OCI Foundations Associate Practice Exams
Choose the OCI CIDR range with the largest contiguous IP address space.
A. 192.168.0.2/14*** B. 10.1.0.1/3D C. 192.168.0.2/64 D. 10.1.0.1/24
Choose the option that best describes how autonomous databases are patched. A. Oracle is responsible for patching, which occurs as a quarterly, full-stack, rolling patch. B. You are responsible for patching. C. You are responsible for patching but must ensure that databases have been patched within the last six months. D. You negotiate with Oracle, who then applies the latest patches as per the negotiated patching schedule.
A is correct.
When adding a block volume to your compute instance, what protocol may be used to access the storage? A. iSCSI B. SSD C. NFS D. FSS
A is correct. Block volume storage may be attached to your instance using the iSCSI protocol.
You have an important system based on a legacy operating system that is not available through the OCI platform images and does not support paravirtualized drivers. You decide to leverage the BYOI feature and export the machine to a VMDK format. Which mode is most appropriate to launch this custom image? A. Emulated mooe B. Paravirtualized mode C. Native mode D. Virtualized mode
A is correct. The guest image is fully virtualized and runs without modification on the OCI hypervisor.
You have implemented a floating IP address on a critical compute instance to support high availability. Which of the following statements are true regarding floating IP addresses? (Choose all that apply.) A. A floating or reserved or static IP address may be allocated to a compute Instance and later unassigned and reassigned to a different compute instance B. Floating IP addresses are automatically allocated to OCI load balancers C. An ephemeral IP address may be allocated to a compute instance and later unassigned and reassigned to a different compute instance D. Reserved or static IP addresses have regional scope
A, B, and D are correct. Floating IP addresses may be unassigned from one compute instance and reassigned to another. It is often possible to automate the allocation of a floating IP address to a standby instance to minimize downtime. Load balancers also receive floating IP addresses. Reserved or static IPs may be assigned to any compute instance in your region.
Compartment A has a policy that grants the NetAdmin group members manage permissions on network resources in that compartment. Compartment B is a parent compartment of compartment A and contains a load balancer resource. Which of the following statements is true? (Choose all that apply.) A. Members of the NetAdmin group can inspect the load balancer in compartment A B. Members of the NetAdmin group cannot read the details of the load balancer in compartment B C. Members of the NetAdmin group can manage any network resources in compartments A and B D. Members of the NetAdmin group can manage any network resources in compartment A but not in compartment B
A, B. and D are correct. A policy created in a child compartment with no subcomparlments applies only to the relevant resources within that child compartment. The manage verb subsumes the permissions granted by the inspect verb.
Which of the following Oracle Cloud solutions support CPU core scaling? (Choose all that apply.) A. DBCS-Bare Metal B. VM.Standard2.1 with user-managed DB C. ExaCS D. ADB
A, C, and D are correct. CPU cores may be scaled up and down on autonomous databases, Exadata Cloud service, and bare metal DBCS systems.
A new compute instance is provisioned in a public subnet. Which of the following statements are true for the default vNIC assigned to the instance? (Choose all that apply.) A. The vNIC is allocated an OCID B. The VNIC is allocated a media access control (MAC) address C. A primary public IP address from the vNIC's subnet is allocated upon instance creation D. A primary private IP address from the vNIC's subnet is allocated upon instance creation
A,B and D are correct. Each vNIC has an OCID and is assigned a MAC address. A primary private IP address from the vNIC's subnet is either automatically allocated by OCI network services or specified by you upon instance creation.
Which three items must be configured for a load balancer to accept incoming traffic?
A. A backend set with at least one backend server*** B. A security list that is open on the listener port*** C. SSL certificate D. A route table entry pointing to the listener IP address E. A listener***
A DNS zone contains a set of resource records for each domain being administered. Choose all valid resource record types from the following list.
A. A record*** B. B record C. NS record*** D. C record
Which of the following statements regarding autonomous databases is true? (Choose all that apply.)
A. ATP and ADW databases are PDBs in an autonomous CBD on Exadata*** B. Serverless ATP is an ATP instance on a shared Exadata infrastructure.*** C. ATP and ADW databases run on non-Exadata infrastructure. D. ADW allows only CPU scaling and not storage scaling.
Choose two statements that accurately describe the availability of the File Storage service.
