OCI
You are a network architect of an application running on Oracle Cloud Infrastructure (OCI). Your security team has informed you about a security patch that needs to be applied immediately to one of the backend web servers. What should you do to ensure that the OCI load balancer does not forward traffic to this backend server during maintenance? - Drain all existing connections to this backend server and mark the backend web server offline - Create another OCI load balancer for the backend web servers, which are active and handling traffic - Edit the security list associated with the subnet to avoid traffic connectivity to this backend serve - Stop the load balancer for maintenance and restart the load balancer after the maintenance is finished
- Drain all existing connections to this backend server and mark the backend web server offline
Which two actions will occur when a back-end server that is registered with a backend set is marked to drain connections? (Choose two) - It disallows new connections to that backend server. - It keeps the connections to that instance open and attempts to complete any in-flight requests. - It redirects the requests to a user-defined error page. - It immediately closes all existing connections to that instance. - It forcibly closes all connections to that instance after a timeout period.
- It disallows new connections to that backend server. - It keeps the connections to that instance open and attempts to complete any in-flight requests.
Which certificate format is used with the load balancer? - PFX - PEM - PKCS12 - CRT
- PEM
Why are two subnets required to create a public load balancer when additional subnets are often used for back-end servers? (Choose two) - Routing is simpler when the load balancer is not in the same subnet as the back-end server. - Performance is higher when more subnets are used. - Additional subnets for back-end servers allow for separate route tables for these servers. - Additional subnets for back-end servers allow for separate security lists for these servers
- Performance is higher when more subnets are used. - Additional subnets for back-end servers allow for separate security lists for these servers
Your application consists of three Oracle Cloud Infrastructure compute instances running behind a public load balancer. You have configured the load balancer to perform health checks on these instances, but one of the three instances fails to pass the configured health check. Which of the following action will the load balancer perform? - Stop sending traffic to the instance that failed health check - Terminate the instance that failed health check - Stop the instances that failed health check - Remove the instance that failed the health check from the backend set
- Stop sending traffic to the instance that failed health check
You are an administrator with an application running on OCI. The company has a fleet of OCI compute virtual instances behind an OCI Load Balancer. The OCI Load Balancer Backend Set health check API is providing a 'Critical' level warning. You have confirmed that your application is running healthy on the backend servers. What is the possible reason for this 'Critical' warning? - A user does not have correct IAM credentials on the Backend Servers. - The Backend Server VCN's Route Table does not include the route for OCI LB. - OCI Load Balancer Listener is not configured correctly. - The Backend Server VCN's Security List does not include the IP range for the source of the health check requests.
- The Backend Server VCN's Security List does not include the IP range for the source of the health check requests.
Your application front end consists of several Oracle Cloud Infrastructure compute instances behind a public load balancer. You have configured the load balancer to perform health checks on these instances. What will happen if an instance fails to pass the configured health checks? - The instance is replaced automatically by the load balancer. - The instance is terminated automatically by the load balancer. - The instance is taken out of the back end set by the load balancer. - The load balancer stops sending traffic to that instance.
- The load balancer stops sending traffic to that instance
You are an administrator with an application running in Oracle Cloud Infrastructure (OCI). The company has a fleet of OCI compute virtual instances behind an load balancer. The load balancer backend set health check API is providing a 'Critical' level warning. You have confirmed that your application Is running healthy on the backend servers. What Is the possible reason for this 'Critical' warning? - The load balancer listener is not configured correctly. - The security list associated with the subnet In which the backend server is provisioned does not include the IP range for the source of the health check requests. - A user does not have correct Identity and Access Management (IAM) credentials on the backend servers. - The route table associated with the subnet in which the backend server is provisioned does not include the route for the OCI load balancer.
- The security list associated with the subnet In which the backend server is provisioned does not include the IP range for the source of the health check requests.
Which three must be configured for a load balancer to accept incoming traffic?(Choose two) - a listener - a back-end server - a back-end set - a security list that is open on a listener port - a certificate
- a listener - a security list that is open on a listener port
What is the maximum CIDR range that can be assigned when configuring a Virtual Cloud Network? /16 /24 /26 /8
/16
You have an Oracle Cloud Infrastructure (OCI) load balancer distributing traffic via an evenly- weighted round-robin policy to your back-end web servers. You notice that one of your web servers is receiving more traffic than other web servers. How can you resolve this to make sure traffic is evenly distributed across all back-end webservers? 1. Disable cookie-based session persistence on your backend set. 2. Change keep-alive setting between the load balancer and backend server. 3. Disable SSL configuration associated with your backend set. 4. Create separate listeners for each backend web server.
