This is for Developer Test
You have two micro-services, A and B running in production. Service A relies on APIs from service B. You want to test changes to service A without deploying all of its dependencies, which includes service B. Which approach should you take to test service A? (Choose the best answer.) Test the APIs in private environments. test against production APIs. There is no need to explicitly test APIs. Test using API mocks.
Test using API mocks.
You have two microservices, A and B running in production. Service A relies on APIs from service B You want to test changes to service A without deploying all of its dependencies, which includes service B. Which approach should you take to test service A? Test the APIs in private environments. There is no need to explicitly test APIs. Test against production APIs. Test using API mocks.
Test using API mocks.
You need to execute a script on a remote instance through Oracle Cloud Infrastructure Resource Manager. Which option can you use? (Choose the best answer.) Download the script to a local desktop and execute the script. Use /bin/sh with the full path to the location of the script to execute the script. Use remote-exec. It cannot be done.
Use remote-exec.
You are tasked with developing an application that requires the use of Oracle Cloud Infrastructure (OCI) APIs to POST messages to a stream in the OCI Streaming service. Which statement is incorrect? The request does not require an Authorization header. The content-type header must be set to application/json An HTTP 401 will be returned if the clients clock is skewed more than 5 min from servers. The request must include an authorization signing string including (but not limited to) x-content-sha256, content type, and content-length headers.
The request does not require an Authorization header.
Which header is NOT required when signing GET requests to Oracle Cloud Infrastructure APIs? content-type request-target date or x-date host
content-type
Which testing approaches is a must for achieving high velocity of deployments and releases of cloud-native applications? Integration testing Automated testing A/B testing Penetration testing
Automated testing
Which testing approaches is a must for achieving high velocity of deployments and release of cloud-native applications? Automated testing. A/B testing. Penetration testing. Integration testing.
Automated testing.
What are two of the main reasons you would choose to implement a serverless architecture? (Choose Two.) No need for integration testing. Improved in-function state management. Automatic horizontal scaling. Easier to run long-running operations. Reduced operational cost.
Automatic horizontal scaling. Reduced operational cost.
Given a service deployed on Oracle Cloud Infrastructure Container Engine far Kubernetes (OKE), which annotation should you add in the sample manifest file below to specify a 400 Mbps load balancer? service.beta.kubernetes.io/oci-load-balancer-value: 400Mbps. service.beta.kubernetes.io/oci-load-balancer-kind: 400Mbps. service.beta.kubernetes.io/oci-load-balancer-shape: 400Mbps. service.beta.kubernetes.io/oci-load-balancer-size: 400Mbps
service.beta.kubernetes.io/oci-load-balancer-shape: 400Mbps.
Given a service deployed on Oracle Cloud infrastructure Container Engine for Kubernetes (OKE), which annotation should you add in the sample manifest file to specify a 400 Mbps load balancer? service.beta.kubernetes.lo/oci-load-balancer-kind: 400Mbps service.beta.kubernetes.lo/oci-load-balancer-value: 400Mbps service.beta.kubernetes.lo/oci-load-balancer-shape: 400Mbps service.beta.kubernetes.lo/oci-load-balancer-size: 400Mbps
service.beta.kubernetes.lo/oci-load-balancer-shape: 400Mbps
Given a service deployed on Oracle Cloud infrastructure Container Engine for Kubernetes (OKE), which annotation should you add in the sample manifest file to specify a 400 Mbps load balancer? service.beta.kubernetes.lo/oci-load-balancer-shape:400Mbps. service.beta.kubernetes.lo/oci-load-balancer-kind:400Mbps. service.beta.kubernetes.lo/oci-load-balancer-value:400Mbps. service.beta.kubernetes.lo/oci-load-balancer-size:400Mbps.
service.beta.kubernetes.lo/oci-load-balancer-shape:400Mbps.
