Skip to Content

Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) Exam Questions and Answers – Page 2

The latest Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) exam and earn Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification.

Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) Exam Questions and Answers

Question 101

Question

Which three load-balancing policies can be used with a back end set? (Choose three.)

A. Throughput
B. IP Hash
C. Weighted Round Robin
D. CPU Utilization
E. Least Connections

Answer

B. IP Hash
C. Weighted Round Robin
E. Least Connections

Explanation

After you create a load balancer, you can apply policies to control traffic distribution to your backend servers. The Load Balancing service supports three primary policy types:

  • Round Robin
  • Least Connections
  • IP Hash

Question 102

Question

You are an administrator with an application running on OCI. The company has a fleet of OCI compute virtual instances behind an OCI Load Balancer. The OCI Load Balancer Backend Set health check API is providing a “Critical” level warning. You have confirmed that your application is running healthy on the backend servers.
What is the possible reason for this “Critical” warning?

A. A user does not have correct IAM credentials on the Backend Servers.
B. The Backend Server VCN’s Route Table does not include the route for OCI LB.
C. OCI Load Balancer Listener is not configured correctly.
D. The Backend Server VCN’s Security List does not include the IP range for the source of the health check requests.

Answer

D. The Backend Server VCN’s Security List does not include the IP range for the source of the health check requests.

Explanation

In this case, your security rules might not include the IP range for the source of the health check requests. You can find the health check source IP on the Details page for each backend server. You can also use the API to find the IP in the sourceIpAddress field of the HealthCheckResult object.

References

Oracle Cloud Infrastructure Documentation > Editing Health Check Policies > Using Health Status

Question 103

Question

You are in the process of setting up a highly available student registration website on Oracle Cloud Infrastructure (OCI). You use a load balancer and a database service on OCI. You launch two compute instances each in a different subnet and add them to the back end set of a public load balancer. The load balancer is configured correctly and working. You then deploy the student registration application on these two compute instances. The application can communicate with the database service. However, when you type the URL of this student registration application in your browser, no web page appears.
What could be the cause?

A. The security lists of the subnets on which the two instances are located do not have “allow” rules for port 80 and 443.
B. The load balancer performed a health check on the application and found that compute instances were not in a healthy state and terminated the instances.
C. The client requested HTTPS access to the application and the load balancer service does not support end-to-end SSL from the client to the listener to the back-end set.
D. The Dynamic Routing Gateway is preventing the client traffic from your data center network from reaching the public IP of the load balancer.

Answer

A. The security lists of the subnets on which the two instances are located do not have “allow” rules for port 80 and 443.

Question 104

Question

Your company has decided to move a few applications to Oracle Cloud Infrastructure and you have been asked to design it for Disaster Recovery (DR). One of the items of your design is to deploy the DR at least 300 miles from the home site and minimize the network latency as much as possible.
Based on that, what will be the recommended deployment?

A. Deploy applications in two separated VCNs in different Availability Domains and use VCN Remote Peering.
B. Deploy applications in different regions and have them connected using VCN Remote Peering.
C. Deploy applications in two separated VCNs in different regions and use VCN Local Peering.
D. Deploy applications on the same region splitting workloads across Availability Domains.

Answer

B. Deploy applications in different regions and have them connected using VCN Remote Peering.

Question 105

Question

You have multiple applications installed on a compute instance and these applications generate a large amount of log files. These log files must reside on the boot volume for a minimum of 15 days and must be retained for at least 60 days. The 60-day retention requirement is causing an issue with available disk space.
What are the two recommended methods to provide additional boot volume space for this compute instance? (Choose two.)

A. Terminate the instance while preserving the boot volume. Create a new instance from the boot volume and select a DenseIO shape to take advantage of local NVMe storage.
B. Create an object storage bucket and use a script that runs daily to move log files older than 15 days to the bucket.
C. Create and attach a block volume to the compute instance and copy the log files.
D. Create a custom image and launch a new compute instance with a larger boot volume size.
E. Write a custom script to remove the log files on a daily basis and free up the space on the boot volume.

Answer

B. Create an object storage bucket and use a script that runs daily to move log files older than 15 days to the bucket.
D. Create a custom image and launch a new compute instance with a larger boot volume size.