1. Disable cookie-based session persistence on your backend set.
You are running a mission-critical database application in Oracle Cloud Infrastructure (OCI). You take regular backups of your DB system to OCI object storage. Recently, you notice a failed database backup status in the console. What step can you take to determine the cause of the backup failure? 1. Ensure that your database host can connect to OCI object storage 2. Ensure the database archiving mode is set to NOARCHIVELOG 3. Make sure that the database is not active and running while the backup is in progress 4. Don't restart the dcsagent program even if it has a status of stop/waiting
1. Ensure that your database host can connect to OCI object storage
You are about to upload a log file (5 TiB size) to Oracle Cloud Infrastructure object storage and have decided to use multipart upload capability for a more efficient and resilient upload. Which two statements are true about multipart upload? 1. Individual object parts can be as small as 10 MiB or as large as 50 GiB 2. While a multipart upload is still active, you cannot add parts even if the total number of parts is less than 10,000 3. The maximum size for an uploaded object is 10 TiB 4. You do not have to commit the upload after you have uploaded all the object parts
1. Individual object parts can be as small as 10 MiB or as large as 50 GiB 3. The maximum size for an uploaded object is 10 TiB
Which statement is true about restoring a block volume from a manual or policy-based block volume backup? 1. It can be restored as new volumes to any Availability Domain within the same region 2. It must be restored as new volumes to the same Availability Domain on which the original block volume backup resides 3. It can be restored as new volumes to any Availability Domain across different regions 4. It can be restored as new volumes with different sizes from the backups
1. It can be restored as new volumes to any Availability Domain within the same region
You have an application server running in a public subnet on a compute instance in US West (us- phoenix-1) region of Oracle Cloud Infrastructure (OCI). The data sitting on this instance needs to be copied to OCI Object storage bucket available in the same region without traversing over the internet. To enable the connectivity between the instance and Object Storage, you created a service gateway with service CIDR of all Object Storage in us-phoenix-1 enabled. You also modified the security rules to allow the desired traffic. However, when you tried sending the data to the Object Storage bucket, you notice that the data is going over the internet and not via the service gateway. What could be the possible reason for this behavior? 1. The route table associated with the subnet has no route rule where the destination is object storage service 2. The service gateway created in the VCN resides in a different availability domain 3. The security list associated with the subnet has an egress rule that allows all traffic to be forwarded to a destination CIDR 0.0.0.0/0 4. Identity and Access Management (IAM) policies restrict the access to the object storage bucket
1. The route table associated with the subnet has no route rule where the destination is object storage service
Your company uses the Oracle Cloud Infrastructure (OCI) Object Storage service to share large data sets with its data science team. The data science team consists of 20 people who work from offices in Washington, D.C., and Tokyo. While working in these offices, employees are assigned an IP address from the public IP range 129.146.31.0/27. Which two steps should you take to ensure that the Object Storage bucket used in this scenario was only accessible from these office locations? 1. Write an IAM policy that includes the conditional statement where request.networkSource.name =CorpNet 2. Set the bucket visibility to public and only share the URL with the data science team via email 3. Create a pre-authenticated request for each data set and only share with the data science team via email 4. Create a Network Source named CorpNetwork with a CIDR block of 129.146.31.0/27 5. Create a Network Source named CorpNetwork with a CIDR block of 129.146.0.0/16 6. Write an IAM policy that includes the conditional statement where request.region = 129.146.31.0/27
1. Write an IAM policy that includes the conditional statement where request.networkSource.name =CorpNet 4. Create a Network Source named CorpNetwork with a CIDR block of 129.146.31.0/27
Which two statements are true about Oracle Cloud Infrastructure storage services? 1. You can move Object Storage buckets, Block Volumes and File Storage mount targets between compartments 2. File storage mount target does not provide a private IP address, while the Object Storage bucket provides one 3. File Storage uses the network file system (NFS) protocol, whereas Block Volume uses ISCSI 4. Block Volume service scales to Exabytes per Instance, while File Storage service offers unlimited scalability
1. You can move Object Storage buckets, Block Volumes and File Storage mount targets between compartments 3. File Storage uses the network file system (NFS) protocol, whereas Block Volume uses ISCSI
You create a public Load Balancer instance and configure a back end set "BES1" with one back end server running a service on port 80. You also create a listener on port 80 and configure that listener to use the back end set "BES1". A client makes one HTTP request to the Load Balancer with the correct protocol and port. How many connections does the Load Balancer maintain? - 1 -2 -4 -3
2
You work for a health insurance company that stores a large number of patient health records in an Oracle Cloud Infrastructure (OCI) Object Storage bucket named "HealthRecords". Each record needs to be securely stored for a period of 5 years for regulatory compliance purposes and cannot be modified, overwritten or deleted during this time period. What can you do to meet this requirement? 1. Create an OCI Object Storage Lifecycle Policies rule to archive objects in the HealthRecords bucket for five years. 2. Create an OCI Object Storage time-bound Retention Rule on the HealthRecords bucket for five years. Enable Retention Rule Lock on this bucket. 3. Enable encryption on the HealthRecords bucket using your own vault master encryption keys. 4. Enable versioning on the HealthRecords bucke
2. Create an OCI Object Storage time-bound Retention Rule on the HealthRecords bucket for five years. Enable Retention Rule Lock on this bucket.
You have multiple applications installed on a compute instance and these applications generate a large amount of log files. These log files must reside on the boot volume for a minimum of 15 days and must be retained for at least 60 days. The 60-day retention requirement is causing an issue with available disk space. What are the two recommended methods to provide additional boot volume space for this compute instance? 1. Terminate the instance while preserving the boot volume. Create a new instance from the boot volume and select a DenseIO shape to take advantage of local NVMe storage. 2. Create an object storage bucket and use a script that runs daily to move log files older than 15 days to the bucket 3. Create and attach a block volume to the compute instance and copy the log files 4. Create a custom image and launch a new compute instance with a larger boot volume size 5. Write a custom script to remove the log files on a daily basis and free up the space on the boot volume
2. Create an object storage bucket and use a script that runs daily to move log files older than 15 days to the bucket 4. Create a custom image and launch a new compute instance with a larger boot volume size
Which of the following statements is true about the Oracle Cloud Infrastructure (OCI) Object Storage server side encryption? 1. Encryption of data encryption keys with a master encryption key is optional. 2. Customer-provided encryption keys are always stored in OCI Vault service. 3. Encryption is enabled by default and cannot be turned off. 4. Each object in a bucket is always encrypted with the same data encryption key.
2. Customer-provided encryption keys are always stored in OCI Vault service.
Which two statements about Oracle Cloud Infrastructure File Storage Service are accurate? 1. Customer can encrypt the communication to a mount target via export options 2. Mount targets use Oracle-managed keys by default 3. File systems use Oracle-managed keys by default 4. Customer can encrypt data in their file system using their own Vault encryption key 5. Communication with file systems in a mount target is encrypted via HTTPS
2. Mount targets use Oracle-managed keys by default 4. Customer can encrypt data in their file system using their own Vault encryption key
Which statement is true about Oracle Cloud Infrastructure Object Storage Service? 1. An Archive Object Storage tier bucket can be upgraded to the Standard Object Storage tier 2. You cannot directly download an object from an Archive Object Storage bucket 3. An existing Standard Object Storage tier bucket can be downgraded to the Archive Object Storage tier 4. Data retrieval in Archive Object Storage is instantaneous
2. You cannot directly download an object from an Archive Object Storage bucket
As a solution architect, you are showcasing the Oracle Cloud Infrastructure (OCI) Object Storage feature about Object Versioning to a customer. Which statement is true in regards to OCI Object Storage Versioning? 1. Object versioning does not provide data protection against accidental or malicious object update, overwrite, or deletion. 2. By default, object versioning is disabled on a bucket. 3. A bucket that is versioning-enabled can have only and always will have a latest version of the object in the bucket. 4. Objects are physically deleted from a bucket when versioning is enabled.