A pod security policy (PSP) is implemented in your Oracle Cloud Infrastructure Container Engine for Kubernetes cluster Which rule can you use to prevent a container from running as root using PSP? NoPrivilege RunOnlyAsUser forbiddenRoot MustRunAsNonRoot
MustRunAsNonRoot
As a cloud-native developer, you are designing an application that depends on Oracle Cloud Infrastructure (OCI) Object Storage wherever the application is running. Therefore, provisioning of storage buckets should be part of your Kubernetes deployment process for the application. Which should you leverage to meet this requirement? OCI Service Broker for Kubernetes OCI Container Engine for Kubernetes Open Service Broker API Oracle Functions
OCI Service Broker for Kubernetes
As a cloud-native developer, you are designing an application that depends on Oracle Cloud Infrastructure (OCI) Object Storage wherever the application is running. Therefore, provisioning of storage buckets should be part of your Kubernetes deployment process for the application. Which should you leverage to meet this requirement? OCI Service Broker for Kubernetes Oracle Functions Open Service Broker API OCI Container Engine for Kubernetes
OCI Service Broker for Kubernetes
Which Oracle Cloud Infrastructure (OCI) load balancer shape Is used by default in OCI Container Engine for Kubernetes? (Choose the best answer.) 8000 Mbps 100 Mbps There is no default, the shape has to be specific. 400 Mbps
100 Mbps
With the volume of communication that can happen between different components in cloud-native applications, it is vital to not only test functionality, but also service resiliency. Which statement is true with regards to service resiliency? Resiliency is about avoiding failures. Resiliency is about recovering from failures without downtime or data loss. Resiliency testing can only be done in a test environment. A goal of Resiliency is not to bring a service to a functioning state after a failure.
Resiliency is about recovering from failures without downtime or data loss.
Your organization uses a federated identity provider to login to your Oracle Cloud Infrastructure (OCI) environment. As a developer, you are writing a script to automate some operations and want to use OCI CLI to do that. Your security team doesn't allow storing private keys on local machines. How can you authenticate with OCI CLI? Run oci setup keys and provide your credentials. Run oci setup oci-cli-rc -file path/to/target/file. Run oci session authenticate and provide your credentials. Run oci session refresh -profile <profile_name>
Run oci session authenticate and provide your credentials.
You are developing a distributed application and you need a call to a path to always return a specific JSON content deploy an Oracle Cloud Infrastructure API Gateway with the below API deployment specification. What is the correct value for this type? STOCK_RESPONSE_BACKEND CONSTANT_BACKEND HTTP_BACKEND JSON_BACKEND
STOCK_RESPONSE_BACKEND
Which two are benefits of distributed systems? (Choose the best 2 answers.) Ease of Testing Scalability Privacy Resiliency Security
Scalability Resiliency
You are implementing logging in your services that will be running in Oracle Cloud Infrastructure Container Engine for Kubernetes. Which statement describes the appropriate logging approach? (Choose the best answer.) All services log to an external logging system. All services log to a shared log. All services log to standard output only. Each service logs to its own log.
All services log to standard output only.
You are deploying an API via Oracle Cloud Infrastructure (OCI) API Gateway and you want to implement request policies to control access Which is NOT available in OCI API Gateway? Enabling CORS (Cross-Origin Resource Sharing) support. Limiting the number of requests sent to backend services. Providing authentication and authorization. Controlling access to OCI resources.
Controlling access to OCI resources.
In a Linux environment, what is the default location of the configuration file that Oracle Cloud Infrastructure CLI uses for profile information? (Choose the best answer.) /usr/bin/oci/con /usr/local/bin/con $HOME/.oci/con /etc/.oci/con
$HOME/.oci/con
Which is NOT a supported SDK on Oracle Cloud Infrastructure (OCI)? Go SDK Python SDK .NET SDK Java SDK Ruby SDK
.NET SDK
What is the minimum amount of storage that a persistent volume claim can obtain in Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE)? 1 GB 50 GB 1 TB 10 GB
50 GB
What is the minimum of storage that a persistent volume claim can obtain in Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE)? 1 TB 1 GB 10 GB 50 GB
50 GB
Which two statements accurately describe an Oracle Functions application? A small block of code invoked in response to an OCI Events service. A docker image containing all the functions that share the same configuration. An application based on Oracle Functions, OCI Events, and OCI API gateway services. A common context to store configuration variables that are available to all functions in the application. A logical group of functions.
A common context to store configuration variables that are available to all functions in the application. A logical group of functions.
Which two statements accurately describe an Oracle Functions application? (Choose two.) A docker image containing all the functions that share the same configuration. A logical group of functions. A small block of code invoked in response to an OCI events service. An app based on Oracle Fucntions, OCI Events, and OCI API Gateway services. A common context to store configuration variables that are available to all functions in the application.
A logical group of functions. A common context to store configuration variables that are available to all functions in the application.
What is the communication method between different Cloud native applications services? Complex and asynchronous Basic and asynchronous Complex and synchronous Basic and synchronous
Basic and asynchronous
You have deployed a Python application on Oracle Cloud Infrastructure Container Engine for Kubernetes. However, during testing you found a bug that you rectified and created a new Docker image. You need to make sure that if this new Image doesn't work then you can roll back to the previous version. Using kubectl, which deployment strategies should you choose? A/B Testing Canary Deployment Blue/Green Deployment Rolling Update
Blue/Green Deployment
Which pattern can help you minimize the probability of cascading failures in your system during partial loss of connectivity or a complete service failure? (Choose the best answer.) Anti-corruption layer pattern. Circuit breaker pattern. Compensating transaction pattern. Retry pattern.
Circuit breaker pattern.
A service you are deploying to Oracle infrastructure (OCI) Container Engine for Kubernetes (OKE) uses a docker image from a private repository Which configuration is necessary to provide access to this repository from OKE? Add a generic secret on the cluster containing your identity credentials, then specify a registrycredentials property in the deployment manifest. Create a docker-registry secret for OCIR with API key credentials on the cluster, and specify the imagepullsecret property in the application deployment manfiest. Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the image pull secret property in the application deployment manifest. Create a dynamic group for nodes in the cluster, and a policy that allows the dynamic group to read repositories in the same compartment.
Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the image pull secret property in the application deployment manifest.
A service you are deploying to Oracle infrastructure (OCI) Container Engine for Kubernetes (OKE) uses a docker image from a private repository Which configuration is necessary to provide access to this repository from OKE? Create a dynamic group for nodes in the cluster, and a policy that allows the dynamic group to read repositories in same compartment. Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the image pull secret property in the application deployment manifest. Add a generic secret on the cluster containing your ID credentials, then specify a registry credentials property in the deployment manifest. Create a docker-registry secret for OCIR with API key credentials on the cluster, and specify the image pull secret property in the application deployment manifest.
Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the image pull secret property in the application deployment manifest.
A service you are deploying to Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) uses a docker image from a private repository in OCI Registry (OCIR). Which configuration is necessary to provide access to this repository from OKE? Create a docker-registry secret for OCIR with API key credentials on the cluster, and specify the imagePullSecret property in application manifest. Create a dynamic group for nodes in the cluster, and a policy that allows the dynamic group to read repositories in same compartment. Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the imagePullSecret property in application deployment manifest. Add a generic secret on the cluster containing your identity credentials, then specify a registryCredentials property in manifest.
Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the imagePullSecret property in application deployment manifest.
A programmer Is developing a Node.js application which will run in a Linux server on their on-premises data center. This application will access various Oracle Cloud Infrastructure (OCI) services using OCI SDKs. What is the secure way to access OCI services with OCI Identity and Access Management (IAM)? Create a new OCI IAM user associated with a dynamic group and plicy that grants the desired permissions to OCI services. Create a new OCI IAM user, add the user to a group associated with a policy that grants desired permissions to OCI services, in the on-premise Linux server, generate the keypair used for signing API requests and upload the public key to the IAM user. Create a new OCI IAM user, add the user to a group associated with a policy that grants desired permissions to OCI services, in the on-premises linux server, add the user name and password to a file used by Node.js authentication. Create an OCI IAM policy with the appropriate permissions to access the required OCI services and assign the policy to the on-premises Linux server.
Create a new OCI IAM user, add the user to a group associated with a policy that grants desired permissions to OCI services, in the on-premise Linux server, generate the keypair used for signing API requests and upload the public key to the IAM user.
A programmer Is developing a Node is application which will run in a Linux server on their on-premises data center. This application will access various Oracle Cloud Infrastructure (OC1) services using OCI SDKs. What is the secure way to access OCI services with OCI Identity and Access Management (JAM)? Choose one: Create a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services, in the on-premise linux server add the user name and password to a file used by Node.js authentication. Create a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services, in the on-premise linux server generate the keypair used for signing API requests and upload the public key to the IAM user. Create a new OCI IAM user associated with a dynamic group and a policy that grants the desired permissions to OCI services, add the on-premise linux server in the dynamic group. Create an OCI IAM policy with the appropriate permissions to access the required OCI services and assign the policy to the on-premise linux server.
Create a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services, in the on-premise linux server generate the keypair used for signing API requests and upload the public key to the IAM user.
You are developing a serverless application with oracle Functions. you have created a function in compartment named prod. when you try to invoke your function you get the following error: Error invoking function. status: 502 message: dhcp options ocid1.dhcpoptions.oc1.phx.aaaaaaaac... does not exist or Oracle Functions is not authorized to use it How can you resolve this error? Create a policy: Allow service FaaS to use virtual-network-family in compartment prod. Create a policy: Allow any-user to manage function-family and virtual-network-family in compartment prod Create a policy: Allow function-family to use virtual-network-family in compartment prod. Delete the function and redeploy it.
Create a policy: Allow service FaaS to use virtual-network-family in compartment prod.
You are using Oracle Cloud Infrastructure (OCI) Resource Manager to manage your infrastructure lifecycle and wish to receive an email each time a Terraform action begins. How should you use the OCI Events service to do this without writing any code? Create an OCI Notification topic and email subscription with the destination email address, then create an OCI Events rule matching "Resource Manager job - Create" condition, and select the notification topic for corresponding action. Create an OCI Email delivery configuration with the destination email address, then create an OCI Events rule matching "Resource Manager job - Create" condition, and select the notification topic for corresponding action. Create a rule in OCI events service matching the "Resource Manager Stack - Update" condition, then selection "action type: email" and provide the destination email address. Create an OCI notification topic and email subscription with the destination email address, create OCI events rule matching "Resource Manager Stack - Update" condition, then select the notificaiton topic for the corresponding action.
Create an OCI Notification topic and email subscription with the destination email address, then create an OCI Events rule matching "Resource Manager job - Create" condition, and select the notification topic for corresponding action.
A developer using Oracle Cloud Infrastructure (OCI) API Gateway must authenticate the API requests to their web application. The authentication process must be implemented using a custom scheme which accepts string parameters from the API caller. Which method can the developer use In this scenario? Create an authorizer function using token-based authorization. Create an authorizer function using request header authorization. Create a cross account functions authorizer. Create an authorizer function using OCI IAM based authentication.
Create an authorizer function using request header authorization.
You encounter an unexpected error when invoking the Oracle Function named "myfunction" in application "myapp". Which can you use to get more information on the error? Call Oracle support with your error message DEBUG=1 fn invoke myapp myfunction fn --verbose invoke myapp myfunction fn --debug invoke myapp myfunction
DEBUG=1 fn invoke myapp myfunction
Which two statements are true for service choreography? Decision logic in service choreography is distributed. Service choreographer is responsible for invoking other services. Service choreography relies on a central coordinator. Service choreography should not use events for communication. Services involved in choreography communicate through messages/messaging systems.
Decision logic in service choreography is distributed. Services involved in choreography communicate through messages/messaging systems.
You are building a container image and pushing it to the Oracle Cloud Infrastructure Registry (OCIR). You need to make sure that these get deleted from the repository. Which action should you take? In your compartment, write a policy to limit access to the specific repository. Create a group and assign a policy to perform life-cycle operations on images. Set global policy of image retention to "retain all images". Edit the tenancy global retention policy.
Edit the tenancy global retention policy.
You have a containerized app that requires an Autonomous Transaction Processing (ATP) Database. Which option is not valid for a container in Kubernetes? User Kubernetes secrets to configure enviornment variables on the container with ATP instance OCID, and OCI API credentials, then use the CreateConnection API endpoint from the service. Install OCI Service Broker on Kubernetes cluster and deploy serviceinstance and serviceBinding resrouces for ATP, then use specified binding name as a volume in the application deployment manifest. Create Kubernetes secret with contest from the instance Wallet files, use this secret to create a volume mounted to the appropriate path in the application deployment manifest. Enable Oracle REST data services for the required schemas and connect via HTTPS.
Enable Oracle REST data services for the required schemas and connect via HTTPS.
You are working on a serverless DevSecOps application using Oracle Functions. You have deployed a Python function that uses the Oracle Cloud Infrastructure (OCI) Python SDK to stop any OCI Compute instance that does not comply with your corporate security standards There are 3 non-compliant OCI Compute instances. However, when you invoke this function none of the instances were stopped. How should you troubleshoot this? Enable function logging in the OCI console, include some print statements in your function code and use logs to troubleshoot this. Enable function tracing in the OCI console, and go to OCI monitoring console to see the function stack trace. Enable function remote debugging in the OCI console. There is no way to troubleshoot a function running on Oracle Functions.
Enable function logging in the OCI console, include some print statements in your function code and use logs to troubleshoot this.
You are developing a serverless application with Oracle Functions. Your function needs to store state in a database. Your corporate security Standards mandate encryption of secret information like database passwords. As a function developer, which approach should you follow to satisfy this security requirement? Use OCI Console and enter the password in the function configuration section in the provided input field. Encrypt the password using OCI Key Management, decrypt this password in your function code with the generated key. All function configuration variables are automatically encrypted by Oracle Functions. Use OCI Key Management to auto-encrypt the password, it will inject the auto-decrypted password inside your function container.
Encrypt the password using OCI Key Management, decrypt this password in your function code with the generated key.
What can you use to dynamically make Kubernetes resources discoverable to public DNS servers? ExternalDNS kubeDNS DynDNS CoreDNS
ExternalDNS
What is the open source engine for Oracle Functions? Apache OpenWhisk Knative OpenFaaS Fn Project
Fn Project
Which two handle Oracle Functions authentication automatically? (Choose two.) Fn Project CLI Oracle Cloud Infrastructure CLI cURL OCI SDK Signed HTTP Request
Fn Project CLI Oracle Cloud Infrastructure CLI
You want to push a new image in the Oracle Cloud Infrastructure (OCI) Registry. Which two actions do you need to perform? (Choose Two.) Assign an OCI defined tag via OCI CLI to the image. Generate an OCI tag namespace in your repository. Generate an API signing key to complete the authentication via Docker CLI. Generate an auth token to complete the authentication via Docker CLI. Assign a tag via Docker CLI to the image.
Generate an auth token to complete the authentication via Docker CLI. Assign a tag via Docker CLI to the image.
You are a consumer of Oracle Cloud Infrastructure (OCI) Streaming service. Which API should you use to read and process the stream? ListMessages ReadMessages GetMessages GetObject
GetMessages
What is the difference between blue/green and canary deployment strategies? In blue/green, both old and new applications are in production at the same time, in canary, application is deployed incrementally to a select group of people. In blue/green, application is deployed in minor increments to select group of people, in canary both old and new apps are simultaneously in production. In blue/green, current apps are slowly replaced with new ones, in canary, applications are deployed incrementally to a select group of people. In blue/green current apps are slowly replaced with new ones, in canary both old and new apps are in produciton at the same time.
In blue/green, both old and new applications are in production at the same time, in canary, application is deployed incrementally to a select group of people.
Which two are required to enable Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) cluster access from the kubectl CLI? (Choose two) Install and configure the OCI CLI. Tiller enabled on the OKE cluster. An SSH key pair with the public key added to cluster worker nodes. A configured OCI API signing key pair. OCI Identity and Access Management Auth Token.
Install and configure the OCI CLI. A configured OCI API signing key pair.
Which is NOT a valid option to execute a function deployed on Oracle Functions? (Choose the best answer.) Trigger by an event in OCI events service Invoke from Fn Project CLI Invoke from Docker CLI Send a signed HTTP request to the functions invoke endpoint. Invoke from OCI CLI
Invoke from Docker CLI
Which one of the statements describes a service aggregator pattern? It uses a queue on both sides of the service communication. It involves sending events through a message broker. It involves implementing a separate service that makes multiple calls to other backend services. It is implemented in each service separately and uses a streaming service.
It involves implementing a separate service that makes multiple calls to other backend services.
Which two statements accurately describe Oracle SQL Developer Web on Oracle Cloud Infrastructure (OCI) Autonomous Database? (Choose two). It is available for databases with both dedicated and shared exadata infrastructure. After provisioning into an OCI compute instance, it can automatically connect to the OCI autonomous database instances. It provides a development environment and a data modeler interface for OCI autonomous databases. It is available for databases with dedicated Exadata infrastructure only.
It is available for databases with both dedicated and shared exadata infrastructure. It provides a development environment and a data modeler interface for OCI autonomous databases.
An OCI function may subscribe to a notification topic. An OCI function may subscribe to a notification topic. A subscription can integrate with PagerDuty events. A subscription can forward notifications to an HTTPS endpoint. It may be used to receive an email each time an OCI Autonomous Database backup is completed. Notification topics may be assigned as the action performed by an OCI Events configuration. OCI Alarms can be configured to publish to a notification topic when triggered.
It may be used to receive an email each time an OCI Autonomous Database backup is completed.
Which statements is incorrect with regards to the Oracle Cloud Infrastructure (OCI) Notifications service Notification topics may be assigned as the action performed by an OCI events configuration. OCI Alarms can be configured to publish to a notification topic when triggered. An OCI function may subscribe to a notification topic. A subscription can forward notifications to an HTTPS endpoint. A subscription can integrate with PagerDuty events. It may be used to receive an email each time an OCI Autonomous Database backup is completed.
It may be used to receive an email each time an OCI Autonomous Database backup is completed.
Which statements is incorrect with regards to the Oracle Cloud Infrastructure (OCI) Notifications service? A subscription can integrate with PagerDuty events. A subscription can forward notifications to an HTTPS endpoint. OCI alarms can be configured to publish to a notification topic when triggered. It may be used to receive an email each time an OCI Autonomous Database backup is completed. Notification topics may be assigned as the action performed by an OCI events configuration.
It may be used to receive an email each time an OCI Autonomous Database backup is completed.
What is one of the differences between a microservice and a serverless function? Microservices are stateless and serverless functions are stateful. Microservices are triggered by events and serverless functions are not. Microservices always use a dta store and serverless functions never use a data store. Microservices are used for long running operations and serverless fuctions are for short running operations.
Microservices are used for long running operations and serverless fuctions are for short running operations.
Which two are characteristics of microservices? (Choose two.) All microservices share a data store. Microservices can be implemented in limited number of programming languages. Microservices are hard to test in isolation. Microservices communicate over lightweight APIs. Microservices can be independently deployed.
Microservices communicate over lightweight APIs. Microservices can be independently deployed.
Which is NOT a supported SDK for Oracle Cloud Infrastructure (OCI)? NET SDK Go SDK Ruby SDK Java SDK Python SDK
NET SDK
You are working on a cloud native e-commerce application on Oracle Cloud Infrastructure (OCI). Your application architecture has multiple OCI services, including Oracle Functions. You need to trigger these functions directly from other OCI services, without having to run custom code. Which OCI service cannot trigger your functions directly? OCI Registry. Oracle Integration. OCI Events Service. OCI API Gateway.
OCI Registry.
In order to effectively test your cloud-native applications, you might utilize separate environments (development, testing, staging, production, etc.). Which Oracle Cloud Infrastructure (OCI) service can you use to create and manage your infrastructure? OCI Container Engine for Kubernetes OCI Compute OCI Resource Manager OCI API Gateway
OCI Resource Manager
Which statement accurately describes Oracle Cloud Infrastructure (OCI) Load Balancer integration with OCI Container Engine for Kubernetes (OKE)? OKE service provisions a single OCI Load Balancer instance shared with all Kubernetes services with LoadBalancer type in the YAML configuration. OKE service provisions an OCI Load Balancer instance for each Kubernetes service with LoadBalancer type in the YAML configuration. OCI Load Balancer instance provisioning is triggered by OCI Events service for each Kubernetes service with LoadBalancer type in the YAML configuration. OCI Load Balancer instance must be manually provisioned for each Kubernetes service that requires traffic balancing.
OKE service provisions a single OCI Load Balancer instance shared with all Kubernetes services with LoadBalancer type in the YAML configuration.
Which statement accurately describes Oracle Cloud Infrastructure (OCI) Load Balancer integration with OCI Container Engine for Kubernetes (OKE)? (Choose the best answer.) OCI Load Balancer instance must be manually provisioned for each Kubernetes service that requires traffic balancing. OCI LB instance provisioning is triggered by OCI events service for each Kubernetes service with LoadBalancer type in YAML config. OKE services provision a single OCI Load Balancer instance shared with all the Kubernetes services with LoadBalancer type in the YAML configuration. OKE services provisions an OCI load balancer instance for each Kubernetes service with LoadBalancer type in the YAML configuration.
OKE services provision a single OCI Load Balancer instance shared with all the Kubernetes services with LoadBalancer type in the YAML configuration.
Which one of the following is NOT a valid backend-type supported by Oracle Cloud Infrastructure (OCI) API Gateway? ORACLE_FUNCTIONS_BACKEND. STOCK_RESPONSE_BACKEND. HTTP_BACKEND. ORACLE_STREAMS_BACKEND.
ORACLE_STREAMS_BACKEND.
You are developing a polyglot serverless application using Oracle Functions. 'Which language cannot be used to write your function code? Python GO PL/SQL Node.js Java
PL/SQL
Which concept is NOT related to Oracle Cloud Infrastructure Resource Manager? Stack Plan Queue Job
Queue
In a Linux environment, what is the default locations of the configuration file that Oracle Cloud Infrastructure CLI uses for profile information? /etc/.oci/config. /usr/local/bin/config. /usr/bin/oci/config. SHOME/.oci/config.
