The latest Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) exam and earn Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification.
Table of Contents
- Exam Question 1
- Question
- Answer
- References
- Exam Question 2
- Question
- Answer
- References
- Exam Question 3
- Question
- Answer
- References
- Exam Question 4
- Question
- Answer
- References
- Exam Question 5
- Question
- Answer
- References
- Exam Question 6
- Question
- Answer
- Exam Question 7
- Question
- Answer
- Explanation
- Exam Question 8
- Question
- Answer
- References
- Exam Question 9
- Question
- Answer
- References
- Exam Question 10
- Question
- Answer
Exam Question 1
Question
You have an Oracle Cloud Infrastructure (OCI) load balancer distributing traffic via an evenly-weighted round-robin policy to your back-end web servers. You notice that one of your web servers is receiving more traffic than other web servers. How can you resolve this to make sure traffic is evenly distributed across all back-end webservers?
A. Disable cookie-based session persistence on your backend set.
B. Change keep-alive setting between the load balancer and backend server.
C. Disable SSL configuration associated with your backend set.
D. Create separate listeners for each backend web server.
Answer
D. Create separate listeners for each backend web server.
References
Oracle Cloud Infrastructure Documentation > Overview of Load Balancing
Exam Question 2
Question
Which two are Regional resources in Oracle Cloud Infrastructure? (Choose two.)
A. Ephemeral public IPs
B. Compartments
C. Compute images
D. Dynamic groups
E. Block volume backups
Answer
B. Compartments
D. Dynamic groups
References
Oracle Cloud Infrastructure Documentation > Regions and Availability Domains
Exam Question 3
Question
You are a system administrator of your company and you are asked to manage updates and patches across all your compute instances running Oracle Linux in Oracle Cloud Infrastructure (OCI). As part of your task, you need to apply all the latest kernel security updates to all instances. Which OCI service will allow you to complete this task?
A. Resource Manager
B. OS Management
C. Storage Gateway
D. Streaming
E. Registry
Answer
B. OS Management
References
Oracle Cloud Infrastructure Blog > OS Management with Oracle Cloud Infrastructure
Exam Question 4
Question
You need to set up instance principals so that an application running on an instance can call Oracle Cloud Infrastructure (OCI) public services, without the need to configure user credentials. A developer in your team has already configured the application built using an OCI SDK to authenticate using the instance principals provider. Which is NOT a necessary step to complete this setup?
A. Create a dynamic group with matching rules to specify which instances you want to allow to make API calls against services.
B. Generate Auth Tokens to enable instances in the dynamic group to authenticate with APIs.
C. Create a policy granting permissions to the dynamic group to access services in your compartment or tenancy.
D. Deploy the application and the SDK to all the instances that belong to the dynamic group.
Answer
D. Deploy the application and the SDK to all the instances that belong to the dynamic group.
References
Oracle Cloud Infrastructure Blog > Announcing Instance Principals for Identity and Access Management
Exam Question 5
Question
You work for a health insurance company that stores a large number of patient health records in an Oracle Cloud Infrastructure (OCI) Object Storage bucket named “HealthRecords”. Each record needs to be securely stored for a period of 5 years for regulatory compliance purposes and cannot be modified, overwritten or deleted during this time period. What can you do to meet this requirement?
A. Create an OCI Object Storage Lifecycle Policies rule to archive objects in the HealthRecords bucket for five years.
B. Create an OCI Object Storage time-bound Retention Rule on the HealthRecords bucket for five years. Enable Retention Rule Lock on this bucket.
C. Enable encryption on the HealthRecords bucket using your own vault master encryption keys.
D. Enable versioning on the HealthRecords bucket.
Answer
B. Create an OCI Object Storage time-bound Retention Rule on the HealthRecords bucket for five years. Enable Retention Rule Lock on this bucket.
References
Oracle Cloud Infrastructure Documentation > Using Retention Rules to Preserve Data
Exam Question 6
Question
A financial firm is designing an application architecture for its online trading platform that must have high availability and fault tolerance. Their solutions architect configured the application to use an Oracle Cloud Infrastructure Object Storage bucket located in the US West (us-phoenix-1) region to store large amounts of financial data. The stored financial data in the bucket must not be affected even if there is an outage in one of the Availability Domains or a complete region. What should the architect do to avoid any costly service disruptions and ensure data durability?
A. Create a new Object Storage bucket in another region and configure lifecycle policy to move data every 5 days.
B. Create a lifecycle policy to regularly send data from Standard to Archive storage.
C. Copy the Object Storage bucket to a block volume.
D. Create a replication policy to send data to a different bucket in another OCI region.
Answer
A. Create a new Object Storage bucket in another region and configure lifecycle policy to move data every 5 days.
Exam Question 7
Question
You created a public subnet and an internet gateway in your virtual cloud network (VCN) of Oracle Cloud Infrastructure. The public subnet has an associated route table and security list. However, after creating several compute instances in the public subnet, none can reach the Internet. Which two are possible reasons for the connectivity issue? (Choose two.)
A. The route table has no default route for routing traffic to the internet gateway.
B. There is no stateful egress rule in the security list associated with the public subnet.
C. There is no dynamic routing gateway (DRG) associated with the VCN.
D. There is no stateful ingress rule in the security list associated with the public subnet.
E. A NAT gateway is needed to enable the communication flow to internet.
Answer
A. The route table has no default route for routing traffic to the internet gateway.
D. There is no stateful ingress rule in the security list associated with the public subnet.
Explanation
An internet gateway as an optional virtual router that connects the edge of the VCN with the internet. To use the gateway, the hosts on both ends of the connection must have public IP addresses for routing. Connections that originate in your VCN and are destined for a public IP address (either inside or outside the VCN) go through the internet gateway. Connections that originate outside the VCN and are destined for a public IP address inside the VCN go through the internet gateway.
Working with Internet Gateways
You create an internet gateway in the context of a specific VCN. In other words, the internet gateway is automatically attached to a VCN. However, you can disable and re-enable the internet gateway at any time.
Compare this with a dynamic routing gateway (DRG), which you create as a standalone object that you then attach to a particular VCN. DRGs use a different model because they’re intended to be modular building blocks for privately connecting VCNs to your on-premises network.
For traffic to flow between a subnet and an internet gateway, you must create a route rule accordingly in the subnet’s route table (for example, destination CIDR = 0.0.0.0/0 and target = internet gateway). If the internet gateway is disabled, that means no traffic will flow to or from the internet even if there’s a route rule that enables that traffic. For more information, see Route Tables.
For the purposes of access control, you must specify the compartment where you want the internet gateway to reside. If you’re not sure which compartment to use, put the internet gateway in the same compartment as the cloud network. For more information, see Access Control.
You may optionally assign a friendly name to the internet gateway. It doesn’t have to be unique, and you can change it later. Oracle automatically assigns the internet gateway a unique identifier called an Oracle Cloud ID (OCID). For more information, see Resource Identifiers.
To delete an internet gateway, it does not have to be disabled, but there must not be a route table that lists it as a target.
AS per compute instances can connect to the Internet so you use egress no ingress
Exam Question 8
Question
Which two methods are supported for migrating your on-premises Oracle database to an Oracle Autonomous Transaction Processing (ATP) database in Oracle Cloud Infrastructure? (Choose two.)
A. Load text files into ATP using SQL Developer.
B. Use RMAN duplicate.
C. Use Oracle Data Pump.
D. Transfer the physical database files and re-create the database.
E. Use database backup and restore.
Answer
C. Use Oracle Data Pump.
D. Transfer the physical database files and re-create the database.
References
Migrate an on-premises Oracle Database deployment to an autonomous database
Exam Question 9
Question
Which statement is NOT true about the Oracle Cloud Infrastructure Object Storage service?
A. Object storage resources can be shared across tenancies.
B. Immutable option for data stored in the Object Storage can be set via retention rules.
C. Object versioning is enabled at namespace level.
D. Object lifecycle rules can be used to either archive or delete objects.
Answer
B. Immutable option for data stored in the Object Storage can be set via retention rules.
References
Oracle Cloud Infrastructure Documentation > Using Object Versioning
Exam Question 10
Question
You have an AI/ML application running on Oracle Cloud Infrastructure. You identified that the application needs GPU and at least 20Gbps Network throughput. The application is currently using a VM.Standard2.1 compute without any block storage attached to it. Which two options allow you to get your required performance for your application? (Choose two.)
A. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved, but no block volume attached.
B. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.Standard2.2 shape using the boot volume preserved, but no block volume attached.
C. Terminate the compute instance preserving the boot volume. Create a new compute instance using the VM.GPU3.4 shape using the boot volume preserved and use the NVMe devices to host your application.
D. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.HPC2.36 shape using the boot volume preserved and use the NVMe devices to host your application.
E. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved and attach a new block volume to host your application.
Answer
D. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.HPC2.36 shape using the boot volume preserved and use the NVMe devices to host your application.
E. Terminate the compute instance preserving the boot volume. Create a new compute instance using the BM.GPU2.2 shape using the boot volume preserved and attach a new block volume to host your application.