A. An FSS file system can provide a mount target in multiple subnets local to each AD within a region. B. An FSS file system provides a mount target within a single AD-local subnet and is only accessible to instances in the AD of that subnet. C. An FSS file system provides a mount target in a single AD-local subnet of your choice but is mountable by instances in all ADs within a region.*** D. A single mount target may expose multiple FSS file systems. ***
The OCI Block Volume service lets you expand the size of block and boot volumes. Which three options below can you use to increase the size of your block volumes? A. Clone an existing volume to a new, larger volume B. You can only expand block volumes and not boot volumes. C. Take a backup of your existing volume nd restore from the volume backup to a larger volume. D. Expand an existing volume in place with offline resizing. E. Expand an existing volume in place with online resizing
A. Clone an existing volume to a new, larger volume*** C. Take a backup of your existing volume nd restore from the volume backup to a larger volume.*** D. Expand an existing volume in place with offline resizing. ***
Which statement is true for an OCI Compute instance? A. Compute instance always gets a private IP address B. Compute instance always get a public IP address C. Compute instance cannot leverage autoscaling feature D. Compute instance does not use a boot volume
A. Compute instance always gets a private IP address
Which two situations incur costs within OCI? A. Data egress to the Internet B. Transferring data across regions C. Transferring data from one instance to another within the same AD D. Transferring data from one instance to another across different ADs in a region E. Data ingress from the Internet
A. Data egress to the Internet B. Transferring data across regions
Which two statements are true about OCI IPSec VPN Connect? A. Each OCI IPSec VPN consists of multiple redundant IPSec tunnels B. OCI IPSec VPN tunnel supports only static routes to route traffic C. OCI IPSec VPN can be configured in tunnel mode only D. OCI IPSec VPN can be configured in transport mode only
A. Each OCI IPSec VPN consists of multiple redundant IPSec tunnels C. OCI IPSec VPN can be configured in tunnel mode only
IPSec VPNs are more affordable than FastConnect for connecting your VCN to your on-premises network. Which of the following statements are false about IPSec VPNs?
A. IPSec VPNs offer end-to-end encrypted communications B. IPSec VPN tunnels run over public networks C. IPSec VPN tunnels run over private networks*** D. Two tunnels are created for redundancy when IPSec VPN is set up
Which of the following statement is true regarding Oracle Cloud Infrastructure Object Storage Pre-Authenticated Requests?
A. It is not possible to create pre-authenticated requests for "archive" storage tier B. Changing the bucket visibility does not change existing pre-authenticated requests*** C. It is not possible to create pre-authenticated requests for the buckets, but only for the objects D. Pre-authenticated requests don't have an expiration.
Which security service is offered by OCI? A. Key Management B. Managed Active Directory C. Certificate Management System D. Managed intrusion detection
A. Key Management
What type of IP address may be allocated to a compute instance and later unassigned and reassigned to a different compute instance? A. Reserved Public IP B. Ephemeral IP C. Dynamic IP D. Private IP
A. Reserved Public IP
Which OCI storage types are suitable for unstructured data and may be used for big data applications? (Choose two.)
A. Standard tier object storage*** B. HDFS storage C. Archive tier object storage D. Block Volume***
Your application consists of three OCI compute instances running behind a public load balancer. You have configured the load balancer to perform health checks on these instances, but one of the three instances fails to pass the configured health check. Which of the following action will the load balancer perform?
A. Terminate the instance that failed health check B. Stop sending traffic to the instance that failed health check*** C. Stop the instances that failed health check D. Remove the instance that failed the health check from the backend set.
Your organization provides new staff with notebooks capable of using remote desktop software to access VMs on OCI. The IT team uses a custom boot image as the image source for the user VMs. Which of the following statements are true about the custom image?
A. The custom image may be used to create VMs in any AD in the region where the image is visible. *** B. The custom image may be used to create VMs in any region to which your tenancy is subscribed. C. The custom image may be used to create VMs in all OCI regions. D. The custom image may be used to create VMs only in the AD where the image is available.
Transparent Data Encryption (TDE) is a feature of the Advanced Security option available with Oracle Database Enterprise Edition. What options are available to you in terms of using TDE when migrating an on-premises database that is not using TDE to DBCS on OCI? (Choose two.)
A. The new database on DBCS must have all tablespaces encrypted. B. You can migrate your database to DBCS, but all tablespaces must be unencrypted unless you purchase the Advanced Security option C. You can migrate your database to DBCS, but some tablespaces may be unencrypted.*** D. Any unencrypted tablespaces in a DBCS database may be encrypted after the migration is complete. ***
Your organization has embraced the cloud, and all new emloyees are provided with thin client notebook computers with which they connect to their user VMs created in the us-ashburn-1 AD. The CEO is experiencing difficulties, as her VM is not accessible. The system administrators have attempted restarting the VM but cannot determine the problem. There is critical data on the boot volume of this VM that the CEO must recover at any cost. Which of the following is the most efficient approach to assisting the CEO?
A. There is nothing further to do. The compute instance is lost. A new instance must be re-created. B. The boot volume may be detached and attached to another working instance as a regular volume to access critical files for the CEO while the underlying issue is being resolved.*** C. A console connection may be created to see if there is more information available to assist with diagnosis and resolution.*** D. The OCI autonomous repair feature may be used to diagnose and resolve any compute instance issues.
