Availability (HA) and Disaster Recovery (DR). Which two should you consider while designing your Oracle Cloud Infrastructure architecture? (Choose two.) 

A.       Region

B.       Instance Shape

C.       Compartments

D.       Availability Domain 

Answer: A, D

 

Q149. Which resource is required when connecting to your on-premise network from your Virtual Cloud Network (VCN) via IPSec VPN or FastConnect? 

A.       Internet Gateway (IGW)

B.       Dynamic Routing Gateway (DRG)

C.       local peering gateway

D.       NAT 

Answer: B

at
Labels: