The latest Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) exam and earn Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification.
Table of Contents
- Question 41
- Question
- Answer
- Question 42
- Question
- Answer
- Explanation
- References
- Question 43
- Question
- Answer
- Explanation
- References
- Question 44
- Question
- Answer
- Explanation
- Question 45
- Question
- Answer
- Explanation
- Question 46
- Question
- Answer
- Question 47
- Question
- Answer
- References
- Question 48
- Question
- Answer
- Question 49
- Question
- Answer
- Question 50
- Question
- Answer
- Explanation
Question 41
Question
You are designing a shared storage solution for your company in Oracle Cloud Infrastructure. The proposed storage solution should allow users to create a hierarchical structure (similar to the directory structure in Linux or Windows-based systems). The solution should provide data encryption and a large amount of storage space.
Which would be the best implementation strategy?
A. Use block storage. Create and attach a large block storage volume to one compute instance. Assign a public IP to the compute instance. Store data on the block storage and access it by connecting to the compute instance.
B. Use object storage. Create a single namespace and multiple buckets to create the hierarchical directory structure.
C. Use object storage. Create multiple namespaces with one bucket each. Make the buckets publicly accessible.
D. Use file storage service. Create a file system and a mount target. Share the private IP of the mount target.
Answer
D. Use file storage service. Create a file system and a mount target. Share the private IP of the mount target.
Question 42
Question
Which two identity providers can your administrator federate with Oracle Cloud Infrastructure? (Choose two.)
A. Microsoft Active Directory
B. Oracle Identity Cloud Services
C. AWS Directory Services
D. Google Directory Federation Services
Answer
A. Microsoft Active Directory
B. Oracle Identity Cloud Services
Explanation
Oracle Cloud Infrastructure supports federation with Oracle Identity Cloud Service and Microsoft Active Directory (via Active Directory Federation Services (AD FS)), and any identity provider that supports the Security Assertion Markup Language (SAML) 2.0 protocol.
References
Oracle Cloud Infrastructure Documentation > Federating with Identity Providers
Question 43
Question
What happens when you run terraform plan?
A. It configures, reconfigures, and instantiates resources and their dependencies.
B. It shows the operator the course of action that would be taken if a change is applied.
C. It deletes all existing resources and re-creates them.
D. It shows a dependency graph.
Answer
B. It shows the operator the course of action that would be taken if a change is applied.
Explanation
The terraform plan command is used to create an execution plan. Terraform performs a refresh, unless explicitly disabled, and then determines what actions are necessary to achieve the desired state specified in the configuration files.
This command is a convenient way to check whether the execution plan for a set of changes matches your expectations without making any changes to real resources or to the state. For example, terraform plan might be run before committing a change to version control, to create confidence that it will behave as expected.
References
Question 44
Question
You are about to deploy an e-business application on Oracle Cloud Infrastructure and one of the requirements is to use a shared file system that supports the NFS protocol.
Which storage service would meet this requirement?
A. object storage
B. block volume
C. data transfer appliance
D. file storage
Answer
D. file storage
Explanation
Use the File Storage service when your application or workload includes big data and analytics, media processing, or content management, and you require Portable Operating System Interface (POSIX)-compliant file system access semantics and concurrently accessible storage. The File Storage service is designed to meet the needs of applications and users that need an enterprise file system across a wide range of use cases, including the following:
- General Purpose File Storage: Access to an unlimited pool of file systems to manage growth of structured and unstructured data.
- Big Data and Analytics: Run analytic workloads and use shared file systems to store persistent data.
- Lift and Shift of Enterprise Applications: Migrate existing Oracle applications that need NFS storage, such as Oracle E-Business Suite and PeopleSoft.
- Databases and Transactional Applications: Run test and development workloads with Oracle, MySQL, or other databases.
- Backups, Business Continuity, and Disaster Recovery: Host a secondary copy of relevant file systems from on premises to the cloud for backup and disaster recovery purposes.
- MicroServices and Docker: Deliver stateful persistence for containers. Easily scale as your container-based environments grow.
Question 45
Question
You have successfully configured identity federation between Oracle Cloud Infrastructure (OCI) and Oracle Identity Cloud Services (IDCS). A new project manager wants access to OCI for her team and provides the name of an existing group within IDCS to use when granting access.
How do you configure federation to allow the project team access to OCI resources?
A. Create a new IAM group in OCI and map it to the existing IDCS group. Create a new policy in IDCS and reference the name of the IAM group.
B. Create a new Identity and Access Management (IAM) policy in OCI and reference the name of the IDCS group in each policy statement.
C. Create a new compartment in OCI with the same name as the existing IDCS group. Create an IAM policy that references the new compartment and the name of the IDCS group.
D. Create a new IAM group in OCI and map it to the existing IDCS group. Create a new IAM policy and reference the name of the IAM group in each policy statement.
Answer
D. Create a new IAM group in OCI and map it to the existing IDCS group. Create a new IAM policy and reference the name of the IAM group in each policy statement.
Explanation
When working with your IdP, your administrator defines groups and assigns each user to one or more groups according to the type of access the user needs. Oracle Cloud Infrastructure also uses the concept of groups (in conjunction with IAM policies) to define the type of access a user has. As part of setting up the relationship with the IdP, your administrator can map each IdP group to a similarly defined IAM group, so that your company can re-use the IdP group definitions when authorizing user access to Oracle Cloud Infrastructure resources. Here’s a screenshot from the mapping process:
Question 46
Question
What is the maximum CIDR range that can be assigned when configuring a Virtual Cloud Network?
A. /16
B. /26
C. /24
D. /8
Answer
A. /16
Question 47
Question
When creating a subnet, one or more placeholder security lists are often associated with the subnet. Why?
A. Each operator needs its own security list.
B. Each protocol needs its own security list.
C. Each network endpoint or instance in the subnet needs its own security list.
D. It is not possible to add or remove security lists after a subnet is created.
Answer
C. Each network endpoint or instance in the subnet needs its own security list.
References
Oracle Cloud Infrastructure Documentation > Security Lists
Question 48
Question
You are deploying a highly available web application in Oracle Cloud Infrastructure and have decided to use a public load balancer. The back-end web servers will be distributed across all three availability domains (ADs).
How many subnets should you create to deliver a secure highly available application?
A. three subnets in total; one subnet in each AD
B. five subnets in total; two subnets each in the first and second AD with a single subnet in the third AD
C. six subnets in total; two subnets in each AD; one for the load balancer and one for the web servers
D. four subnets in total; one subnet in each AD for the web servers and a single subnet in any one AD for the load balancer
Answer
C. six subnets in total; two subnets in each AD; one for the load balancer and one for the web servers
Question 49
Question
You have just created an Autonomous Data Warehouse (ADW) and you want to connect to the ADW using SQL Developer.
What three items are needed to connect to the ADW using SQL Developer? (Choose three.)
A. the keystore password
B. a security list with an ingress rule for TCP port 1521
C. the client credentials file
D. the public IP address of the ADW server
E. the admin password
Answer
A. the keystore password
C. the client credentials file
E. the admin password