Which of the following is an example of an individual OCI resource type when used with IAM policies? (Choose all that apply.)
A. VCN*** B. subnet*** C. Exadata cloud services D. instance-family
What is the main difference between a VM standard and VM DenseIO compute instance shape?
A. VM DenseIO is made of a stronger, more durable material B. VM DenseIO has much more CPU and memory than standard shapes C. VM Standard is ideal for demanding OLTP databases, while VM DenseIO is more suitable for big data systems D. VM DenseIO provides NVMe drivers, while VM standard shapes only support block storage***
You have created a new compartment called Production to host some production apps. You have also created users in your tenancy and added them to a group called "production_group". Your users are still unable to access the Production compartment. How can you resolve this situation? A. Write an IAM Policy for "production_group" granting it access to the production compartment B. Write an IAM Policy for each specific user granting them access to the production compartment C. Every compartment you create comes with a predefined set of policies, so no further action is needed D. Your users get automatic access to all compartments, so no further action is needed
A. Write an IAM Policy for "production_group" granting it access to the production compartment***
Which two statements are true regarding cloning a block volume? A. You change the block volume performance when creating a clone B. You can clone block volumes across regions. C. You can change the block volume size when creating a clone D. You can skip block volume encryption when creating a clone.
A. You change the block volume performance when creating a clone*** C. You can change the block volume size when creating a clone***
While provisioning a Linux compute instance on a BM.HPC2.36 shape using an Oracle image, you are required to upload an SSH key. Which of the following statements regarding SSH keys are true?
A. You generate the public and private key pairs and upload the private key when creating the instance. B. You generate the public and private key pairs and upload the public key when creating the instance. *** C. You download the Oracle pre-generated keys for your tenancy from the OCI key vault and share the private key as required. D. You download the Oracle pre-generated keys for your tenancy from the OCI key vault and share the public key as required.
You have provisioned an instance using the BM.GPU3.8 shape. Which of the following statements are true?
A. You may only choose a Linux-based OS for this shape. B. GPU shapes are also known as supercomputer high-performance compute shapes C. The instance is provisioned with three NVIDIA GPUs D. The instance is provisioned with eight NVIDIA GPUs. ***
After creating a VCN, you plan to create two subnets, one private and one public. Which of the following statements are true? (Choose two.) A. You will need two VCNs, one for each subnet, since you cannot mix private and public subnets in the same VCN B. Public subnets allow instances with public IP addresses C. A single VCN is sufficient, one for each subnet, since you can mix private and public subnets in the same VCN D. A single VCN is sufficient, one for each subnet, and there is no need to worry about overlapping CIDR ranges between the subnets since one is public and the other is private.
B and C are correct. *Public subnets allow instances with public IP addressees, and you may create multiple subnets of either type in a single VCN. A & D are incorrect. You may create multiple subnets of either type in a single VCN, but ensure that there is no overlap in the CIDR ranges of the subnets being defined. To minimize risk, creating private subnets in the RFC 1918 address range is recommended.
A vNIC resides in a subnet and is allocated to a compute instance, thus allowing the instance to connect to the subnet's VCN. Which of the following statements are true for an OCI vNIC? A. a vNIC is never allocated an OCID B. a vNIC is allocated a media access control (MAC) address C. A primary private IP address from the vNIC's subnet upon creation D. A primary private IP address from the vNIC's subnet upon instance creation
B and D are correct. Each vNIC includes a MAC address, which is a unique device identifier assigned to an NIC, and obtains a private IP address from the vNIC's subnet, either automatically allocated by OCI network services or specified by you upon instance creation
Which of the following is an example of an OCI IAM family resource type? (Choose two.) A. vcn B. all-resources C. Exadata cloud services D. instance-family
B and D are correct. Individual resource-types are grouped into family resource—types, such as virtual-network-family, instance-family, and volume-family. Resource—types may also be referenced as an aggregation of all resources at both a compartment and tenancy level as all-resources.
While designing the architecture for your external corporate website to be hosted on OCI, you are confronted by many design choices, including the load balancer traffic distribution policy. Employees using your company on-premises network to connect to the website go through a single NAT router connected to the on-premises network and account for more than half the traffic to the site. Which ot the following load balancer traffic distribution policies are most suitable? (Choose two.) A. IP hash B. Least connections C. Geolocation steering D. Round robin
B and D are correct. Round robin is a simple policy that distributes incoming traffic sequentially to each server in a backend set list, regardless of the incoming client IP address. Least connections routes incoming requests to the backend instance with the least active connections.
