The latest Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) exam and earn Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification.
Table of Contents
- Question 201
- Question
- Answer
- Question 202
- Question
- Answer
- References
- Question 203
- Question
- Answer
- Explanation
- Question 204
- Question
- Answer
- Explanation
- Question 205
- Question
- Answer
- References
- Question 206
- Question
- Answer
- References
- Question 207
- Question
- Answer
- Question 208
- Question
- Answer
- Explanation
- Question 209
- Question
- Answer
- Question 210
- Question
- Answer
- Explanation
- References
Question 201
Question
Given: When creating multiple subnets within a Virtual Cloud Network (VCN), security lists are often made to group common services, for example, SSH and RDP (remote access), 80 and 443 (HTTP), and so on.
By default, what is the maximum number of security lists that can be associated with a subnet upon creation?
A. 4
B. 2
C. 5
D. 3
Answer
C. 5
Question 202
Question
You have provisioned an Autonomous Data Warehouse (ADW) database with 16 enabled OCPUs and need to configure the consumer group for your application.
Which two are true when deciding the number of sessions for each application? (Choose two.)
A. The MEDIUM and LOW consumer group can run up to 16 concurrent SQL statements if HIGH consumer group has 0 SQL statements
B. The HIGH consumer group can run up to 16 concurrent SQL statements as long as MEDIUM and LOW consumer groups have 0 SQL statements
C. The MEDIUM consumer group can run 20 concurrent SQL statements when HIGH consumer group has 0 SQL statements
D. The HIGH consumer group can run up to 16 concurrent SQL statements in addition to 32 concurrent SQL statements in MEDIUM and LOW consumer group each
E. The HIGH consumer group can run 3 concurrent SQL statements when MEDIUM consumer group has 0 SQL statements
Answer
C. The MEDIUM consumer group can run 20 concurrent SQL statements when HIGH consumer group has 0 SQL statements
E. The HIGH consumer group can run 3 concurrent SQL statements when MEDIUM consumer group has 0 SQL statements
References
Using Oracle Autonomous Database on Shared Exadata Infrastructure > Managing and Monitoring Performance of Autonomous Database
Question 203
Question
You deployed a compute instance (VM.Standard2.16) to run a SQL database. After a few weeks, you need to increase disk performance by using NVMe disks; the number of CPUs will not change. As a first step you terminate the instance and preserve the boot volume.
What is the next step?
A. Create a new instance using a VM.DenseIO2.16 shape using the preserved boot volume and move the SQL Database data to block volume
B. Create a new instance using a VM.DenseIO2.8 shape using the preserved boot volume and move the SQL Database data to NVMe disks
C. Create a new instance using a VM.Standard1.16 shape using the preserved boot volume and move the SQL Database data to NVMe disks
D. Create a new instance using a VM.DenseIO2.16 shape using the preserved boot volume move the SQL Database data to NVMe disks
Answer
D. Create a new instance using a VM.DenseIO2.16 shape using the preserved boot volume move the SQL Database data to NVMe disks
Explanation
Increase disk performance by using NVMe disks you can use Dense IO Shape also as the number of CPUs will not change so we should VM.DenseIO2.16
Question 204
Question
Which of the following statement is true regarding Oracle Cloud Infrastructure Object Storage Pre-Authenticated Requests?
A. It Is not possible to create pre-authenticated requests for “archive” storage tier
B. Changing the bucket visibility does not change existing pre-authenticated requests
C. It is not possible to create pre-authenticated requests for the buckets, but only for the objects
D. Pre-authenticated requests don’t have an expiration
Answer
B. Changing the bucket visibility does not change existing pre-authenticated requests
Explanation
Pre-authenticated requests provide a way to let users access a bucket or an object without having their own credentials, as long as the request creator has permissions to access those objects. For example, you can create a request that lets an operations support user upload backups to a bucket without owning API keys. Or, you can create a request that lets a business partner update shared data in a bucket without owning API keys.
When you create a pre-authenticated request, a unique URL is generated. Anyone you provide this URL to can access the Object Storage resources identified in the pre-authenticated request, using standard HTTP tools like curl and wget.
Understand the following scope and constraints regarding pre-authenticated requests:
- Users can’t list bucket contents.
- You can create an unlimited number of pre-authenticated requests.
- There is no time limit to the expiration date that you can set.
- You can’t edit a pre-authenticated request. If you want to change user access options in response to changing requirements, you must create a new pre-authenticated request.
- The target and actions for a pre-authenticated request are based on the creator’s permissions. The request is not, however, bound to the creator’s account login credentials. If the creator’s login credentials change, a pre-authenticated request is not affected.
- You cannot delete a bucket that has a pre-authenticated request associated with that bucket or with an object in that bucket.
Understand the following scope and constraints regarding public access:
- Changing the type of access is bi-directional. You can change a bucket’s access from public to private or from private to public.
- Changing the type of access doesn’t affect existing pre-authenticated requests. Existing pre-authenticated requests still work.
