The latest Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) exam and earn Oracle Cloud Infrastructure Architect Associate (1Z0-1072/1Z0-1072-20/1Z0-1072-21) certification.
Table of Contents
- Question 61
- Question
- Answer
- Explanation
- Question 62
- Question
- Answer
- Question 63
- Question
- Answer
- Explanation
- References
- Question 64
- Question
- Answer
- Explanation
- References
- Question 65
- Question
- Answer
- Explanation
- Question 66
- Question
- Answer
- Question 67
- Question
- Answer
- References
- Question 68
- Question
- Answer
- Question 69
- Question
- Answer
- Explanation
- Question 70
- Question
- Answer
Question 61
Question
You have five different company locations spread across the US. For a proof-of-concept (POC) you need to setup secure and encrypted connectivity to your workloads running in a single virtual cloud network (VCN) in the Oracle Cloud Infrastructure Ashburn region from all company locations.
What would meet this requirement?
A. Create five internet gateways in your VCN and have separate route table for each internet gateway.
B. Create five virtual circuits using FastConnect for each company location and terminate those connections on a single dynamic routing gateway (DRG). Attach that DRG to your VCN.
C. Create five IPsec connections with each company location and terminate those connections on a single DRG. Attach that DRG to your VCN.
D. Create five IPsec VPN connections with each company location and terminate those connections on five separate DRGs. Attach those DRGs to your VCN.
Answer
C. Create five IPsec connections with each company location and terminate those connections on a single DRG. Attach that DRG to your VCN.
Explanation
Access to Your On-Premises Network
There are two ways to connect your on-premises network to Oracle Cloud Infrastructure:
- VPN Connect: Offers multiple IPSec tunnels between your existing network’s edge and your VCN, by way of a DRG that you create and attach to your VCN.
- Oracle Cloud Infrastructure FastConnect: Offers a private connection between your existing network’s edge and Oracle Cloud Infrastructure. Traffic does not traverse the internet. Both private peering and public peering are supported. That means your on-premises hosts can access private IPv4 addresses in your VCN as well as regional public IPv4 addresses in Oracle Cloud Infrastructure (for example, Object Storage or public load balancers in your VCN).
You can use one or both types of the preceding connections. If you use both, you can use them simultaneously, or in a redundant configuration. These connections come to your VCN by way of a single DRG that you create and attach to your VCN. Without that DRG attachment and a route rule for the DRG, traffic does not flow between your VCN and on-premises network. At any time, you can detach the DRG from your VCN but maintain all the remaining components that form the rest of the connection. You could then reattach the DRG again, or attach it to another VCN.
Question 62
Question
Which statement is true about Oracle Cloud Infrastructure Object Storage Service?
A. An Archive Object Storage tier bucket can be upgraded to the Standard Object Storage tier.
B. You cannot directly download an object from an Archive Object Storage bucket.
C. An existing Standard Object Storage tier bucket can be downgraded to the Archive Object Storage tier.
D. Data retrieval in Archive Object Storage is instantaneous.
Answer
B. You cannot directly download an object from an Archive Object Storage bucket.
Question 63
Question
Which two statements define the types of DNS resolvers that exist? (Choose two.)
A. A custom resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.
B. A VCN resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.
C. A VCN resolver allows instances to use host names to communicate with instances on other VCNs in your tenancy.
D. An Internet resolver allows instances to use the host names that are published on the Internet.
Answer
A. A custom resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.
D. An Internet resolver allows instances to use the host names that are published on the Internet.
Explanation
This is an Oracle-provided option that includes two parts: Internet Resolver: Lets instances resolve hostnames that are publicly published on the internet. The instances do not need to have internet access by way of either an internet gateway or a connection to your on-premises network (such as an IPSec VPN connection through a DRG ). VCN Resolver: Lets instances resolve hostnames (which you can assign) of other instances in the same VCN. For more information, see About the DNS Domains and Hostnames.
By default, new VCNs you create use the Internet and VCN Resolver. If you’re using the Networking API, this choice refers to the VcnLocalPlusInternet enum in the DhcpDnsOption object.
The Internet and VCN Resolver does not let instances resolve the hostnames of hosts in your on-premises network connected to your VCN by IPSec VPN connection or FastConnect. Use your own custom DNS resolver to enable that.
References
Oracle Cloud Infrastructure Documentation > DNS in Your Virtual Cloud Network
Question 64
Question
Where do you find the tnsnames.ora for your Autonomous Data Warehouse (ADW) database?
A. You can download tnsnames.ora from Oracle Cloud Infrastructure web console under ADW details page
B. The tnsnames.ora file is included in credentials.zip file that you download from service console of ADW
C. The ADW database will place the tnsnames.ora file in an object storage bucket
D. You are automatically prompted to download the tnsnames.ora file upon creation of the ADW database
Answer
B. The tnsnames.ora file is included in credentials.zip file that you download from service console of ADW
Explanation
To download client credentials from the Autonomous Transaction Processing Service Console:
- From the Service Console click the Administration link.
- Click Download Client Credentials (Wallet).
- On the Download Client Credentials (Wallet) page, enter a wallet password in the Password field and confirm the password in the Confirm Password field. The password must be at least 8 characters long and must include at least 1 letter and either 1 numeric character or 1 special character. This password protects the downloaded Client Credentials wallet.