The DHCP options available when created a VCN let you choose which two DNS resolution types? A. Local nameserver B. DNS resolver C. Internet and VCN resolver D. Custom resolver
C and D
The ADW workload type targets analytic systems. Which of the following statements accurately describe ADW databases? A. ADW databases have configuration parameters biased toward high-volume random data access B. ADW databases have configuration parameters biased toward high-volume ordered data scanning operations C. ADW uses a traditional row store D. ADW supports a BYOL licensing model
B and D are correct. The ADW workload type targets analytic systems, including databases, with configuration parameters biased toward high-volume ordered data scanning operations. Both bring your own license [BYOL] and license included types are available for autonomous databases.
OCI provides autoscaling, allowing the dynamic addition or removal of instances from an instance pool. This allows your systems to scale elastically to resource demand. Which of the following statements are true about autoscaling? A. When autoscaling is enabled, OCI provisions twice the number of active compute instances in the instance pool to ensure even load balancing. B. When autoscaling is enabled, OCI provisions as many compute instances as required, limited only by the autoscaling policy. C. Once an OCI instance pool has autoscaled out and reached the maximum defined scaling limit, you are manually required to scale in or reduce the number of instances. D. When autoscaling is enabled, OCI waits for administrator approval before provisioning any new compute instances.
B is correct
Which autonomous transaction processing database feature determines and creates suitable structures to improve the efficiency at the access path used to fetch data? A. Automatic migration B. Automatic indexing C. Autoscalihg D. Automatic backups
B is correct. Automatic indexing determines and creates indexes that improve the efficiency ot fetching data in an autonomous database.
What is the scope of IAM resources such as users, groups, compartments, and policies? (Choose the best answer.) A. Region B. Global C. Compartment D. Availability Domain
B is correct. IAM resources such as API signing keys, dynamic groups, compartments, key vaults, users, groups, and policies are considered global resources.
Choose the OCI storage types listed in order from cheapest to most expensive in terms of cost per gigabyte. A. Object storage archive, object storage standard, block volume, NVMe, FSS B. Object storage archive, object storage standard, block volume, FSS, NVMe C. Object storage archive, object storage standard, FSS, block volume, NVMe D. NVMe, FSS, block volume, object storage standard, object storage archive
B is correct. NVMe SSD is only available on bare metal shapes and is the most expensive storage listed. FSS costs a little more than ten times more than block volume and roughly twice as much as standard tier object storage, which costs roughly ten times more than archive tier object storage.
You plan to set up a Data Guard system on two VMs in a single-AD region. What AD feature should you ensure that you leverage to protect your system from physical server failure? A. Load balancers B. Fault domalns C. RAc clusters D. Snapshot clones
B is correct. Physical server, storage, and network redundancy is provided by three fault domains per AD.
Compute instance IAD1 has a 50GB boot volume and an additional 100GB block volume. You decided to delete the instance. What happens to the boot volume and additional block volume atter the instance is terminated? A. The boot volume is terminated, but the additional block volume is available for reuse B. Both the boot volume and block volume may be retained if you so choose C. Both the boot volume and block volume are removed D. Both the boot volume and block volume are removed
B is correct. Upon deletion of the instance, you have the option to remove or retain the boot volume.
Which of the following automatic features are associated with autonomous transaction processing databases? A. Automatic migration B. Automatic indexing C. Automatic tuning D. Automatic backups
B, C, and D are correct
Which option provides the best performance for running OLTP workload in OCI? A. OCI Virtual Machine Instance B. OCI Exadata DB Systems C. OCI Dedicated Virtual Host D. OCI Autonomous Data Warehouse
B. OCI Exadata DB Systems ***
OCI traffic management steering policies are a part of OCI DNS services that enable policies to serve context-intelligent response to DNS queries. Choose all valid traffic management steering policy types. A. Switchover B. Failover C. Geolocation steering D. Load Balancer
B, C, and D are correct. *Failover policies allow prioritization of the order in which answers are served. Geolocation steering policies distribute DNS traffic to different endpoints based on the geographical location of the end user. Load balancer policies support a ratio-based weighted distribution of traffic across multiple endpoints. ASN and IP prefix steering are two additional traffic management steering policy types. Switchover is not a valid traffic management policy type.
While designing the architecture for your external corporate website to be hosted on OCI, you are confronted by many design choices, including the load balancer architecture. You decide on a public load balancer in a multi-AD region. Which of the following decisions support good practice in implementing your design? A. Create the load balancer in two AD—specific private subnets B. Spread backend set instances across multiple fault domains C. Spread backend set instances across multiple availability domains D. Create the load balancer in a regional public subnet
B, C, and D are correct. It is good practice to spread backend set instances across multiple fault and availability domains to support high availability. Placing the load balancer in a regional subnet results in the creation of primary and standby load balancers, each in a separate AD.
