The latest Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) exam and earn Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification.
Table of Contents
- Question 31
- Question
- Answer
- Explanation
- Question 32
- Question
- Answer
- Question 33
- Question
- Answer
- Refereces
- Question 34
- Question
- Answer
- Explanation
- References
- Question 35
- Question
- Answer
- Question 36
- Question
- Answer
- Question 37
- Question
- Answer
- Question 38
- Question
- Answer
- Explanation
- Question 39
- Question
- Answer
- Explanation
- Question 40
- Question
- Answer
- Explanation
Question 31
Question
You deployed a web server in Oracle Cloud Infrastructure using an ephemeral public IP. After a few changes in your web server configuration, you rebooted the server and a new public IP was associated to your instance.
What should you do to prevent this from happening again?
A. Create a reserved public IP and associate it with the security list that your complete instance is using
B. Create a reserved public IP and associate it with the subnet of your compute instance
C. Create a reserved public IP and associate it with the VNIC of your compute instance
D. Create a reserved public IP and associate it with the hosts file of your web server
Answer
C. Create a reserved public IP and associate it with the VNIC of your compute instance
Explanation
A public IP address is an IPv4 address that is reachable from the internet. If a resource in your tenancy needs to be directly reachable from the internet, it must have a public IP address.
Depending on the type of resource, there might be other requirements. There are two types of public IPs:
- Ephemeral: Think of it as temporary and existing for the lifetime of the instance. Reserved: Think of it as persistent and existing beyond the lifetime of the instance it’s assigned to. You can unassign it and then reassign it to another instance whenever you like.
- Exception: reserved public IPs on public load balancers.
To create a new reserved public IP in your pool
- Confirm you’re viewing the region and compartment where you want to create the reserved public IP.
- Open the navigation menu. Under Core Infrastructure, go to Networking and click Public IPs.
- Click Create Reserved Public IP.
- Enter the following:
- Name: An optional friendly name for the reserved public IP. The name doesn’t have to be unique, and you can change it later. Avoid entering confidential information.
- Compartment: Leave as is.
- Tags: Optionally, you can apply tags. If you have permissions to create a resource, you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags.
- If you are not sure if you should apply tags, skip this option (you can apply tags later) or ask your administrator.
- Click Create Reserved Public IP.
To assign a reserved public IP to a private IP
- Prerequisite: The private IP must not have an ephemeral or reserved public IP already assigned to it. If it does, first delete the ephemeral public IP, or unassign the reserved public IP. Confirm you’re viewing the compartment that contains the instance with the private IP you’re interested in.
- Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
- Click the instance to view its details.
- Under Resources, click Attached VNICs.
- The primary VNIC and any secondary VNICs attached to the instance are displayed.
- Click the VNIC you’re interested in.
- Under Resources, click IP Addresses.
- The VNIC’s primary private IP and any secondary private IPs are displayed. For the private IP you’re interested in, click the Actions icon (three dots), and then click Edit. In the Public IP Address section, for Public IP Type, select the radio button for Reserved Public IP.
- Enter the following:
- Compartment: The compartment that contains the reserved public IP you want to assign.
- Reserved Public IP: The reserved public IP you want to assign. You have three choices:
- Create a new reserved public IP. You may optionally provide a friendly name for it. The name doesn’t have to be unique, and you can change it later. Avoid entering confidential information.
- Assign a reserved public IP that is currently unassigned.
- Move a reserved public IP from another private IP.
- Click Update.
Question 32
Question
You are asked to create a user that will access programmatic endpoints in Oracle Cloud Infrastructure. The user must not be allowed to authenticate by username and password.
Which two authentication options can you use? (Choose two.)
A. PEM Certificate file
B. Auth tokens
C. API signing key
D. Windows password
E. SSH key pair
Answer
B. Auth tokens
C. API signing key
Question 33
Question
Which two are required to create an IPSec VPN connection? (Choose two.)
A. security list
B. static route CIDR
C. name
D. compute instance
Answer
A. security list
B. static route CIDR
Refereces
Oracle Cloud Infrastructure Documentation > Site-to-Site VPN
Question 34
Question
Where is the tenancy Oracle Cloud Identifier (OCID) located?
A. given by support on account creation
B. at the bottom of every console page
C. on the Identity Users page
D. contained within the compartment OCID
Answer
D. contained within the compartment OCID
Explanation
Identity > Compartments >(The root Compartment of the tenancy)
References
Oracle Cloud Infrastructure Documentation > Resource Identifiers
Question 35
Question
You currently manage an e-commerce application that utilizes 25 identical compute resources to handle customer traffic. The stakeholders have asked you to create another 25 identical compute resources in order to deploy and test a new version of the software?