3. A bucket that is versioning-enabled can have only and always will have a latest version of the object in the bucket.
With regard to Oracle Cloud Infrastructure Load Balancing service, which two actions will occur when a backend server that is registered with a backend set is marked to drain connections? (Choose two) 1. All existing connections to this backend sever will be immediately closed. 2. Requests to this backend server are redirected to a user-defined error page. 3. All new connections to this backend server are disallowed. 4. Connections to this backend server will remain open until all in-flight requests are completed. 5. All connections to this backend server are forcibly closed after a timeout period.
3. All new connections to this backend server are disallowed. 4. Connections to this backend server will remain open until all in-flight requests are completed.
You are designing a lab exercise for your team that has a large number of graphics with large file sizes. The application becomes unresponsive if the graphics are embedded in the application. You have uploaded the graphics to Oracle Cloud Infrastructure and only added the URL in the application. You need to ensure these graphics are accessible without requiring any authentication for an extended period of time. How can you achieve these requirements? 1. Create pre-authenticated requests (PAR) and specify 00:00:0000 as the expiration time. 2. Make the object storage bucket private and all objects public and use the URL found in the Object "Details" 3. Make the object storage bucket public and use the URL found in the Object "Details" 4. Create PARs and do not specify an expiration date
3. Make the object storage bucket public and use the URL found in the Object "Details"
Question 5: Which statement is NOT true about the Oracle Cloud Infrastructure Object Storage service? 1. Object storage resources can be shared across tenancies 2. Immutable option for data stored in the Object Storage can be set via retention rules 3. Object versioning is enabled at namespace level 4. Object lifecycle rules can be used to either archive or delete objects
3. Object versioning is enabled at namespace level
Which option is NOT a valid action within the Oracle Cloud Infrastructure (OCI) Block Volume service? 1. Clone an existing volume to a new, larger volume 2. Restore from a volume backup to a larger volume 3. Shrink an existing volume in place with offline resizing 4. Expand an existing volume in place with offline resizing
3. Shrink an existing volume in place with offline resizing
Which statement is true about cloning a volume? 1. You need to detach a volume before cloning from it 2. A cloned volume is the same as a snapshot that has a dependency on the source volume 3. You can change the block volume size when cloning a volume 4. You can create a clone for a volume across regions
3. You can change the block volume size when cloning a volume
Which two statements are true about restoring a volume from a block volume backup in Oracle Cloud Infrastructure Block Volume service? 1. You can restore a volume from any full volume backup but not from an Incremental backup 2. You can only restore a volume to the same availability domain in which the original block volume resides 3. You can restore a block volume backup to a larger volume size 4. You can restore a volume to any availability domain within the same region where the backup is stored 5. You can restore only one volume from a manual block volume
3. You can restore a block volume backup to a larger volume size 4. You can restore a volume to any availability domain within the same region where the backup is stored
You have one database-style application that frequently makes many random reads and writes across the dataset. Which storage offering supports this application? 1. Object Storage Service 2. Archive Storage Service 3. File Storage Service 4. Block Storage Service
4. Block Storage Service
Which two statements are true about the Oracle Cloud Infrastructure Object Storage Service? 1. It provides higher IOPS than Block Storage 2. It can be directly attached or detached from a compute instance 3. Data is stored redundantly only in a single AD 4. Data is stored redundantly across multiple availability domains (ADs) in a multi-AD region 5. It provides strong consistency
4. Data is stored redundantly across multiple availability domains (ADs) in a multi-AD region 5. It provides strong consistency
You are responsible for creating and maintaining an enterprise application that consists of multiple storage volumes across multiple compute instances in Oracle Cloud Infrastructure (OCI). The storage volumes include boot volumes and block volumes for your data storage. You need to create backups of these storage volumes in the most time-efficient manner. How can you meet this requirement? 1. Create clones of all boot volumes and block volumes one at a time 2. Create on-demand full backups of boot volumes, and copy data in block volumes to Object Storage using OCI CLI 3. Create on-demand full backups of block volumes, and create custom images from the boot volumes 4. Group together multiple storage volumes in a volume group and create volume group backups
4. Group together multiple storage volumes in a volume group and create volume group backups
Which statement is true about a pre-authenticated request in Oracle Cloud Infrastructure Object Storage? 1. You can create only 1, 000 pre-authenticated requests per bucket 2. You can create a pre-authenticated request only for public buckets 3. You cannot retire a pre-authenticated request before it expires 4. You cannot extend the expiration date on a pre-authenticated request
4. You cannot extend the expiration date on a pre-authenticated request
Given: When creating multiple subnets within a Virtual Cloud Network (VCN), security lists are often made to group common services, for example, SSH and RDP (remote access), 80 and 443 (HTTP), and so on. By default, what is the maximum number of security lists that can be associated with a subnet upon creation? 4 2 5 3
5
Which two statements are true about an Oracle Cloud Infrastructure Virtual Cloud Network (VCN)? (Choose two.) A VCN can reside in multiple Oracle Cloud Infrastructure regions and Availability Domains. A VCN covers a single contiguous IPv4 CIDR block of your choice. An allowable VCN size range is: /16 to /30. A VCN creates the dynamic routing gateway by default.
A VCN covers a single contiguous IPv4 CIDR block of your choice. An allowable VCN size range is: /16 to /30.
Which two statements are true about policies? You can use read, write, manage, and inspect as verbs for defining a policy. A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how. Users need not do anything but still have to be added to a group with appropriate policies defined. You can deny access to a group via policies.
A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how. Users need not do anything but still have to be added to a group with appropriate policies defined.
Which two choices are true for Oracle Autonomous Database with Shared Exadata Infrastructure?(Choose two) A. Billing for storage usage continues when autonomous database is stopped. B. Billing stops for both CPU and storage usage when autonomous database is stopped. C. Billing for compute usage stops when autonomous database is stopped. D. Autonomous database does not support per-second billing. E. Billing does not stop when autonomous database is terminated.
A. Billing for storage usage continues when autonomous database is stopped. C. Billing for compute usage stops when autonomous database is stopped.
You are managing a tier-1 OLTP application on an Autonomous Transaction Processing (ATP) database. Your business needs to run hourly batch processes on this ATP database that may consume more CPUs than what is available on the server. How can you limit these batch processes to not interfere with the OLTP transactions? A. Configure ATP resource management rules to change CPU/IO shares for the consumer group of batch processes. B. Copy OLTP data into new tables in a new table space and run batch processes against these new tables. C. Disable automated backup during the batch process operations. D. ATP is designed for OLTP workload only, you cannot run batch processes on ATP.
A. Configure ATP resource management rules to change CPU/IO shares for the consumer group of batch processes.
You currently manage an e-commerce application that utilizes 25 identical compute resources to handle customer traffic. The stakeholders have asked you to create another 25 identical compute resources in order to deploy and test a new version of the software? What is the most efficient process to create 25 additional compute resources that are identical to the first 25? A. Create a custom image from 1 of the 25 servers. Use this custom image to provision 25 more servers B. Create a manual backup of each boot volume belonging to the 25 servers. Restore each backup to create 25 new boot volumes, from which you will provision 25 more servers C. Provision a new server and configure it to be identical to the first 25. Create a custom image from the new server, then use the custom image to provision 24 more servers D. Clone the boot volume of 1 of the 25 servers. Use the boot volume clone to provision 25 more servers
A. Create a custom image from 1 of the 25 servers. Use this custom image to provision 25 more servers
You provisioned an Oracle Autonomous Data Warehouse (ADW) on Oracle Cloud Infrastructure (OCI) and imported data into ADW. You want to give your business analyst the ability to connect to the ADW database and run queries. Which two actions can help you meet this requirement? (Choose two). A. Create a database user account for the business analyst. B. Grant the predefined database role DWROLE to the database user. C. Grant unlimited tablespace privilege to the database user. D. Grant the predefined database role DWADW to the database user. E. Grant the predefined database role DWUSER to the database user.
A. Create a database user account for the business analyst. B. Grant the predefined database role DWROLE to the database user.
You have created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system so you have provisioned one using the file storage service (FSS). You also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that both application servers and the DB System can access the file system. The security team determines that the DB System should have read-only access to the file system. What change would you make to satisfy this requirement? A. Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet. B. Connect via SSH to one of the application servers where the file system has been mounted. Use the Unix command chmod to change permissions on the file system directory, allowing the database user read only access. C. Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateless. D. Create an instance principal for the DB System. Write an Identity and Access Management (IAM) policy that allows the instance principal read-only access to the file storage service.
A. Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet.
Which two features are offered natively on Oracle Cloud Infrastructure Database Cloud Service (DBCS)? (Choose two) A. Data Guard in Async mode within a region B.GoldenGate replication between two regions C. Data Guard in Maximum Protection mode D. backup to Object Storage
A. Data Guard in Async mode within a region D. backup to Object Storage
Which two methods are supported for migrating your on-premises Oracle database to an Oracle Autonomous Transaction Processing (ATP) database in Oracle Cloud Infrastructure? (Choose two.) A. Load text files into ATP using SQL Developer. B. Use RMAN duplicate. C. Use Oracle Data Pump. D. Transfer the physical database files and re-create the database. E. Use database backup and restore
A. Load text files into ATP using SQL Developer. C. Use Oracle Data Pump.
What is the default backup location for database backup on Database Cloud Service (DBCS)? A. Object Storage on Oracle Cloud Infrastructure B. ASM diskgroup C. block volume D. locally attached NVMe on Virtual Machine
A. Object Storage on Oracle Cloud Infrastructure
You have deployed a compute instance (VM.Standard2.24) to run an Oracle database. With this set up, you run into some performance issues and want to leverage an OCI Dense IO shape (VM.DenseIO2.24), with which you get 25.6 TB local NVMe SSD. You do not want to lose the configuration changes you made to the instance. Which of the following TWO steps ARE NOT required to make this transition? A. Terminate the VM.Standard2.24 instance and do not preserve the boot volume B. Create a new instance using the VM.Dense102.24 shape using the preserved boot volume and move the Oracle Database data to NVMe disks C. Terminate the VM.Standard2.24 instance and preserve the boot volume D. Create a new instance using a VM.DenseIO2.24 shape using the preserved boot volume and move the Oracle Database data to block volumes
A. Terminate the VM.Standard2.24 instance and do not preserve the boot volume D. Create a new instance using a VM.DenseIO2.24 shape using the preserved boot volume and move the Oracle Database data to block volumes
You have an AI/ML application running on Oracle Cloud Infrastructure. You identified that the application needs GPU and at least 20Gbps Network throughput. The application is currently using a VM.Standard2.1 compute without any block storage attached to it. Which two options allow you to get your required performance for your application? (Choose two.) A. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved, but no block volume attached. B. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.Standard2.2 shape using the boot volume preserved, but no block volume attached. C. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.GPU3.4 shape using the boot volume preserved and use the NVMe devices to host your application. D. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.HPC2.36 shape using the boot volume preserved and use the NVMe devices to host your application. E. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved and attach a new block volume to host your application.
A. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved, but no block volume attached. C. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.GPU3.4 shape using the boot volume preserved and use the NVMe devices to host your application.
You have an application running on Oracle Cloud Infrastructure. You Identified that the read and write operations are slowing your application down enough to impair user access. The application is currently using a VM.Standard2.1 compute without any block storage attached to it. Which two options allow you to increase disk IOPS performance? A. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.DenseI02.8 shape using the boot volume preserved and use the NVMe devices to host your application. B. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.Standard2.2 shape using the boot volume preserved and attach a new block volume to host your application. C. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.Standard2.2 shape using the boot volume preserved, but no block volume attached. D. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved, but no block volume attached.
A. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.DenseI02.8 shape using the boot volume preserved and use the NVMe devices to host your application. D. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved, but no block volume attached.
Which two statements are true about Oracle Cloud Infrastructure Compute Service? (Choose two.) A. You can launch a virtual or bare metal instance by using the same LaunchInstance API. B. You cannot launch a bare metal server in Oracle Cloud Infrastructure Compute Service. C. You can attach a block volume in an Availability Domain other than your compute instance. D. You can share custom images across tenancies and regions.
A. You can launch a virtual or bare metal instance by using the same LaunchInstance API. D. You can share custom images across tenancies and regions.
Which five are the required parameters to launch an instance in Oracle Cloud Infrastructure? (Choose five.) A. subnet B. Availability Domain C. Virtual Cloud Network D. host name E. instance shape F. image operating system G. private IP address
A. subnet B. Availability Domain C. Virtual Cloud Network E. instance shape F. image operating system
Which three types of credentials are used to manage Oracle Cloud Infrastructure Identity and Access Management (IAM)? (Choose three.) Windows Password API Signing Key Swift Password SSH Key Console Password
API Signing Key, Swift password, Console Password
You have been asked to create an Identity and Access Management (IAM) user that will authenticate to Oracle Cloud Infrastructure (OCI) API endpoints. This user must not be given credentials that would allow them to log into the OCI console. Which two authentication options can you use? (Choose two.) SSL certificate API signing key SSH key pair PEM Certificate file Auth token
API signing key and Auth token
You have launched a compute instance running Oracle database in a private subnet in the Oracle Cloud Infrastructure US East region. You have also created a Service Gateway to back up the data files to OCI Object Storage in the same region. You have modified the security list associated with the private subnet to allow traffic to the Service Gateway, but your instance still cannot access OCI Object Storage. How can you resolve this issue? Add a stateful rule that enables ingress HTTPS (TOP port 443) traffic to 001 Object Storage in the security list associated with the private subnet Add a stateful rule that enables egress HTTPS (TCP port 443) traffic to OCI Object Storage in the security list associated with the private subnet Add a rule in the Route Table associated with the private subnet with Target type as "Service Gateway" and destination service as all IAD services in the Oracle Service Network.' Use the default Security List, which has ports open for OCI Object Storage
Add a rule in the Route Table associated with the private subnet with Target type as "Service Gateway" and destination service as all IAD services in the Oracle Service Network.'
A new employee has just started working for your company. You create an Oracle Cloud Infrastructure user account for this employee, following which they are able to log in, but still cannot create any resources. What should you do to resolve this? Send the employee API Signing Keys to log in. Delete the account and create another one. Make sure that the employee is logging in to the Oracle Cloud Infrastructure account from your corporate network only. Add the employee to a group with policies to grant access to relevant resources.
Add the employee to a group with policies to grant access to relevant resources.
You are asked to create a user that will access programmatic endpoints in Oracle Cloud Infrastructure. The user must not be allowed to authenticate by username and password. Which two authentication options can you use? (Choose two.) PEM Certificate file Auth tokens API signing key Windows password SSH key pair
Auth tokens and API Singing Keys
Which statement Is true about Data Guard implementation in Oracle Cloud Infrastructure (OCI) bare metal and virtual machine database systems? A. Primary and standby databases must be in the same OCI region. B. Both database systems must be in the same compartment. C. Database systems need not be the same shape type (e.g, primary database can be a virtual machine, and standby database a bare metal shape, and vice versa). D. Primary and standby database versions and editions need not be Identical
B. Both database systems must be in the same compartment.
You are running an online gaming application hosted on a VM.Standard2.1 instance shape in Oracle Cloud Infrastructure. As the game becomes popular, you identify network throughput as a bottleneck on your instance when uploading user data. Though you want to resolve the issue, you want to observe the demand for a week before adding new application instances. Which action is the most efficient way to resolve this issue? A. Add a secondary virtual network interface card (VNIC). B. Change shape of the instance to a higher network bandwidth instance. C. Delete the instance while preserving boot volume and spin up a new higher network bandwidth instance with this boot volume. D. Change the performance tier of attached block volume to High Performance.
B. Change shape of the instance to a higher network bandwidth instance.
As the Cloud Architect for your company, you have been tasked with designing a high performance (HPC) cluster in Oracle Cloud Infrastructure (OCI). The following requirements have been defined: The cluster must be a minimum of three nodes, but may increase to six nodes when demand requires. The cluster must be resilient to any potential infrastructure failures. To minimize latency, all nodes must be deployed within the same availability domain (AD). Adding or replacing nodes within the cluster should take no more than 30 minutes. Which two steps should be performed to satisfy these requirements in OCI? (Choose two.) A. Deploy the cluster in a single AD with a shared file system that leverages the file storage service (FSS). Deploy a standby cluster in another AD and configure it to use the same shared file system. B. Deploy the cluster in a single AD. Place each of the nodes in one of the three different fault domains in that AD. C. Create a backup of your HPC node compute instance boot volume. Launch new compute instances directly from the backup reduce provisioning time. D. Create a custom image of your HPC node compute instance. Launch new compute instances using this image to reduce provisioning time. E. Deploy the cluster in a single AD. Place each of the nodes in a different virtual cloud network (VCN) subnet.