SHOME/.oci/config.
Which two statements are true for serverless computing and serverless architectures? (Choose Two.) Serverless function execution is fully managed by a third party. Applications running on a FaaS (Functions as a Service) platform. Long running tasks are perfectly suited for serverless. Serverless function state should never be stored externally. Applicaiton DevOps team is responsible for scaling.
Serverless function execution is fully managed by a third party. Applications running on a FaaS (Functions as a Service) platform.
You are developing a serverless application with Oracle Functions and Oracle Cloud Infrastructure Object Storage- Your function needs to read a JSON file object from an Object Storage bucket named "input-bucket" in compartment "qa-compartment" Your corporate security standards mandate the use of Resource Principals for this use case. Which two statements are needed to implement this use case? (Choose two.) No policies are needed, by default every function has read access to object storage buckets in the tenancy. Set up a policy to grant all functions read access to the bucket: allow all functions in compartment qa-compartment to read objects in target.bucket.name='input-bucket'. Set up a policy with the following statement to grant read access to the bucket: allow dynamic-group read-file-dg to read objects in compartment qa-compartment where taget.bucket.name='inputbucket'. Set up a policy to grant your user account read access to the bucket: allow user XYZ to read objects in compartment qa-compartment where target.bucket, name-'input-bucket' Set up the following dynamic group for your functions OCID: Name: read-file-dg / Rule: resource.id='ocid1.fnfunc.ocI-phx.aaaaaaaaaakeaobctakezj'
Set up the following dynamic group for your functions OCID: Name: read-file-dg / Rule: resource.id='ocid1.fnfunc.ocI-phx.aaaaaaaaaakeaobctakezj' Set up a policy with the following statement to grant read access to the bucket: allow dynamic-group read-file-dg to read objects in compartment qa-compartment where taget.bucket.name='inputbucket'.
Which two "Action Type" options are NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition? Slack Notifications Streaming Functions Email
Slack Email
Who is responsible for patching, upgrading and maintaining the worker nodes in Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE)? Oracle Support It is automated The user Independent Software Vendors
The user
As a cloud-native developer, you have written a web service for your company. You have used Oracle Cloud Infrastructure (OCI) API Gateway service to expose the HTTP backend. However, your security team has suggested that your web service should handle Distributed Denial-of-Service (DDoS) attack. You are time-constrained and you need to make sure that this is implemented as soon as possible. what should you do in this scenario? Use OCI VCN segregation to control DDoS. Use a third party service integration to implement a DDoS attack mitigation. Use OCI API Gateway service and configure rate limiting. Re-write your web service and implement rate limiting.
Use OCI API Gateway service and configure rate limiting.
You are processing millions of files in an Oracle Cloud Infrastructure (OCI) Object Storage bucket. Each time a new file is created, you want to send an email to the customer and create an order in a database. The solution should perform and minimize cost, Which action should you use to trigger this email? (Choose the best answer.) Scheudle an Oracle Function that checks the OCI Object Storage bucket every minute and emails customer when file is found. Schedule an Oracle Function that checks the OCI object storage bucket every second and email the customer when file is found. Scheudle a cron job that monitors OCI Object Storage and emails customer when new file is created. Use OCI Events service and OCI Notification service to send an email each time a file is created.
Use OCI Events service and OCI Notification service to send an email each time a file is created.
You have been asked to create a stateful application deployed in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) that requires all of your worker nodes to mount and write data to persistent volumes. Which two OCI storage services should you use? (Choose two.) Use OCI File Services as a persistent volume. Use GlusterFS as persistent volume. Use open source storage solutions on top of OCI. Use OCI Object Storage as persistent volume. Use OCI Block Volume backed persistent volume.
Use OCI File Services as a persistent volume. Use OCI Block Volume backed persistent volume.
You have written a Node.js function and deployed it to Oracle Functions. Next, you need to call this function from a microservice written in Java deployed on Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE). Which can help you to achieve this? Oracle functions does not allow a microservice deployed on OKE to invoke a function. Use the OCI Java SDK to invoke the function from the microservice. OKE does not allow a microservice to invoke a function from Oracle Functions. Use the OCI CLI with kubect1 to invoke the function from the microservice.
Use the OCI Java SDK to invoke the function from the microservice.
A leading insurance firm is hosting its customer portal in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes with an OCI Autonomous Database. Their support team discovered a lot of SQL injection attempts and cross-site scripting attacks to the portal, which is starting to affect the production environment. What should they implement to mitigate this attack? (Choose Best Answer) Network Security Groups Network Security Lists Network Security Firewall Web Application Firewall (WAF)
Web Application Firewall (WAF)
Per CAP theorem, in which scenario do you NOT need to make any trade-off between the guarantees? (Choose the best answer.) When the system is running on-premise. When the system is running in the cloud. When you are using load balancers. When there are no network partitions.
When there are no network partitions.
Per CAP theorem, in which scenario do you NOT need to make any trade-off between the guarantees? (Choose the best answer.) When there are no network partitions. When the system is running in the cloud. When the system is running on-premise. When you are using load balancers.
When there are no network partitions.
You are building a cloud native, serverless travel application with multiple Oracle Functions in Java, Python and Node.js. You need to build and deploy these functions to a single application named travel-app. Which command will help you complete this task successfully? oci fn function deploy --ap travel-ap --all fn function deploy --all --application-name travel-ap oci fn application --application-name-ap deploy --all fn -v deploy --app travel-ap --all
fn -v deploy --app travel-ap --all
You have created a repository in Oracle Cloud Infrastructure Registry in the us-ashburn-1 (iad) region in your tenancy with a namespace called "heyoci". Which three are valid tags for an image named "myapp" ? (Choose three). us-ashburn-I.ocir.io/heyoci/myproject/myapp:0.0.2-beta. us-ashburn-I.ocir.io/heyoci/myapp:0.0.2-beta. iad.ocir.io/heyoci/myproject/myapp:0.0.1 us-ashburn-I.ocir.io/myproject/heyoci/myapp:latest. iad.ocir.io/heyoci/myapp:latest iad.ocir.io/heyoci/myapp:0.0.2-beta
iad.ocir.io/heyoci/myproject/myapp:0.0.1 iad.ocir.io/heyoci/myapp:latest iad.ocir.io/heyoci/myapp:0.0.2-beta
You created a pod called "nginx" and its state is set to Pending. Which command can you run to see the reason why the "nginx" pod is in the pending state? Through the OCI console. kubectl get pod nginx. kubectl describe pod nginx. kuvectl logs pod nginx.
kubectl describe pod nginx.
How can you find details of the tolerations field for the sample YAML file below? kubectl get pod.spec.tolerations kubectl list pod.spec.tolerations kubectl describe pod.spec.tolerations kubectl explain pod.spec.tolerations
kubectl explain pod.spec.tolerations
How can you find details of the tolerations field for the sample YAML file below? kubectl list pod.spec.tolerations kubectl explain pod.spec.tolerations kubectl describe pod.spec.tolerations kubectl get pod.spec.tolerations
kubectl explain pod.spec.tolerations
How do you perform a rolling update in Kubernetes? (Choose the best answer.) kubectl rolling-update <deployment-name> -image=image:v2. kubectl update ""c <container> kubectl rolling-update kuvectl upgrade <deployment-name> -image=image:v2
kubectl rolling-update <deployment-name> -image=image:v2.
In the sample Kubernetes manifest file below, what annotations should you add to create a private load balancer In oracle Cloud infrastructure Container Engine for Kubermetes? service.beta.kubernetes.oci-load-balancer-internal:true, service.beta.kubernetes.oci-load-balancer-subnet1:ocidl.subnet.oc1..aaaa....vdfw. service.beta.kubernetes.oci-load-balancer-private:true. service.beta.kubernetes.oci-load-balancer-internal:true. service.beta.kubernetes.oci-load-balancer-private:true, service.beta.kubernetes.oci-load-balancer-subnet1:ocidl.subnet.oc1..aaaa....vdfw.
service.beta.kubernetes.oci-load-balancer-internal:true, service.beta.kubernetes.oci-load-balancer-subnet1:ocidl.subnet.oc1..aaaa....vdfw.
Your Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) administrator has created an OKE cluster with one node pool in a public subnet. You have been asked to provide a log file from one of the nodes for troubleshooting purpose. Which step should you take to obtain the log file? It is impossible since OKE is a managed Kubernetes service. ssh into the node using public key. Use the username opc and password to login. ssh into the nodes using private key.
ssh into the nodes using private key.