- Click Download to save the client security credentials zip file. By default the filename is: Wallet_databasename.zip. You can save this file as any filename you want. You must protect this file to prevent unauthorized database access.
The zip file includes the following:
- tnsnames.ora and sqlnet.ora: Network configuration files storing connect descriptors and SQL*Net client side configuration.
- cwallet.sso and ewallet.p12: Auto-open SSO wallet and PKCS12 file. PKCS12 file is protected by the wallet password provided in the UI.
- keystore.jks and truststore.jks: Java keystore and truststore files. They are protected by the wallet password provided while downloading the wallet.
- ojdbc.properties: Contains the wallet related connection property required for JDBC connection. This should be in the same path as tnsnames.ora.
References
Using Oracle Autonomous Database on Shared Exadata Infrastructure > Oracle® Cloud
Question 65
Question
You have provisioned an Autonomous Transaction Processing (ATP) database and logged into the ATP service console.
What are three abilities that can be performed from this service console? (Choose three.)
A. scale up/down the CPUs
B. create ATP database users
C. reset the admin password
D. set resource management rules
E. monitor database activity and SQL queries
Answer
C. reset the admin password
D. set resource management rules
E. monitor database activity and SQL queries
Explanation
In ATP Service Console,
In the activity screen allows you to perform some basic monitor database activity and SQL queries
In the administration screen allows you to perform some basic administration of the service, like reset the admin password and set resource management rules
Question 66
Question
For a compute instance that is launched in a private subnet in a Virtual Cloud Network (VCN), which action needs to be performed to connect to the Internet, assuming that the required security list is properly set up?
A. Assign a Public IP address to the compute instance.
B. Create and configure Network Address Translation (NAT) in a public subnet and route all traffic to it.
C. There is no way for an instance in a private subnet to connect to the Internet.
D. Create a default route entry in the route table to forward all traffic to the Internet gateway.
Answer
D. Create a default route entry in the route table to forward all traffic to the Internet gateway.
Question 67
Question
What is a “transfer package” when transferring data to OCI via the OCI Data Transfer Service?
A. A transfer package is the logical representation of the physical shipment containing the HDD transfer devices that you ship to Oracle to upload to OCI.
B. A transfer package is the software Oracle provides for you to prepare transfer devices for shipment to Oracle.
C. A transfer package contains the physical devices.
D. A transfer package is the archive file that the Data Transfer Service Utility (dts) writes to the transfer device.
Answer
A. A transfer package is the logical representation of the physical shipment containing the HDD transfer devices that you ship to Oracle to upload to OCI.
References
Oracle Cloud Infrastructure Blog > Introducing Oracle Cloud Infrastructure Data Transfer Service
Question 68
Question
Which two are valid options when migrating a database from on-premise to Oracle Cloud Infrastructure? (Choose two.)
A. snapping or cloning storage form on-premise to Oracle Cloud Infrastructure
B. performing a backup to Oracle Cloud Infrastructure Object Storage, and then restoring to a database server on Oracle Cloud Infrastructure
C. performing RMAN backup to an on-premise storage device, and then shipping to Oracle Cloud Infrastructure
D. converting the Oracle database to a NoSQL database and migrating to Oracle Cloud Infrastructure by using rsync file copy
Answer
A. snapping or cloning storage form on-premise to Oracle Cloud Infrastructure
C. performing RMAN backup to an on-premise storage device, and then shipping to Oracle Cloud Infrastructure
Question 69
Question
How can you provide users access to an existing compartment?
A. by granting users access to a compartment when the compartment is created
B. by adding users to a group and defining a policy to provide the group access to the compartment
C. by adding users to a compartment. All users in the compartment will have access to the objects in the compartment.
D. by granting access directly to the user when the user is created
Answer
B. by adding users to a group and defining a policy to provide the group access to the compartment
Explanation
A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how. A policy simply allows a group to work in certain ways with specific types of resources in a particular compartment In general, here’s the process an IAM administrator in your organization needs to follow:
- Define users, groups, and one or more compartments to hold the cloud resources for your organization.
- Create one or more policies, each written in the policy language.
- Place users into the appropriate groups depending on the compartments and resources they need to work with.
- Provide the users with the one-time passwords that they need in order to access the Console and work with the compartments. For more information,
Question 70
Question
A customer has established an Oracle Cloud Infrastructure (OCI) FastConnect connection to OCI. The virtual circuit is up and routes are being advertised from the customer’s end, however the customer is unable to ping from compute instances inside the virtual cloud network (VCN) to servers residing in its on-premises data center.
Which two options on OCI would remedy this situation? (Choose two.)
A. Modify the route table associated with the VCN subnet in which the instance resides. Add a route to the customer’s on-premises network via the Dynamic Routing Gateway (DRG).
B. Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful egress rule to allow ICMP traffic to the customer’s on-premises network.
C. Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful ingress rule to allow ICMP traffic from anywhere.
D. Modify the default VCN route table to add a route back to the customer’s on-premises network via the DRG.
Answer
A. Modify the route table associated with the VCN subnet in which the instance resides. Add a route to the customer’s on-premises network via the Dynamic Routing Gateway (DRG).
B. Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful egress rule to allow ICMP traffic to the customer’s on-premises network.