B. Deploy the cluster in a single AD. Place each of the nodes in one of the three different fault domains in that AD. D. Create a custom image of your HPC node compute instance. Launch new compute instances using this image to reduce provisioning time.
You deployed a database on a Standard Compute instance in Oracle Cloud Infrastructure (OCI) due to cost concerns. The database requires additional storage with high I/O and you decided to use OCI Block Volume service for it. With this requirement in mind, which elastic performance option should you choose for the Block Volume? A. Balanced Performance B. Higher performance C. Extreme performance D. Lower cost
B. Higher performance
You create an autoscaling configuration of Linux compute instances in Oracle Cloud Infrastructure (OCI). You noticed that your application is running slow. After checking your compute instances, you noticed that autoscaling is not launching additional instances, even though the existing compute instances already have high memory usage. How can you resolve this issue? A. Modify the scaling policy to monitor memory usage and scale up the number of instances when it meets the threshold. B. Modify the scaling policy to monitor CPU usage and scale up the number of instances when it meets the threshold. C. Install the monitoring agent to all compute instances which will trigger the autoscaling group. D. Install OCI SDK in all compute instances and create a script that will trigger the autoscaling event if there is high memory usage.
B. Modify the scaling policy to monitor CPU usage and scale up the number of instances when it meets the threshold.
Which two resources are availability domain constructs? (Choose two.) VCN Groups Block Volume Compute Instance Object Storage
Block Volume and Compute Instance
Which two resources reside exclusively in a single Oracle Cloud Infrastructure Availability Domain? (Choose two.) Identity and Access Management Groups Object Storage Web Application Firewall policy Block volume Compute instance
Block Volume and Compute Instance
When terminating a compute instance, you want to preserve the boot volume and its data. Which step will you need to perform? A. You cannot preserve the boot volume; it will always be deleted when you terminate the instance. B. Reboot the instance first, and then terminate the instance. C. Disable the default option to delete the boot volume when terminating an instance. D. Before terminating the instance, you must detach the boot volume.
C. Disable the default option to delete the boot volume when terminating an instance.
You are running several Linux based operating systems in your on .premises environment that you want to import to OCI as custom images. You can launch your imported images as OCI compute Virtual machines. Which two modes below can be used to launch these imported Linux VMs? A. Native B. Mixed C. Paravirtualized D. Emulated
C. Paravirtualized D. Emulated
Which two tools would you use to manage Database Cloud Service (DBCS)? (Choose two.) A. psql B. Oracle Swingbench C. SQL Developer D. Oracle Enterprise Manager
C. SQL Developer D. Oracle Enterprise Manager
Which scaling option does Database Cloud Service (DBCS) on Bare Metal Shape offer? A. network bandwidth B. CPU C. storage D. memory
CPU
Which two are Regional resources in Oracle Cloud Infrastructure? (Choose two.) Ephemeral public IPs Compartments Compute images Dynamic groups Block volume backups
Compute Image and Block Volume Back Ups
You are working for a financial institution that is currently running two web applications in Oracle Cloud Infrastructure (OCI). All resources were created in the root compartment. Your manager asked you to deploy new resources to support a proof-of-concept (PoC) for Oracle FlexCube. You must ensure that the FlexCube resources are secured and cannot be affected by the team that manages the two web applications.Which two tasks should you complete to ensure the required security of your resources? (Choose two.) Create a new compartment for the two web applications and move the existing resources into the compartment. Deploy the FlexCube application into the root compartment. Create a new policy in the root compartment that gives the FlexCube project team the ability to manage all resources in the tenancy. Create a new policy in the root compartment for the FlexCube project team. Assign a policy statement that grants the FlexCube project team the ability to manage all resources in the tenancy, where a specific tag key and tag value are present. Create a Tag Default within the root compartment with a default value of ${iam.principle.name} so that each new resource created is tagged with the name of the person who created it. Create a new IAM policy that allows users to only modify resources they created. Create a new compartment for the two web applications and move the existing resources into this compartment. Modify the existing policy for the team that manages these applications so that the scope of access is defined as this new compartment. Create a new compartment for the FlexCube application deployment. Create a policy in this compartment for the project team that gives them the ability to manage all resources within the scope of this Compartment.
Create a Tag Default within the root compartment with a default value of ${iam.principle.name} so that each new resource created is tagged with the name of the person who created it. Create a new IAM policy that allows users to only modify resources they created. Create a new compartment for the two web applications and move the existing resources into this compartment. Modify the existing policy for the team that manages these applications so that the scope of access is defined as this new compartment.
. For a compute instance that is launched in a private subnet in a Virtual Cloud Network (VCN), which action needs to be performed to connect to the Internet, assuming that the required security list is properly set up? Assign a Public IP address to the compute instance. Create and configure Network Address Translation (NAT) in a public subnet and route all traffic to it. There is no way for an instance in a private subnet to connect to the Internet. Create a default route entry in the route table to forward all traffic to the Internet gateway.
Create a default route entry in the route table to forward all traffic to the Internet gateway.
You deployed an Oracle Cloud Infrastructure (OCI) compute instance (VM.Standard2.16) to run a SQL database. After a few weeks, you need to increase disk performance by using NVMe disks but keeping the same number of CPUs. As a first step, you terminate the instance and preserve the boot volume. What is the next step? A. Create a new instance using a VM.DenseIO2.16 shape using the preserved boot volume and move the SQL Database data to block volume B. Create a new instance using a VM.DenseIO2.8 shape using the preserved boot volume and move the SQL Database data to NVMe disks C. Create a new instance using a VM.Standard1.16 shape using the preserved boot volume and move the SQL Database data to NVMe disks D. Create a new instance using a VM.DenseIO2.16 shape using the preserved boot volume move the SQL Database data to NVMe disks
D. Create a new instance using a VM.DenseIO2.16 shape using the preserved boot volume move the SQL Database data to NVMe disks
When you try to create an instance on Oracle Cloud Infrastructure (OCI), what are three valid sources to choose the image from? A. Dedicated VM Host B. Object Storage C. Bare Metal Instance D. Platform Images E. Custom Image F. Partner Images G. Instance Pools
D. Platform Images E. Custom Image F. Partner Images
When terminating a compute instance, which statement is true? A. The instance needs to be stopped first, and then terminated. B. The boot volume is always deleted. C. All block volumes attached to the instance are terminated. D. Users can preserve the boot volume associated with the instance.