Which statement is not true for Oracle Cloud Infrastructure compartments? A. Each OCI resource belongs to a single comparment B. Compartments cannot be nested C. Resources can be moved from one compartment to another D. Resources and compartments can be added and deleted anytime.
B. Compartments cannot be nested
You deployed a web server in Oracle Cloud Infrastructure using an Ephemeral Public IP address. While making configuration changes, an admin inadvertently deleted your web server. You redeploy your web server, but many of your LOB apps depend on this web server's public IP address and would need an update. What can you do to prevent this from happening again. A. Create a reserved public IP and associate it with the hosts file of your web server B. Create a reserved public IP and associate it with the virtual NIC of your compute instance C. Create a reserved public IP and associate it with the subnet of your compute instance D. Create a reserved public IP and associate it with the security list for the subnet being used by your compute instance
B. Create a reserved public IP and associate it with the virtual NIC of your compute instance***
A company has developed a payroll application in Oracle Cloud Infrastructure? What should they do to ensure that the application has the highest level of availability and resilience? A. Deploy the application across multiple Virtual Cloud Networks B. Deploy the application across multiple Regions and Availability Domains C. Deploy the application across multiple ADs and Fault Domains D. Deploy the application across multiple ADs and subnets
B. Deploy the application across multiple Virtual Cloud Networks
You are a network architect of an application running on Oracle Cloud Infrastructure (OCI). Your security team has informed you about a security patch that needs to be applied immediately to one of the backend web servers. What should you do to ensure that the OCI load balancer does not forward traffic to this backend server during maintenance? A. Edit the security list associated with the subnet to avoid traffic conectivity to this backend serve B. Drain all existing connections to this backend server and mark the backend web server offline. C. Stop the load balancer for maintenance and restart the load balancer after the maintenance is finished. D. Create another OCI load balancer for the backend web servers, which are active and handling traffic.
B. Drain all existing connections to this backend server and mark the backend web server offline.***
You are running several Linux based operating systems in your on-premises environment that you want to import to OCI as custom images. You can launch your imported images as OCI compute VMs. Which two modes below can be used to launch these imported Linux VMs? A. Mixed B. Emulated C. Paravirtualized D. Native
B. Emulated *** C. Paravirtualized ***
What purpose does an OCI Dynamic Routing Gateway serve? A. Enables OCI Compute instances to privately connect to OCI Object Storage B. Enables OCI Compute instance to connect to on-premises environments C. Enables OCI Compute instances to connect to the Internet D. Enables OCI Compute instances to be reached from the internet
B. Enables OCI Compute instance to connect to on-premises environments***
Which Oracle Cloud Infrastructure capability can be used to protect against power failures within an Availability Domain? A. Top of rack switch B. Fault Domains C. Service cells D. Data Plane
B. Fault Domains ***
Which two OCI services use a Dynamic Routing Gateway? A. OCI FastConnect Public Peering B. OCI FastConnect Private Peering C. Internet Gateway D. Local Peering E. OCI IPSec VPN Connect
B. OCI FastConnect Private Peering*** E. OCI IPSec VPN Connect***
Which OCI service would you use to distribute incoming traffic between a set of web servers? A. Auto Scaling B. Public Load Balancer C. Private Load Balancer D. Internet Gateway
B. Public load balancer
Which is Oracle's responsibility according to the OCI shared security model? A. Configuring OCI services securely B. Security of data-center facilities C. Data classification and compliance D. Securing application workloads
B. Security of data-center facilities
Which SLA types is not offered by Oracle Cloud Infrastructure compute service? A. Control Plane B. Service Plane C. Performance D. Data Plane
B. Service Plane
Which OCI Compute shape does NOT incur instance billing in a stopped state? A. GPU B. Standard C. HPC D. Dense I/O
B. Standard
You run four OCI virtual machine instances on an OCI Dedicated virtual host. How will this deployment be billed? A. All the four instances will be billed based on the number of OCPU. B. The dedicated virtual machine host and the boot volumes of each instance will be billed. C. The dedicated virtual machine host, all the four instances, and the boot volumes of each instance will be billed. D. Only the dedicated virtual machine host will be billed.
B. The dedicated virtual machine host and the boot volumes of each instance will be billed.
Sizing database servers for peak load is no longer required with autonomous databases. Which two features available with autonomous databases support dynamic sizing that grows and shrinks with workload demand? A. Automatic index scaling B. Network bandwidth scaling C. CPU scaling D. Storage scaling
C and D are correct
You have an application running in Azure and a database in OCI. The relevant configurations have been completed by the cloud architect to federate OCI with Azure AD. Which of the following statements are true? (Choose two.) A. It is not possible to connect resources in Azure with resources in OCI B. You have to sign in to the OCI cloud console to administer OCI resources and separately sign in to the Azure portal with a different set of credentials C. ExpressHoute and FastConnect are required to connect your Azure virtual network to your OCI VCN D. You can sign in to the OCI cloud console to administer OCI resources and navigate to the Azure portal without being prompted for a different set of credentials
C and D are correct. Both the OCI and Azure networks must be connected together with ExpressRoute and FastConnect.
What are the two tiers of OCI object storage? A. S3 B. Glacier C. Standard D. Archive
C and D are correct. Objects stored in a standard tier bucket may be accessed frequently, and your data is immediately available, while objects that are infrequently accessed but that must be retained and preserved for a long time are better suited for archive tier object storage
Choose two instance types available when provisioning compute instances. A. Autonomous Linux B. OVM C. Virtual machine (VM) D. Bare metal machine (BM)
C and D are correct. VM and BM are the only available compute instance types.
Choose the OCI storage type that provides a snapshot-based backup mechanism that supports the immediate restoration of files accidentally removed due to user error. A. Object storage standard B. Block volume C. FSS D. NVMe
C is correct
You have an application running in Azure and a database in OCI. The relevant configuration have been completed by the cloud architect to federate OCI with Azure AD. Which of the following statements are true? A. It is not possible to connect resources in Azure with resources in OCI. B. Your on-premises network must be part of the topology allowing traffic to flow from Azure to your on-premises network and then out to your OCI VCN and vice versa C. Your on-premises network may be part of the topology allowing traffic to flow from Azure to your on-premises network and then out to your OCI VCN and vice versa, but it is not required. D. It is only possible to connect the OCI and Azure networks together. There is no option to further connect your on-premises network.
C is correct
Transparent Data Encryption (TDE) is a feature of the Advanced Security option available with Oracle Database Enterprise Edition. Choose the most accurate description of how TDE relates to Oracle Databases on OCI. A. DBCS databases are available with TDE as a possible option B. Only DBCS Enterprise Edition databases are available for TDE C. All DBCS database software editions, including Standard Edition, are available with TDE for use with tablespace encyrption D. DBCS databases are not available with TDE
C is correct.
Your organization has embraced the cloud, and all new employees are provided with thin client notebook computers. The central IT department has created a gold boot image to use as an image source for the user VMs. Which of the following statements are true about the custom image? A. It may be used to create VMs in any region to which your tenancy is subscribed B. It may be used to create VMs in all OCI regions C. It may be used to create VMs in any AD in the region where the Image is available D. It may be used to create VMs only in the AD where the image is available
C is correct. Custom images are available to use as an image source for boot volumes for VM in the same region, though they can be exported/imported between regions and/or tenancies.
Choose one or more approaches to allow OCI compute instances to access resources on the Internet. A. Configure a service gateway in your VCN B. Set up a local peering gateway to link your VCN to an lnternet enabled VCN C. Use a NAT gateway so instances in private subnets can access the Internet D. Set up a remote peering gateway using a DRG to connect to an Internet enabled region
C is correct. Internet gateways extend your VCN by providing Internet access to public subnets, while NAT gateways provide a mechanism for instances in private subnets to access the Internet.
Load balancers distribute traffic to backend sets using trattic distribution policies. Choose all valid load balancer traffic distribution policies. A. Hash partioning B. Most connections C. Weighted round robin D. Coin toss
C is correct. The three traffic distribution policies available for load balancers are weighted round robin, IP hash, and least connections.
A key database server was "lifted and shifted" to OCI into an instance based on the VM.Standard.E2.1 shape. The system has gotten more use than expected. What can be done to run this system on a more appropriate shape, like VM.Standard.E2.2, in the shortest time frame? A. Create a new instance using the VM.Standard.E2.2 shape and migrate the database using Data Guard. B. Create a new instance using the VM.Standard.E2.2 shape and migrate the database using Data Pump. C. Create a volume group with the boot and block volumes from the source VM.Standard.E2.1 system and clone the volume group. Launch a new VM.Standard.E2.2 shape instance using the boot volume and attach the block volumes from the cloned volume group. D. Export the VM.Standard.E2.1 system to VMDK format and import as a custom image. Create VM.Standard.E2.2 instance in emulated mode.
C is correct. This approach leaves the original instance in place. Cloning a volume group is relatively quick and creates a consistent snapshot of volumes to use on the target instance. An even quicker solution is to forego the volume group clone and stop the original instance, detach the volumes, and reuse them in the target instance.
You have a critical, OLTP, non-CDB 12c database that must be migrated to OCI with near—zero downtime. Which of the following approaches is best suited for zero- downtime migrations? A. SQL*Loader B. Data Pump C. ZDM D. Unplug/Plug
C is correct. Zero Downtime Migration makes use of logical replication tools such as Oracle GoldenGate 0r Active Data Guard to minimize downtime, achieving near-zero actual downtime during migration.
You have launched a compute instance running Oracle database in a private subnet in the Oracle Cloud Infrastructure US East region. You have also create a Service Gateway to back up the data files to OCI Object Storage in the same region. You have modified the security list associated with the private subnet to allow traffic to the Service Gateway, but your instance still cannot access OCI Object Storage. How can you resolve this issue? A. Use the default Security List, which has ports open for OCI Object Storage. B. Add a stateful rule that enables egress HTTPS (TCP port 443) traffic to OCI Object Storage in the security list associated with the private subnet C. Add a rule in the Route Table associated with the private subnet with Target type as "Service Gateway" and destination service as "all IAD services in the Oracle Service Network" D. Add a stateful rule that enables ingress HTTPS (TCP port 443) traffic to OCI Object Storage in the security list associated with the private subnet
C. Add a rule in the Route Table associated with the private subnet with Target type as "Service Gateway" and destination service as "all IAD services in the Oracle Service Network"***
You have the following compartment structure in your tenancy: Root compartment->Training->Training-sub1->Training-sub2 You create a policy in the root compartment to allow the default admin for the account (Administrators) to manage block volumes in compartment Training-sub2. What policy would you write to meet this requirement? A. Allow group Administrators to manage volume-family in compartment Training-sub1:Training-sub2 B. Allow group Administrators to manage volume-family in root compartment C. Allow group Administrators to manage volume-family in compartment Training: Training-sub1:Training-sub2 D. Allow group Administrators to manage volume-family in compartment Training-sub2
C. Allow group Administrators to manage volume-family in compartment Training: Training-sub1:Training-sub2***
Your primary 100TB database stored on block volume storage needs an archiving strategy. Over 80 percent of this database contains legacy data only being retained for compliance purposes that is almost never accessed. You have been tasked with reducing the database size by exporting the legacy data to the cheapest storage available and then dropping the relevant datafiles. The remaining datafiles must be moved to faster storage on OCI to enhance performance. Choose the strategy that accomplishes these objectives. A. Export the legacy data to block volumes and relocate the datafiles to NVMe storage. B. Export the legacy data to FSS and relocate the datafiles to NVMe storage. C. Export the legacy data to archive tier object storage and relocate the datafiles to NVMe storage. D. Export the legacy data to archive tier object storage and relocate the datafiles to FSS storage
C. Export the legacy data to archive tier object storage and relocate the datafiles to NVMe storage. *NVMe scales to TBs and has better I/O performance than block volumes. Archive tier object storage has almost unlimitied scale and is well suited for archiving infrequently accessed data. A&B are incorrect because block volumes and FSS are more costly than object storage. D is incorrect because FSS is slower than block volume storage.
You have two line of business operations (LOB1, LOB2) leveraging Oracle Cloud Infrastructure. LOB1 is deployed with VCN1 in the OCI US East region, while LOB2 is deployed in VCN2 in the US West region. You need to peer VCN1 and VCN2 for disaster recovery and data backup purposes. To ensure you can utilize the OCI virtual Cloud Network remote peering feature, which CIDR ranges should be used? A. VCN1 (10.0.0.0/16) and VCN2 (10.0.1.0/24) B. VCN1 (192.168.0.0/16) and VCN2 (192.168.1.0/27) C. VCN1 (10.0.0.0/16) and VCN2 (172.16.0.0/16)*** D. VCN1 (172.16.1.0/24) and VCN2 (172.16.1.0/27)
C. VCN1 (10.0.0.0/16) and VCN2 (172.16.0.0/16)***
You set up an Oracle Data Guard configuration on two compute instance VMs in a single availability domain. What feature on ADs should be leveraged to protect your Data Guard system from a hardware rack failure? A. Create the VMs with the primary and standby databases in separate VCNs B. Create the VMs with the primary and standby databases in separate subnets. C. Locate the primary and standby database instances in separate fault domains D. Ensure that the primary and standby database instances use separate block volumes for datafiles
C. is correct
What does compute instance vertical scaling mean?
Changing to a larger or smaller shape
You have an application deployed in OCI running in the US East region. You have been asked to create a disaster recovery plan that will protect against the lost of critical data. The DR site must be at least a few hundred miles from your primary site and data transfer between the two sites must not traverse the public internet. Which is the lowest latency and lowest cost recommended DR plan?
Create a DR environment in the US West Region. Associate a Dynamic Routing Gateway (DRG) with the VCN in each region and create a remote peering connection between the two VCNs.
Which is the most cost-effective tier of OCI object storage? A. S3 B. Glacier C. Standard D. Archlve
D is correct. Archive storage is suitable For long term data retention and is highly durable and affordable. However, restoring data from archive storage can be a lengthy process requiring a restore operation before the data may be downloaded.
