1z0-1072-20 Exam - Oracle Cloud Infrastructure 2020 Architect Associate

NEW QUESTION 1

When terminating a compute instance, which statement is true?

• A. The instance needs to be stopped first, and then terminated.
• B. The boot volume is always deleted.
• C. All block volumes attached to the instance are terminated.
• D. Users can preserve the boot volume associated with the instance.

Answer: D

Explanation:
You can permanently terminate (delete) instances that you no longer need. Any attached VNICs and volumes are automatically detached when the instance terminates. Eventually, the instance's public and private IP addresses are released and become available for other instances. By default, the instance's boot volume is deleted when you terminate the instance, however you can preserve the boot volume associated with the instance, so that you can attach it to a different instance as a data volume, or use it to launch a new instance.

NEW QUESTION 2

You are designing a lab exercise for your team that has a large number of graphics with large file sizes. The application becomes unresponsive if the graphics are embedded in the application. You have uploaded the graphics to Oracle Cloud Infrastructure and only added the URL in the application. You need to ensure these graphics are accessible without requiring any authentication for an extended period of time.
How can you achieve these requirements?

• A. Create pre-authenticated requests (PAR) and specify 00:00:0000 as the expiration time.
• B. Make the object storage bucket private and all objects public and use the URL found in the Object “Details”.
• C. Make the object storage bucket public and use the URL found in the Object “Details”.
• D. Create PARs and do not specify an expiration date.

Answer: C

Explanation:
Pre-authenticated requests provide a way to let you access a bucket or an object without having your own credentials. For example, you can create a request that lets you upload backups to a bucket without owning API keys.
When you create a bucket, the bucket is considered a private bucket and the access to the bucket and bucket contents requires authentication and authorization. However, Object Storage supports anonymous, unauthenticated access to a bucket. You make a bucket public by enabling read access to the bucket.
pre-authenticated requests have to select expiration date

NEW QUESTION 3

Which three must be configured for a load balancer to accept incoming traffic? (Choose two.)

• A. a listener
• B. a back-end server
• C. a back end set
• D. a security list that is open on a listener port
• E. a certificate

Answer: ABC

Explanation:
https://docs.cloud.oracle.com/iaas/Content/Balance/Tasks/managingloadbalancer.htm?tocpath=Services%7CLoa The essential components for load balancing include:• A load balancer with pre-provisioned bandwidth.• A backend set with a health check policy. See Managing Backend Sets.• Backend servers for your backend set. See Managing Backend Servers.• One or more listeners . See Managing Load Balancer Listeners.• Load balancer subnet security rules to allow the intended traffic. To learn more about these rules, see Security Rules.• Optionally, you can associate your listeners with SSL server certificate bundles to manage how your system handles SSL traffic. See Managing SSL Certificates.

NEW QUESTION 4

You are working for a financial institution that is currently running two web applications in Oracle Cloud Infrastructure (OCI). All resources were created in the root compartment.
Your manager asked you to deploy new resources to support a proof-of-concept (PoC) for Oracle FlexCube. D18912E1457D5D1DDCBD40AB3BF70D5D
You must ensure that the FlexCube resources are secured and cannot be affected by the team that manages the two web applications.
Which two tasks should you complete to ensure the required security of your resources? (Choose two.)

• A. Create a new compartment for the two web applications and move the existing resources into thecompartmen
• B. Deploy the FlexCube application into the root compartmen
• C. Create a new policy in the rootcompartment that gives the FlexCube project team the ability to manage all resources in the tenancy.
• D. Create a new policy in the root compartment for the FlexCube project tea
• E. Assign a policy statement that grants the FlexCube project team the ability to manage all resources in the tenancy, where a specific tag key and tag value are present.
• F. Create a Tag Default within the root compartment with a default value of ${iam.principle.name} so that each new resource created is tagged with the name of the person who created i
• G. Create a new IAMpolicy that allows users to only modify resources they created.
• H. Create a new compartment for the two web applications and move the existing resources into this compartmen
• I. Modify the existing policy for the team that manages these applications so that the scopeof access is defined as this new compartment.
• J. Create a new compartment for the FlexCube application deploymen
• K. Create a policy in this compartment for the project team that gives them the ability to manage all resources within the scope of thiscompartment.

Answer: CD

NEW QUESTION 5

As an Oracle Cloud Infrastructure tenancy administrator, you created predefined lists of values and associated them with tag key definitions.
One of the users in your tenancy complains that she cannot see these predefined values. What is causing this issue?

• A. The user is trying to use free-form tags.
• B. Some of the predefined values are null.
• C. The user is not part of an Identity and Access Management group that gives access to tagging.
• D. The user has breached either the quota or service limit for using tags.

Answer: A

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Tagging/Tasks/usingpredefinedvalues.htm

NEW QUESTION 6

Which two features are offered natively on Oracle Cloud Infrastructure Database Cloud Service (DBCS)? (Choose two.)

• A. Data Guard in Async mode within a region
• B. GoldenGate replication between two regions
• C. Data Guard in Maximum Protection mode
• D. backup to Object Storage

Answer: AD

Explanation:
Data Guard in Maximum Performance protection mode is supported not simply Maximum Protection mode, however, you can configure additional protection modes and transport types by logging on to the DB system and accessing Data Guard command-line interface( DGMGRL).

NEW QUESTION 7

You have an AI/ML application running on Oracle Cloud Infrastructure. You identified that the application needs GPU and at least 20Gbps Network throughput.
The application is currently using a VM.Standard2.1 compute without any block storage attached to it. Which two options allow you to get your required performance for your application? (Choose two.)

• A. Terminate the compute instance preserving the boot volum
• B. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved, but no block volume attached.
• C. Terminate the compute instance preserving the boot volum
• D. Create a new compute instance using the VM.Standard2.2 shape using the boot volume preserved, but no block volume attached.
• E. Terminate the compute instance preserving the boot volum
• F. Create a new compute instance using the VM.GPU3.4 shape using the boot volume preserved and use the NVMe devices to host your application.
• G. Terminate the compute instance preserving the boot volum
• H. Create a new compute instance using the BM.HPC2.36 shape using the boot volume preserved and use the NVMe devices to host yourapplication.
• I. Terminate the compute instance preserving the boot volum
• J. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved and attach a new block volume to host your application.

Answer: DE

NEW QUESTION 8

Which two statements are true about policies?

• A. You can use read, write, manage, and inspect as verbs for defining a policy.
• B. A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how.
• C. Users need not do anything but still have to be added to a group with appropriate policies defined.
• D. You can deny access to a group via policies.

Answer: BC

NEW QUESTION 9

Your company has been running several small applications in Oracle Cloud Infrastructure and is planning a proof-of-concept (POC) to deploy PeopleSoft.
If your existing resources are being maintained in the root compartment, what is the recommended approach for defining security for the upcoming POC?

• A. Create a new compartment for the POC and grant appropriate permissions to create and manage resources within the compartment.
• B. Provision all new resources into the root compartmen
• C. Grant permissions that only allow for creation and management of resources specific to the POC.
• D. Provision all new resources into the root compartmen
• E. Use defined tags to separate resources that belong to different applications.
• F. Create a new tenancy for the PO
• G. Provision all new resources into the root compartmen
• H. Grant appropriate permissions to create and manage resources within the root compartment.

Answer: A

Explanation:
If your organization is small, or if you are still in the proof-of-concept stage of evaluating OracleCloud Infrastructure, consider placing all of your resources in the root compartment (tenancy). This approach makes it easy for you to quickly view and manage all your resources. You can still write policies and create groups to restrict permissions on specific resources to only the users who need access.If you plan to maintain all your resources in the root compartment, we recommend setting up aseparate sandbox compartment to give users a dedicated space to try out features. In the sandbox compartment, you can grant users permissions to create and manage resources, whilemaintaining stricter permissions on the resources in your tenancy (root) compartment.
https://www.oracle.com/a/ocom/docs/best-practices-for-iam-on-oci.pdf

NEW QUESTION 10

You are responsible for setting up access for all the cloud users of a large enterprise. You log in to the Phoenix region and start creating users and policies. You then realize that some users might be creating resources in the Ashburn region.
Which step should you perform to enable those users?

• A. You can assign a region to each of the users at the time of creation.
• B. IAM users are global and non-admin users can add resources to any region by default.
• C. You need to log in to each region separately to create users for that particular region.
• D. IAM users are globa
• E. As an administrator, make sure that you subscribe to the Ashburn region.

Answer: D

NEW QUESTION 11

Which two components cannot be deleted in your Oracle Cloud Infrastructure Virtual Cloud Network?
(Choose two.)

• A. Service gateway
• B. Default security list
• C. Routing gateway
• D. Default route table
• E. Default subnet

Answer: BD

Explanation:
Reference: https://www.oracle.com/a/ocom/docs/vcn-deployment-guide.pdf (4)

NEW QUESTION 12

You are an administrator with an application running on OCI. The company has a fleet of OCI compute virtual instances behind an OCI Load Balancer. The OCI Load Balancer Backend Set health check API is providing a ‘Critical’ level warning. You have confirmed that your application is running healthy on the backend servers.
What is the possible reason for this ‘Critical’ warning?

• A. A user does not have correct IAM credentials on the Backend Servers.
• B. The Backend Server VCN’s Route Table does not include the route for OCI LB.
• C. OCI Load Balancer Listener is not configured correctly.
• D. The Backend Server VCN’s Security List does not include the IP range for the source of the health check requests.

Answer: D

Explanation:
References:
“In this case, your security rules might not include the IP range for the source of the health check requests. You can find the health check source IP on the Details page for each backend server. You can also use the API to find the IP in the sourceIpAddress field of the HealthCheckResult object.”
https://docs.cloud.oracle.com/iaas/Content/Balance/Tasks/editinghealthcheck.htm#health-status

NEW QUESTION 13

You provisioned an Oracle Autonomous Data Warehouse (ADW) on Oracle Cloud Infrastructure (OCI) and imported data into ADW.
You want to give your business analyst the ability to connect to the ADW database and run queries. Which two actions can help you meet this requirement? (Choose two.)