D. Users can preserve the boot volume associated with the instance.
You are the Solutions Architect of a large company and are tasked with migrating all your services to Oracle Cloud Infrastructure. As part of this, you first design a Virtual Cloud Network (VCN) with a public subnet and a private subnet. Then in order to provide Internet connectivity to the instances in your private subnet, you create an Oracle Linux instance in your public subnet and configure NAT on it. However, even after adding all related security list rules and routes in the Route Table, your private subnet instances still cannot connect to the Internet. Which action should you perform to enable Internet connectivity? Disable "Source and Destination Check" on the VNIC of your Linux instance. There is no way that a private subnet can connect to the Internet. Create a Dynamic Routing Gateway (DRG) and route your private IP traffic to the DRG. Restart the NAT instance.
Disable "Source and Destination Check" on the VNIC of your Linux instance.
You have hired a new employee to run reports from the Autonomous Data Warehouse (ADW) and are not confident in their SQL writing ability. Into which consumer group will you assign this individual to minimize the impact of their code? A. Lowest B. Medium C. Highest D. High E. Low
E. Low
When creating a subnet, one or more placeholder security lists are often associated with the subnet. Why? Each operator needs its own security list. Each protocol needs its own security list. Each network endpoint or instance in the subnet needs its own security list. It is not possible to add or remove security lists after a subnet is created.
Each network endpoint or instance in the subnet needs its own security list.
Which two tagging related items are valid attributes that may be included in the payload of an audit log event? (Choose two.) Predefined values Free-form tags Tag variables Defined tags Cost-tracking tags Default tags
Free-form tags and defined tags
Which three components can you configure in Oracle Infrastructure Identity and Access Management? (Choose three.) Groups User Instance Policies VCNs
Groups, user, policies
You are responsible for setting up access for all the cloud users of a large enterprise. You log in to the Phoenix region and start creating users and policies. You then realize that some users might be creating resources in the Ashburn region. Which step should you perform to enable those users? You can assign a region to each of the users at the time of creation. IAM users are global and non-admin users can add resources to any region by default. You need to log in to each region separately to create users for that particular region. IAM users are global. As an administrator, make sure that you subscribe to the Ashburn region.
IAM users are global. As an administrator, make sure that you subscribe to the Ashburn region.
Which three load-balancing policies can be used with a back end set? (Choose three) - Throughput - IP Hash - Weighted Round Robin -CPU Utilization - Least Connections
IP Hash, Weighted Round Robin and Least Connections
Which statement is true about Oracle Cloud Identifiers (OCID)? mytenancy.oc.ocid is a valid OCID. If you delete a user, and then create a new user with the same name, the user will be considered a different user because of different OCIDs. Users can customize OCIDs for all the resources in their compartments. If you delete a user, and then create a new user with the same name, the new user will be assigned the exact same OCIDs as the system remembers.
If you delete a user, and then create a new user with the same name, the user will be considered a different user because of different OCIDs.
A customer has launched a compute Instance in the Virtual Cloud Network (VCN), which has an Internet gateway, a service gateway, a default security lists and a default route table. Customer has opened up Port 22 in the security lists attached to the compute instance subnet, however is still unable to connect to compute instances using ssh. Which option would remedy this situation? Modify the route table associated with the VCN subnet in which the instance resides. Add the following route to the route table. Destination CIDR: 0.0.0.0/0 Target: Internet Gateway (IGW) Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful egress rule to allow icmp traffic in addition to the port 22. Modify the route table associated with the VCN subnet in which the instance resides. Add the following route to the route table. Destination CIDR: 0.0.0.0/0 Target: Dynamic Routing Gateway (DRG) Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table. Destination CIDR: 0.0.0.0/0 Target: Service Gateway (SGW)
Modify the route table associated with the VCN subnet in which the instance resides. Add the following route to the route table. Destination CIDR: 0.0.0.0/0 Target: Internet Gateway (IGW)
You are a system administrator of your company and you are asked to manage updates and patches across all your compute instances running Oracle Linux in Oracle Cloud Infrastructure (OCI). As part of your task, you need to apply all the latest kernel security updates to all instances. Which OCI service will allow you to complete this task? A. Resource Manager B. OS Management C. Storage Gateway D. Streaming E. Registry
OS Management
Which two are NOT an image source when launching a new compute instance? (Choose two.) A. boot volume B. custom image C. Object Storage D. bare metal instance
Object Storage, bare metal
A customer wants to do development on premise while leveraging services such as Java Cloud, Mobile Developer Cloud, and App Builder Services. The customer would also like to scale out the application, stretching from on-premises to the cloud by using a common API. Which two Infrastructure options can the customer leverage to do this? (Choose two.) Oracle Cloud at Customer Oracle Cloud Infrastructure Classic Oracle Cloud Ravello service Oracle Cloud Infrastructure
Oracle Cloud at Customer and Oracle Cloud Infrastructure Classic
Which three are default Virtual Cloud Network (VCN) components? (Choose three.) Security List Dynamic Routing Gateway DHCP options Internet Gateway Route Table
Security lists, DHCP options, Route Table
You created a public subnet and an internet gateway in your virtual cloud network (VCN) of Oracle Cloud Infrastructure. The public subnet has an associated route table and security list. However, after creating several compute instances in the public subnet, none can reach the Internet. Which two are possible reasons for the connectivity issue? (Choose two.) The route table has no default route for routing traffic to the internet gateway. There is no stateful egress rule in the security list associated with the public subnet. There is no dynamic routing gateway (DRG) associated with the VCN. There is no stateful ingress rule in the security list associated with the public subnet. A NAT gateway is needed to enable the communication flow to internet
The route table has no default route for routing traffic to the internet gateway. There is no stateful egress rule in the security list associated with the public subnet.
You are designing a networking infrastructure in multiple Oracle Cloud Infrastructure regions and require connectivity between workloads in each region. You have created a dynamic routing gateway (DRG) and a remote peering connection. However, your workloads are unable to communicate with each other. What are two reasons for this? (Choose two.) The security lists associated with subnets in each virtual cloud network (VCN) do not have the appropriate ingress rules Identity and Access Management (IAM) policies have not been defined to allow connectivity across the two VCNs in different regions A local peering gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the local peering gateway An Internet gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the Internet Gateway The route table associated with subnets in each VCN do not have a route rule defined to forward the traffic to their respective DRGs
The security lists associated with subnets in each virtual cloud network (VCN) do not have the appropriate ingress rules The route table associated with subnets in each VCN do not have a route rule defined to forward the traffic to their respective DRGs
As an Oracle Cloud Infrastructure tenancy administrator, you created predefined lists of values and associated them with tag key definitions. One of the users in your tenancy complains that she cannot see these predefined values. What is causing this issue? The user is trying to use free-form tags. Some of the predefined values are null. The user is not part of an Identity and Access Management group that gives access to tagging. The user has breached either the quota or service limit for using tags.
The user is trying to use free-form tags.
You created a public subnet and an internet gateway in your virtual cloud network (VCN) of Oracle Cloud Infrastructure. The public subnet has an associated route table and security list. However, after creating several compute instances In the public subnet, none can reach the Internet. Which two possible reasons for the connectivity Issue? A NAT gateway is needed to enable the communication flow to the internet. There Is no stateful egress rule In the security list associated with the public subnet. There Is no dynamic routing gateway (DRG) associated with the VCN. The route table has no default route for routing traffic to the internet gateway. There is no stateful ingress rule in the security list associated with the public subnet.
There Is no stateful egress rule In the security list associated with the public subnet. The route table has no default route for routing traffic to the internet gateway.
Which two statements are true about an Oracle Cloud Infrastructure (OCI) virtual cloud network (VCN)? (Choose two.) To delete a VCN, its subnets must contain no resources. A VCN can have multiple CIDR blocks associated with it. In regions with multiple Availability Domains (AD), each AD should have their own VCN assigned to it. If you own a block of public IPs, you can assign it to one of your VCNs. A VCN covers a single, contiguous IPv4 CIDR block of your choice.
To delete a VCN, its subnets must contain no resources. A VCN covers a single, contiguous IPv4 CIDR block of your choice.
Which two parameters are required in a back end set's HTTP health check? (Choose two) - response - body - URL path - timeout - port - status code
URL Path, Port
An Oracle Cloud Infrastructure tenancy administrator is not able to delete a user in the tenancy. User has multi-factor authentication (MFA) enabled. User is a member of an Identity and Access Management (IAM) group. Users can be blocked but not deleted. User needs to be deleted from federation Identity Provider (IdP) before deleting from IAM.
User is a member of an identity and access management (IAM) group
. Which option lists Virtual Cloud Networks (VCNs) that can be peered? VCN A (172.16.0.0/24) and VCN B (172.16.0.0/28) VCN A (10.0.0.0/16) and VCN B (10.1.0.0/16) VCN A (10.0.2.0/16) and VCN B (10.0.2.0/25) VCN A (10.0.0.0/16) and VCN B (10.0.16.0/24)
VCN A (10.0.0.0/16) and VCN B (10.1.0.0/16)
You have two line of business operations (LOB1, LOB2) leveraging Oracle Cloud Infrastructure. LOB1 is deployed in VCN1 in the OCI US East region, while LOB2 is deployed in VCN2 in the US West region. You need to peer VCN1 and VCN2 for disaster recovery and data backup purposes. To ensure you can utilize the OCI Virtual Cloud Network remote peering feature, which CIDR ranges should be used? VCN1 (10.0.0.0/16) and VCN2 (10.0.1.0/24) VCN1 (10.0.0.0/16) and VCN2 (172.16.0.0/16) VCN1 (172.16.1.0/24) and VCN2 (172.16.1.0/27) VCN1 (192.168.0.0/16) and VCN2 (192.168.1.0/27)
VCN1 (10.0.0.0/16) and VCN2 (172.16.0.0/16)
Which two statements are true about subnets within a VCN? (Choose two.) You can have multiple subnets in an Availability Domain for a given VCN. Private and Public subnets cannot reside in the same Availability Domain for a given VCN. Subnets can have their IP addresses overlap with other subnets in another network for a given VCN. Instances obtain their private IP and the associated security list from their subnets.
You can have multiple subnets in an Availability Domain for a given VCN. Instances obtain their private IP and the associated security list from their subnets.
How can you provide users access to an existing compartment? by granting users access to a compartment when the compartment is created by adding users to a group and defining a policy to provide the group access to the compartment by adding users to a compartment. All users in the compartment will have access to the objects in the compartment. by granting access directly to the user when the user is created
by adding users to a group and defining a policy to provide the group access to the compartment
Which two components cannot be deleted in your Oracle Cloud Infrastructure Virtual Cloud Network? (Choose two.) Service gateway Default security list Routing gateway Default route table Default subnet
default security list and default route table
What is the maximum number of security lists that can be associated with a subnet? four three five two
five
Which two are required parameters to create a public load balancer instance? (Choose two) - certificate - load balancer name - listener -back end set - two public subnets
load balancer name and two public subnet
Your customer is using an Oracle Cloud Infrastructure (OCI) compartment named Production that hosts several resources such as compute instances, DB Systems and File Systems. Each resource in the Production compartment is tagged. The customer's security team wants to restrict access to DB Systems to only the authorized group of DBAs. Which OCI Tagging capability can be used to meet this requirement? Tags Defaults with predefined values Tag Defaults Cost-Tracking Tags Tag-based Access Control
tag based access control