What is the most efficient process to create 25 additional compute resources that are identical to the first 25?
A. Create a custom image from 1 of the 25 servers. Use this custom image to provision 25 more servers
B. Create a manual backup of each boot volume belonging to the 25 servers. Restore each backup to create 25 new boot volumes, from which you will provision 25 more servers
C. Provision a new server and configure it to be identical to the first 25. Create a custom image from the new server, then use the custom image to provision 24 more servers
D. Clone the boot volume of 1 of the 25 servers. Use the boot volume clone to provision 25 more servers
Answer
A. Create a custom image from 1 of the 25 servers. Use this custom image to provision 25 more servers
Question 36
Question
Which two options are available when setting up DNS for your bare metal and virtual machine DB Systems? (Choose two.)
A. Internet and custom resolver
B. Google DNS servers
C. custom resolver
D. Internet and virtual cloud network (VCN) resolver
Answer
C. custom resolver
D. Internet and virtual cloud network (VCN) resolver
Question 37
Question
When deploying a highly available, Internet-facing, 2-tier web application on Oracle Cloud Infrastructure (OCI), which design option would you use?
A. Deploy all web servers into one Availability Domain and behind a public load balancer, and deploy two single-node OCI database systems in the same Availability Domain with Data Guard enabled.
B. Deploy all web servers into multiple Availability Domains and behind a public load balancer, and deploy two single-node OCI database systems across two Availability Domains with Data Guard enabled.
C. Deploy all web servers into multiple Availability Domains and behind a private load balancer, and deploy two single-node OCI database systems across two Availability Domains with Data Guard enabled.
D. Deploy all web servers into one Availability Domain, and deploy a single-node OCI database system into a different Availability Domain.
Answer
B. Deploy all web servers into multiple Availability Domains and behind a public load balancer, and deploy two single-node OCI database systems across two Availability Domains with Data Guard enabled.
Question 38
Question
Which two features are offered natively on Oracle Cloud Infrastructure Database Cloud Service (DBCS)? (Choose two.)
A. Data Guard in Async mode within a region
B. GoldenGate replication between two regions
C. Data Guard in Maximum Protection mode
D. backup to Object Storage
Answer
A. Data Guard in Async mode within a region
D. backup to Object Storage
Explanation
Data Guard in Maximum Performance protection mode is supported not simply Maximum Protection mode, however, you can configure additional protection modes and transport types by logging on to the DB system and accessing Data Guard command-line interface (DGMGRL).
Question 39
Question
Which two statements are true about restoring a block volume from a manual or policy-based block volume backup? (Choose two.)
A. It can be restored as new volumes with different sizes from the backups
B. It can be restored as a new volume to any AD across different regions
C. It must be restored as a new volume to the same availability domain (AD) on which the original block volume backup resides
D. It can be restored as a new volume to any AD in the same region
Answer
A. It can be restored as new volumes with different sizes from the backups
D. It can be restored as a new volume to any AD in the same region
Explanation
A: Backups are encrypted and stored in Oracle Cloud Infrastructure Object Storage, and can be restored as new volumes to any availability domain within the same region they are stored.
D: You can restore a block volume backup to a larger volume size. To do this, check Custom Block Volume Size (GB), and then specify the new size. You can only increase the size of the volume, you cannot decrease the size.
Question 40
Question
You are a network architect and have designed the network infrastructure of a three-tier application on Oracle Cloud Infrastructure (OCI). In the architecture, back-end DB servers are in a private subnet.
One of your DB administrators requests to have access to OCI object storage service.
How can you meet this requirement?
A. Create a service gateway, add a new route rule to the private subnet route table that uses storage as your service gateway target type
B. Create a dynamic routing gateway (DRG) and attach it your virtual cloud network (VCN). Add a default route rule to the private subnets route table and set the target as DRG
C. Attach a public IP address to the instances in the private subnet, and then add a new route rule to the private subnet route table to route default traffic to the internet gateway
D. Add a new route rule to the private subnet route table to route default traffic to the internet gateway
Answer
A. Create a service gateway, add a new route rule to the private subnet route table that uses storage as your service gateway target type
Explanation
A service gateway lets resources in your VCN privately access specific Oracle services, without exposing the data to an internet gateway or NAT. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic from the VCN to the service of interest travels over the Oracle network fabric and never traverses the internet.
To give your VCN access to a given service CIDR label, you must enable that service CIDR label for the VCN’s service gateway.
You can do that when you create the service gateway, or later after it’s created. You can also disable a service CIDR label for the service gateway at any time.
For traffic to be routed from a subnet in your VCN to a service gateway, you must add a rule accordingly to the subnet’s route table. The rule must use the service gateway as the target.