• A. Create a database user account for the business analyst.
• B. Grant the predefined database role DWROLE to the database user.
• C. Grant unlimited tablespace privilege to the database user.
• D. Grant the predefined database role DWADW to the database user.
• E. Grant the predefined database role DWUSER to the database user.

Answer: BC

Explanation:
Reference:
https://oracle.github.io/learning-library/oci-library/L100-LAB/Autonomous_Data_Warehouse/ADW_HOL.html

NEW QUESTION 14

You have an Oracle Cloud Infrastructure (OCI) load balancer distributing traffic via an evenly-weighted round robin policy to your back-end web servers. You notice that one of your web servers is receiving more traffic than other web servers.
How can you resolve this to make sure traffic is evenly distributed across all back-end webservers?

• A. Disable cookie-based session persistence on your backend set.
• B. Change keep-alive setting between the load balancer and backend server.
• C. Disable SSL configuration associated with your backend set.
• D. Create separate listeners for each backend web server.

Answer: D

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Balance/Concepts/balanceoverview.htm

NEW QUESTION 15

Which two tagging related items are valid attributes that may be included in payload of an audit log event? (Choose two.)

• A. Predefined values
• B. Free-form tags
• C. Tag variables
• D. Defined tags
• E. Cost-tracking tags
• F. Default tags D18912E1457D5D1DDCBD40AB3BF70D5D

Answer: BD

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Audit/Reference/logeventreference.htm#payload

NEW QUESTION 16

Which two statements are true about restoring a volume from a block volume backup in Oracle Cloud Infrastructure Block Volume service?

• A. You can restore a volume from any full volume backup but not from an Incremental backup.
• B. You can only restore a volume to the same availability domain in which the original block volume resides.
• C. You can restore a block volume backup to a larger volume size.
• D. You can restore a volume to any availability domain within the same region where the backup is stored.
• E. You can restore only one volume from a manual block volume backup.

Answer: CD

Explanation:
Reference https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Tasks/restoringavolumefromabackup.htm

NEW QUESTION 17

Which two statements are true about subnets within a VCN? (Choose two.)

• A. You can have multiple subnets in an Availability Domain for a given VCN.
• B. Private and Public subnets cannot reside in the same Availability Domain for a given VCN.
• C. Subnets can have their IP addresses overlap with other subnets in another network for a given VCN.
• D. Instances obtain their private IP and the associated security list from their subnets.

Answer: AD

Explanation:
References: https://cloud.oracle.com/en_US/bare-metal-network/vcn/faq

NEW QUESTION 18

Which of the following statements is true about the Oracle Cloud Infrastructure (OCI) Object Storage serverside encryption?

• A. Encryption of data encryption keys with a master encryption key is optional.
• B. Customer-provided encryption keys are always stored in OCI Vault service.
• C. Encryption is enabled by default and cannot be turned off.
• D. Each object in a bucket is always encrypted with the same data encryption key.

Answer: B

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Tasks/usingyourencryptionkeys.htm

NEW QUESTION 19

for IP addresses or CIDR
You create an autoscaling configuration of Linux compute instances in Oracle Cloud Infrastructure (OCI). You noticed that your application is running slow.
After checking your compute instances, you noticed that autoscaling is not launching additional instances, even though the existing compute instances already have high memory usage.
How can you resolve this issue?

• A. Modify the scaling policy to monitor memory usage and scale up the number of instances when it meets the threshold.
• B. Modify the scaling policy to monitor CPU usage and scale up the number of instances when it meets the threshold.
• C. Install the monitoring agent to all compute instances which will trigger the autoscaling group.
• D. Install OCI SDK in all compute instances and create a script that will trigger the autoscaling event if there is high memory usage.

Answer: B

NEW QUESTION 20

When creating a subnet, one or more placeholder security lists are often associated with the subnet. Why?

• A. Each operator needs its own security list.
• B. Each protocol needs its own security list.
• C. Each network endpoint or instance in the subnet needs its own security list.
• D. It is not possible to add or remove security lists after a subnet is created.

Answer: C

Explanation:
References: https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/securitylists.htm?tocpath=Services%7CNetworki

NEW QUESTION 21

You had an outage in your application caused by the loss of a shared volume provisioned by File Storage Service (FSS). At this point, you need to restore the data from a snapshot you created of the FSS.
What are the steps to restore the data?

• A. Access the directory where the shared volume is mounted, then cd into .snapshot folder, find the snapshot folder you want to recover and use cp or rsync tool to copy the files to the original location.
• B. Open OCI Console, select File Storage Service, find the shared storage, then click on snapshot and restore.
• C. Open OCI Console, select File Storage Service, find the snapshot you created and click restore.
• D. Access the directory, where you mounted the shared volume, then cd into .snapshot folder and find the snapshot folder you want to recover and rename that folder to the original folder name.

Answer: B

NEW QUESTION 22
......