Question 205
Question
Why are two subnets required to create a public load balancer when additional subnets are often used for back-end servers? (Choose two.)
A. Routing is simpler when the load balancer is not in the same subnet as the back-end server.
B. Performance is higher when more subnets are used.
C. Additional subnets for back-end servers allow for separate route tables for these servers.
D. Additional subnets for back-end servers allow for separate security lists for these servers.
Answer
B. Performance is higher when more subnets are used.
D. Additional subnets for back-end servers allow for separate security lists for these servers.
References
Oracle by Example branding Creating a Load Balancer Using Oracle Cloud Infrastructure Load Balancing
Question 206
Question
You are implementing Oracle Cloud Infrastructure (OCI) FastConnect to access OCI public access points (e.g.: object storage). You want other Internet traffic from your on-premises environment to use your existing connection with your ISP.
What is the correct way to establish OCI FastConnect to access these OCI public endpoints?
A. Configure private peering on your FastConnect link. Redistribute BGP routes learned into your existing routing table and advertise a default from your network infrastructure to OCI.
B. Configure private peering on your FastConnect link with a static route that points to OCI object storage service.
C. Configure public peering on your FastConnect link with a static route that points to OCI object storage service.
D. Configure public peering on your FastConnect link. Redistribute BGP routes learned into your existing routing table and advertise a specific route for your network infrastructure to OCI.
Answer
D. Configure public peering on your FastConnect link. Redistribute BGP routes learned into your existing routing table and advertise a specific route for your network infrastructure to OCI.
References
Connectivity – FastConnect Level 200 (PDF)
Question 207
Question
Which two statements are true about data guard service on DB Systems in Oracle Cloud Infrastructure (OCI)? (Choose two.)
A. Data guard implementation requires two DB Systems, one running the primary database on a virtual machine and the standby database running on bare metal
B. Data guard configuration on the OCI is limited to one standby database per primary database
C. Data guard configuration on the OCI is limited to a virtual machine only
D. Data guard implementation requires two DB Systems, one containing the primary database and one containing the standby database
Answer
B. Data guard configuration on the OCI is limited to one standby database per primary database
D. Data guard implementation requires two DB Systems, one containing the primary database and one containing the standby database
Question 208
Question
You have two NFS clients running in two different subnets within the same Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN). You have created a shared file system for the two NFS clients who want to connect to the same file system, but you want to restrict one of the clients to have READ access while the other has READ/Write access. Which OCI feature would you leverage to meet this requirement?
A. Use VCN security rules to control access for the NFS clients
B. Use OCI Identity Access Management to control access for the NFS clients
C. Use File Storage NFS Export Options to control access for the NFS clients
D. Use NFS security to control access for the NES clients
Answer
C. Use File Storage NFS Export Options to control access for the NFS clients
Explanation
Oracle Cloud Infrastructure File Storage service provides a durable, scalable, secure, enterprise-grade network file system. You can connect to a File Storage service file system from any bare metal, virtual machine, or container instance in your Virtual Cloud Network (VCN). You can also access a file system from outside the VCN using Oracle Cloud Infrastructure FastConnect and Internet Protocol security (IPSec) virtual private network (VPN).
EXPORT
Exports control how NFS clients access file systems when they connect to a mount target. File systems are exported (made available) through mount targets. Each mount target maintains an export set which contains one or many exports. A file system must have at least one export in one mount target in order for instances to mount the file system. The information used by an export includes the file system OCID, mount target OCID, export set OCID, export path, and client export options. For more information, see Managing Mount Targets.
EXPORT SET
Collection of one or more exports that control what file systems the mount target exports using NFSv3 protocol and how those file systems are found using the NFS mount protocol. Each mount target has an export set. Each file system associated with the mount target has at least one export in the export set.
EXPORT PATH
A path that is specified when an export is created. It uniquely identifies the file system within the mount target, letting you associate up to 100 file systems to a single mount target. This path is unrelated to any path within the file system itself, or the client mount point path.
EXPORT OPTIONS
NFS export options are a set of parameters within the export that specify the level of access granted to NFS clients when they connect to a mount target. An NFS export options entry within an export defines access for a single IP address or CIDR block range. For more information, see Working with NFS Export Options.
Question 209
Question
Which certificate format is used with the load balancer?
A. PFX
B. PEM
C. PKCS12
D. CRT
Answer
B. PEM
Question 210
Question
Which two statements about fault domains are true? (Choose two.)
A. A fault domain is a grouping of hardware and infrastructure within an availability domain
B. Each availability domain contains three fault domains
C. A failed instance in a fault domain is automatically relaunched
D. A fault domain is selected automatically based on usage data
Answer
A. A fault domain is a grouping of hardware and infrastructure within an availability domain
B. Each availability domain contains three fault domains
Explanation
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain contains three fault domains. Fault domains provide anti-affinity: they let you distribute your instances so that the instances are not on the same physical hardware within a single availability domain.
References
Oracle Cloud Infrastructure Blog > Using Availability Domains and Fault Domains to Improve Application Resiliency