The latest Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) exam and earn Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification.
Table of Contents
- Question 101
- Question
- Answer
- Explanation
- Question 102
- Question
- Answer
- Explanation
- References
- Question 103
- Question
- Answer
- Question 104
- Question
- Answer
- Question 105
- Question
- Answer
- Explanation
- Question 106
- Question
- Answer
- Explanation
- Question 107
- Question
- Answer
- Explanation
- References
- Question 108
- Question
- Answer
- References
- Question 109
- Question
- Answer
- Explanation
- Question 110
- Question
- Answer
- Explanation
Question 101
Question
Which three load-balancing policies can be used with a back end set? (Choose three.)
A. Throughput
B. IP Hash
C. Weighted Round Robin
D. CPU Utilization
E. Least Connections
Answer
B. IP Hash
C. Weighted Round Robin
E. Least Connections
Explanation
After you create a load balancer, you can apply policies to control traffic distribution to your backend servers. The Load Balancing service supports three primary policy types:
- Round Robin
- Least Connections
- IP Hash
Question 102
Question
You are an administrator with an application running on OCI. The company has a fleet of OCI compute virtual instances behind an OCI Load Balancer. The OCI Load Balancer Backend Set health check API is providing a “Critical” level warning. You have confirmed that your application is running healthy on the backend servers.
What is the possible reason for this “Critical” warning?
A. A user does not have correct IAM credentials on the Backend Servers.
B. The Backend Server VCN’s Route Table does not include the route for OCI LB.
C. OCI Load Balancer Listener is not configured correctly.
D. The Backend Server VCN’s Security List does not include the IP range for the source of the health check requests.
Answer
D. The Backend Server VCN’s Security List does not include the IP range for the source of the health check requests.
Explanation
In this case, your security rules might not include the IP range for the source of the health check requests. You can find the health check source IP on the Details page for each backend server. You can also use the API to find the IP in the sourceIpAddress field of the HealthCheckResult object.
References
Oracle Cloud Infrastructure Documentation > Editing Health Check Policies > Using Health Status
Question 103
Question
You are in the process of setting up a highly available student registration website on Oracle Cloud Infrastructure (OCI). You use a load balancer and a database service on OCI. You launch two compute instances each in a different subnet and add them to the back end set of a public load balancer. The load balancer is configured correctly and working. You then deploy the student registration application on these two compute instances. The application can communicate with the database service. However, when you type the URL of this student registration application in your browser, no web page appears.
What could be the cause?
A. The security lists of the subnets on which the two instances are located do not have “allow” rules for port 80 and 443.
B. The load balancer performed a health check on the application and found that compute instances were not in a healthy state and terminated the instances.
C. The client requested HTTPS access to the application and the load balancer service does not support end-to-end SSL from the client to the listener to the back-end set.
D. The Dynamic Routing Gateway is preventing the client traffic from your data center network from reaching the public IP of the load balancer.
Answer
A. The security lists of the subnets on which the two instances are located do not have “allow” rules for port 80 and 443.
Question 104
Question
Your company has decided to move a few applications to Oracle Cloud Infrastructure and you have been asked to design it for Disaster Recovery (DR). One of the items of your design is to deploy the DR at least 300 miles from the home site and minimize the network latency as much as possible.
Based on that, what will be the recommended deployment?
A. Deploy applications in two separated VCNs in different Availability Domains and use VCN Remote Peering.
B. Deploy applications in different regions and have them connected using VCN Remote Peering.
C. Deploy applications in two separated VCNs in different regions and use VCN Local Peering.
D. Deploy applications on the same region splitting workloads across Availability Domains.
Answer
B. Deploy applications in different regions and have them connected using VCN Remote Peering.
Question 105
Question
You have multiple applications installed on a compute instance and these applications generate a large amount of log files. These log files must reside on the boot volume for a minimum of 15 days and must be retained for at least 60 days. The 60-day retention requirement is causing an issue with available disk space.
What are the two recommended methods to provide additional boot volume space for this compute instance? (Choose two.)
A. Terminate the instance while preserving the boot volume. Create a new instance from the boot volume and select a DenseIO shape to take advantage of local NVMe storage.
B. Create an object storage bucket and use a script that runs daily to move log files older than 15 days to the bucket.
C. Create and attach a block volume to the compute instance and copy the log files.
D. Create a custom image and launch a new compute instance with a larger boot volume size.
E. Write a custom script to remove the log files on a daily basis and free up the space on the boot volume.
Answer
B. Create an object storage bucket and use a script that runs daily to move log files older than 15 days to the bucket.
D. Create a custom image and launch a new compute instance with a larger boot volume size.
Explanation
These log files must reside on the boot volume for a minimum of 15 days so you have to increase the boot Volume
Question 106
Question
Which two statements are true about Oracle Cloud Infrastructure (OCI) DB Systems?
A. Customers have no control over database patching.
B. The database and backups are encrypted by default.
C. Customers can consolidate multiple database homes on a single virtual machine database host.
D. Customers can manage the TDE Wallet after DB Systems is provisioned.
Answer
B. The database and backups are encrypted by default.
D. Customers can manage the TDE Wallet after DB Systems is provisioned.
Explanation
All databases created in Oracle Cloud Infrastructure are encrypted using transparent data encryption (TDE).
Oracle Cloud Infrastructure encrypts all managed backups in the object store. Oracle uses the Database Transparent Encryption feature by default for encrypting the backups. and the customers can manage the TDE Wallet after DB Systems are provisioned.
Question 107
Question
Which two actions will occur when a back-end server that is registered with a backend set is marked to drain connections? (Choose two.)
A. It disallows new connections to that backend server.
B. It keeps the connections to that instance open and attempts to complete any in-flight requests.
C. It redirects the requests to a user-defined error page.
D. It immediately closes all existing connections to that instance.
E. It forcibly closes all connections to that instance after a timeout period.
Answer
A. It disallows new connections to that backend server.
B. It keeps the connections to that instance open and attempts to complete any in-flight requests.
Explanation
The Load Balancing service considers a server marked drain available for existing persisted sessions. New requests that are not part of an existing persisted session are not sent to that server.
References
Oracle Cloud Infrastructure Documentation > Backend Server Management
Question 108
Question
Which three methods can you use to manage Oracle Cloud Infrastructure services? (Choose three.)
A. Oracle Cloud Infrastructure Desktop Client
B. Oracle Cloud Infrastructure Console
C. SSH or RDP
D. Command-line Interface
E. REST API
Answer
B. Oracle Cloud Infrastructure Console
D. Command-line Interface
E. REST API
References
Oracle Cloud Infrastructure Documentation > Welcome to Oracle Cloud Infrastructure
Question 109
Question
Which two statements about file storage service (FSS) are accurate? (Choose two.)
A. FSS leverages UNIX user group and permission checking for file access security
B. Encryption of file system in FSS is optional
C. Identity and Access Management (IAM) controls which file systems are mountable by which instances
D. Security lists can be used as a virtual firewall to prevent an instance from mounting an FSS mount target within the same subnet
E. Data in transit to an FSS mount target is encrypted
Answer
A. FSS leverages UNIX user group and permission checking for file access security
E. Data in transit to an FSS mount target is encrypted
Explanation
All data is encrypted at rest. and In-transit encryption provides a way to secure your data between instances and mounted file systems using TLS v. 1.2 (Transport Layer Security) encryption. File Storage service supports the AUTH_UNIX style of authentication and permission checking for remote NFS client requests.
Question 110
Question
A company currently uses Microsoft Active Directory as its identity provider. The company recently subscribed to Oracle Cloud Infrastructure (OCI) to leverage the cloud platform for test and development. As the administrator, you configured the OCI tenancy to be federated with Microsoft Active Directory. Now you need to give access to developers so that they can start creating resources in their OCI accounts.
Which step will you perform to make sure you are not duplicating user creation inside of OCI tenancy?
A. Create a group for developers on OCI and map the group to a similar group in Microsoft Active Directory during the federation process.
B. Create a new user account in OCI for each user, and then create policies to provide access to developers.
C. Create a group for developers on OCI, export all the developers from Microsoft Active Directory, and then import them into the Identity and Access Management (IAM) group.
D. Create a single user account in OCI, and then create policies to provide access to developers to this single account.
Answer
A. Create a group for developers on OCI and map the group to a similar group in Microsoft Active Directory during the federation process.
Explanation
When working with your IdP, your administrator defines groups and assigns each user to one or more groups according to the type of access the user needs. Oracle Cloud Infrastructure also uses the concept of groups (in conjunction with IAM policies) to define the type of access a user has. As part of setting up the relationship with the IdP, your administrator can map each IdP group to a similarly defined IAM group, so that your company can re-use the IdP group definitions when authorizing user access to Oracle Cloud Infrastructure resources.