You are migrating an important on-premises data warehouse to ADW. Fortunately, data is only loaded into the warehouse once a month from operational data stores. Which of the following migration techniques are most suitable to migrate the data warehouse while ensuring it remains available for queries during the migration? A. RMAN B. Remote Cloning C. Unplug/Plug D. DataPump
D is correct. Data Pump exports may be imported into ADW databases.
Choose one or more approaches to allow OCI compute instances to access resources on the Internet. A. Configure a service gateway in your VCN B. Set up a local peering gateway to link your VCN to an lnternet-enabled VCN C. Set up a remote peering gateway using a DRG to connect to an Internet-enabled region D. Use an Internet gateway so instances in public subnets can access the Internet
D is correct. Internet gateways extend your VCN by providing Internet access to public subnets while NAT gateways provide a mechanism for instances in private subnets to access the Internet.
Local nonfederated OCI user Neo has several capabilities. Which of the following capabilities are not applicable for Neo? A. Using a local password for direct OCI console access B. Adding API Keys C. Generating Auth tokens D. Belonging to both IDCS and OCI groups
D is correct. Local nonfederated users only belong to OCI groups and not to IDCS groups.
While designing the architecture for your external corporate website to be hosted on OCI, you are confronted by many design choices including the load balancer traffic distribution policy. Employees using your company on-premises network to connect to the website go through a single NAT router and account for more than half the traffic to the site. Which of the following load balancer traffic distribution policies are most suitable, considering all the backend set servers have identical CPU, memory, and storage resources? A. IP hash B. Most connections C. Geolocation steering D. Round robin
D is correct. Round robin is a simple policy that distributes incoming traffic sequentially to each server in a backend set list, regardless of the incoming client IP address. Round robin works best when all backend servers are similar.
A subnet is defined with the CIDR 129.183.0122. How many IP addresses from this CIDH block are reserved by OCI? A. 22 B. 0 C. 2 D.3
D is correct. The OCI networking service reserves the first IP address, known as the network address, the last IP address, known as the broadcast address, and as the first host address in the CIDR range, known as the subnet default gateway address
Border Gateway Protocol (BGP) is an external routing protocol designed for traffic between autonomous systems on the Internet. Which ot the following statements regarding BGP and OCI is true? A. BGP is supported with lPSec VPN B. BGP is supported with DRG C. BGP is supported with CPE D. BGP is supported with FastConnect
D. BGP is supported with FastConnect when connecting external networks to your VCN.
You have a instance running in a development compartment that needs to make API calls against other OCI services, but you do not want to configure user creditials or a store a configuration file on the instance. How can you meet this requirement? A. Create a dynamic group with matching rules to include your instance B. Instances are secure and cannot make calls to other OCI services. C. Instances can automatically make calls to other OCI services. D. Create a dynamic group with matching rules to include your instance and write a policy for this dynamic group
D. Create a dynamic group with matching rules to include your instance and write a policy for this dynamic group***
You have an application that requires a shared file system. Which OCI service would you choose? A. Block volume B. Archive Storage C. Object Storage D. File Storage
D. File Storage
Which OCI storage does not provide encryption for data-at-rest? A. Block volume B. File Storage C. Object Storage D. Local NVMe
D. Local NVMe
How is total net work throughput allocated to a VM instance? A. When launching a compute instance, customers may select the desired maximum network bandwidth. B. Each VM is allocated 10 Gbps of network bandwidth regardless of the selected shape C. Network bandwidth is variable D. Network bandwidth is proportional to the number of OCPUs in the instance shape
D. Network bandwidth is proportional to the number of OCPUs in the instance shape ***
Which resource do you manage in an IaaS offering? A. Networking B. Servers C. Storage D. Operating System
D. Operating System ***
You want to leverage a managed RAC offering in OCI. Which OCI managed database service would you choose? A. Bare Metal DB systems B. Autonomous Data Warehousing (shared) C. Autonomous Transaction Processing (shared) D. VM DB Systems
D. VM DB Systems
Which statement is correct regarding the OCI Compute service? A. You cannot attach a block volume to a compute instance. B. When you stop a compute instance, all data on the boot volume is lost. C. You can attach a maximum of one public IP to each compute instance. D. You can launch either virtual machines or bare metal instances
D. You can launch either virtual machine or bare metal instances.
One of the block volume attributes to note is lifecycle state. Which of the following states is a valid litecycle state for block volume? A. PROVISIONING B. COMPLETE C. ATTACHING D. CREATING
D. is correct. PROVISIONING, AVAILABLE,TERMINATING,TERMINATED, FAULTY, and RESTORING are valid iifecycle states for a block volume.