Explanation

These log files must reside on the boot volume for a minimum of 15 days so you have to increase the boot Volume

Question 106

Question

Which two statements are true about Oracle Cloud Infrastructure (OCI) DB Systems?

A. Customers have no control over database patching.
B. The database and backups are encrypted by default.
C. Customers can consolidate multiple database homes on a single virtual machine database host.
D. Customers can manage the TDE Wallet after DB Systems is provisioned.

Answer

B. The database and backups are encrypted by default.
D. Customers can manage the TDE Wallet after DB Systems is provisioned.

Explanation

All databases created in Oracle Cloud Infrastructure are encrypted using transparent data encryption (TDE).
Oracle Cloud Infrastructure encrypts all managed backups in the object store. Oracle uses the Database Transparent Encryption feature by default for encrypting the backups. and the customers can manage the TDE Wallet after DB Systems are provisioned.

Question 107

Question

Which two actions will occur when a back-end server that is registered with a backend set is marked to drain connections? (Choose two.)

A. It disallows new connections to that backend server.
B. It keeps the connections to that instance open and attempts to complete any in-flight requests.
C. It redirects the requests to a user-defined error page.
D. It immediately closes all existing connections to that instance.
E. It forcibly closes all connections to that instance after a timeout period.

Answer

A. It disallows new connections to that backend server.
B. It keeps the connections to that instance open and attempts to complete any in-flight requests.

Explanation

The Load Balancing service considers a server marked drain available for existing persisted sessions. New requests that are not part of an existing persisted session are not sent to that server.

References

Oracle Cloud Infrastructure Documentation > Backend Server Management

Question 108

Question

Which three methods can you use to manage Oracle Cloud Infrastructure services? (Choose three.)

A. Oracle Cloud Infrastructure Desktop Client
B. Oracle Cloud Infrastructure Console
C. SSH or RDP
D. Command-line Interface
E. REST API

Answer

B. Oracle Cloud Infrastructure Console
D. Command-line Interface
E. REST API

References

Oracle Cloud Infrastructure Documentation > Welcome to Oracle Cloud Infrastructure

Question 109

Question

Which two statements about file storage service (FSS) are accurate? (Choose two.)

A. FSS leverages UNIX user group and permission checking for file access security
B. Encryption of file system in FSS is optional
C. Identity and Access Management (IAM) controls which file systems are mountable by which instances
D. Security lists can be used as a virtual firewall to prevent an instance from mounting an FSS mount target within the same subnet
E. Data in transit to an FSS mount target is encrypted

Answer

A. FSS leverages UNIX user group and permission checking for file access security
E. Data in transit to an FSS mount target is encrypted

Explanation

All data is encrypted at rest. and In-transit encryption provides a way to secure your data between instances and mounted file systems using TLS v. 1.2 (Transport Layer Security) encryption. File Storage service supports the AUTH_UNIX style of authentication and permission checking for remote NFS client requests.

Question 110

Question

A company currently uses Microsoft Active Directory as its identity provider. The company recently subscribed to Oracle Cloud Infrastructure (OCI) to leverage the cloud platform for test and development. As the administrator, you configured the OCI tenancy to be federated with Microsoft Active Directory. Now you need to give access to developers so that they can start creating resources in their OCI accounts.
Which step will you perform to make sure you are not duplicating user creation inside of OCI tenancy?

A. Create a group for developers on OCI and map the group to a similar group in Microsoft Active Directory during the federation process.
B. Create a new user account in OCI for each user, and then create policies to provide access to developers.
C. Create a group for developers on OCI, export all the developers from Microsoft Active Directory, and then import them into the Identity and Access Management (IAM) group.
D. Create a single user account in OCI, and then create policies to provide access to developers to this single account.

Answer

A. Create a group for developers on OCI and map the group to a similar group in Microsoft Active Directory during the federation process.

Explanation

When working with your IdP, your administrator defines groups and assigns each user to one or more groups according to the type of access the user needs. Oracle Cloud Infrastructure also uses the concept of groups (in conjunction with IAM policies) to define the type of access a user has. As part of setting up the relationship with the IdP, your administrator can map each IdP group to a similarly defined IAM group, so that your company can re-use the IdP group definitions when authorizing user access to Oracle Cloud Infrastructure resources.

Tags

Tags

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker