Oracle Cloud Infrastructure 2020 Architect Professional v1.0 (1z0-997-20)

Page:    1 / 4   
Total 50 questions

You are designing the network infrastructure for two application servers: appserver-1 and appserver-2 running in two different subnets inside the same Virtual
Cloud Network (VCN) in Oracle Cloud Infrastructure (OCI). You have a requirement where your end users will access appserver-1 from the internet and appserver-2 from the on-premises network. The on-premises network is connected to your VCN over a FastConnect virtual circuit.
How should you design your routing configuration to meet these requirements? (Choose the best answer.)

  • A. Configure a single routing table (Route Table-1) that has two sets of rules: one that has route to internet via the Internet Gateway and another that propagates specific routes for the on-premise network via Dynamic Routing Gateway (DRG). Associate the routing table with the VCN.
  • B. Configure two routing tables: Route Table-1 that has a route to internet via the Internet gateway. Associate this route table to the subnet containing appserver- 1. Route Table-2 that propagate specific routes for the on-premises network via the Dynamic Routing Gateway (DRG). Associate this route table to subnet containing appserver-2.
  • C. Configure a single routing table (Route Table-1) that has two sets of rules. One that has route to internet via the Internet Gateway and another that propagates specific routes for the on-premise network via the Dynamic Routing Gateway. Associate the routing table with all the VCN subnets.
  • D. Configure two routing tables (Route Table-1 & Route Table-2) that have rule to route all traffic via the Dynamic Routing Gateway (DRG). Associate the two routing tables with all the VCN subnets.


Answer : C

An online registration system is currently hosted on one large Oracle Cloud Infrastructure (OCI) Bare metal compute instance with attached block volumes to store all of the users"™ data. The registration system accepts the information from the user, including documents and photos and then performs automated verification and processing to check is the user is eligible for registration.
The registration system becomes unavailable at times, when there is a surge of users using the system. The existing architecture needs improvement as it takes a long time for the system to complete the processing and the attached block volumes are not large enough to store the ever growing data being uploaded by the users.
Which is the most effective option to achieve a highly scalable solution? (Choose the best answer.)

  • A. Upgrade your architecture to use a pool of Bare metal servers and configure them to use their local SSDs for faster data access. Set up Oracle Streaming Service (OSS) to distribute the tasks to the pool of Bare metal instances with Auto Scaling to dynamically increase or decrease the pool of compute instances depending on the length of the Streaming queue.
  • B. Change your architecture to use an OCI Object Storage standard tier bucket; replace the single bare metal instance with an Oracle Streaming Service (OSS) to ingest the incoming requests and distribute the tasks to a group of compute instances with Auto Scaling.
  • C. Attach more Block volumes as the data volume increases, use Oracle Notification Service (ONS) to distribute tasks to a pool of compute instances working in parallel, and Auto Scaling to dynamically size the pool of instances depending on the number of notifications received from the Notification Service. Use Resource Manager stacks to replicate your architecture to another region.
  • D. Upgrade your architecture to use more Block volumes as the data volume increases. Replace the single bare metal instance with a group of compute instances with Auto Scaling to dynamically increase or decrease the compute instance pools depending on the traffic.


Answer : D

Your customer recently provisioned a 1-Gbps FastConnect connection in ap-tokyo-1 region of Oracle Cloud Infrastructure (OCI). They will use this to connect to one Virtual Cloud Network (VCN) in their production OCI tenancy compartment and another VCN in their development OCI tenancy.
How should you configure the connectivity between on-premises and the two VCNs in OCI using the single FastConnect connection? (Choose the best answer.)

  • A. Provision a Dynamic Routing Gateway (DRG) and create a private virtual circuit for the FastConnect connection. Create one additional route table in your production VCN that includes two routes rules. One with a destination of the on-premises network using the DRG, and a second with a destination of the development VCN, also using the DRG.
  • B. Create two private virtual circuits on the FastConnect link. Create two Dynamic Routing Gateways, one for each VCNs. Attach the virtual circuits to the dynamic routing gateways.
  • C. Create a hub-VCN that uses DRG to communicate with the on-premises network over FastConnect. Connect the hub-VCN to the production VCN spoke and with development VCN spoke, each peered via their respective Local Peering Gateway (LPG).
  • D. Create a single private virtual circuit over FastConnect and attach Fastconnect to either of the VCN"™s DRG. Use Remote Peering to peer production and development VCNs.


Answer : C

Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Tasks/transitrouting.htm

All three Data Guard configurations are fully supported on Oracle Cloud Infrastructure (OCI). You want to deploy a maximum availability architecture (MAA) for database workload.
Which option should you consider while designing your Data Guard configuration to ensure best RTO and RPO without causing any data loss? (Choose the best answer.)

  • A. Configure "Maximum Availability" mode in SYNC mode between two availability domains (same region), and use the Maximum Availability mode in ASYNC mode between two regions.
  • B. Configure "Maximum Protection" mode which provides zero data loss if the primary database fails.
  • C. Configure "Maximum Scalability" mode which provides the highest level of scalability without compromising the availability of the primary database.
  • D. Configure "Maximum Performance" mode in SYNC mode between two availability domains (same region) which provides the highest level of data protection that is possible without affecting the performance of the primary database.


Answer : A

Reference:
https://docs.oracle.com/en/solutions/design-dr/plan-dr-databases1.html#GUID-52D010DF-FB8D-4098-B6D3-C7C4CAFB0FE4

As a part of a migration exercise for an existing on-premises application to Oracle Cloud Infrastructure (OCI), you are required to transfer a 7 TB file to OCI Object
Storage. You have decided to upload it using the multipart upload functionality of Object Storage.
Which two statements are true? (Choose two.)

  • A. It is possible to split this file into multiple parts using rclone tool provided by Object Storage.
  • B. Contiguous numbers need to be assigned for each part so that Object Storage constructs the object by ordering part numbers in ascending order.
  • C. After initiating a multipart upload by making a CreateMultiPartUpload REST API Call, the upload remains active until you explicitly commit it or about it.
  • D. It is possible to split this file into multiple parts using the APIs provided by Object Storage.
  • E. Active multipart upload can be checked by listing all parts that have been uploaded, however it is not possible to list information for an individual object part in an active multipart upload.


Answer : BC

Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Tasks/usingmultipartuploads.htm

You are advising the database administrator responsible for managing non-production environment for Oracle Autonomous Database running on Oracle Cloud
Infrastructure. You need to help the database administrator ensure that the non-production environments have a copy of the current data from the production environment in a manner that is most time-efficient.
Which method should you recommend? (Choose the best answer.)

  • A. Take a full database backup of the production Autonomous database and create the non-production database from it.
  • B. Create a metadata clone of the production Autonomous Database and create the non-production database from it.
  • C. Create a full clone of the production Autonomous Database and create the non-production database from it.
  • D. Take a Data Pump export of the production Autonomous database and import into the non-production database.


Answer : D

Your customer went through a recent departmental re-structure. As part of this change, they are organizing their Oracle Cloud Infrastructure (OCI) compartment structure to align with the company"™s new organizational structure.
They made the following change:
Compartment x is moved, and its parent compartment is now compartment c.


Policy defined in compartment A: Allow group networkadmins to manage subnets in compartment X
Policy defined in root compartment: Allow group admins to read subnets in compartment Finance:A:X
After you move the compartment, which two IAM policies would be required to ensure both groups retain the same permissions to compartment X that they had before? (Choose two.)

  • A. Define a policy in the root compartment as follows: Allow group admins to manage subnets in compartment Finance:A:X
  • B. Define a policy in compartment HR as follows: Allow group networkadmins to manage subnets in compartment C:X.
  • C. Define a policy in the root compartment as follows: Allow group admins to read subnets in compartment HR:C:X
  • D. Define a policy in compartment C as follows: Allow group networkadmins to read subnets in compartment X


Answer : BC

A company has an urgent requirement to migrate 300 TB of data to Oracle Cloud Infrastructure (OCI) in two weeks. Their data center has been recently struck by a massive hurricane and the building has been badly damaged, although still operational. They have a 100 Mbps Internet line but the connection is intermittent due to the damages caused to the electrical grid.
In this scenario, what is the most effective service to use to migrate the data to OCI given the time constraints? (Choose the best answer.)

  • A. Use multiple OCI Data Transfer Appliances to transfer data to OCI.
  • B. Setup an OCI Storage Gateway to connect your data center and your VCN. Once the connection has been established, upload all data to OCI.
  • C. Setup a hybrid network by launching a 1Gbps FastConnect virtual circuit between your data center and OCI. Use OCI Object Storage multipart upload tool to automate the migration of your data to OCI.
  • D. Setup an OCI Storage Gateway to connect your data center and your VCN. Once the connection has been established, upload all data to OCI using OCI Storage Gateway Cloud Sync tool.
  • E. Upload the data to OCI using OCI Object Storage multipart upload tool.


Answer : E

You are working as a solutions architect for an online retail store in Frankfurt which uses multiple compute instance VMs spread among three availability domains in the eu-frankfurt-1 region. You noticed the website is having very high traffic, so you enabled autoscaling to suffice the needs of your application but, you observed that one of the availability domains is not receiving any traffic.
What could be wrong in this situation? (Choose the best answer.)

  • A. Autoscaling only works with single availability domains.
  • B. You forgot to attach a load balancer to your instance pool configuration.
  • C. You have to manually add all three availability domains to your load balancer configuration.
  • D. Autoscaling is using an Instance Pool configured to create instances in two availability Domains.
  • E. Autoscaling can be enabled for multiple availability domains only in uk-london-1 region.


Answer : D

A retail company has recently adopted a hybrid architecture. They have the following requirements for their end-to-end connectivity model between their on- premises data center and Oracle Cloud Infrastructure (OCI) region.
-> Highly available connection with service level redundancy
-> Dedicated network bandwidth with low latency
Which connectivity setup is the most cost-effective solution for this scenario? (Choose the best answer.)

  • A. Setup FastConnect virtual circuit as your primary connection, and an IPSec VPN as a backup connection. Use separate edge devices in your on-premises data center for each connection. From your edge devices, advertise more specific routes through FastConnect virtual circuit, and less specific routes through the backup IPSec VPN path.
  • B. Setup IPSec VPN as your primary connection, and a FastConnect virtual circuit as a backup connection. Use separate edge devices in your on-premises data center for each connection. From your edge devices, advertise more specific routes through IPSec VPN, and less specific routes through the backup FastConnect virtual circuit.
  • C. Setup FastConnect virtual circuit as your primary connection, and a second FastConnect virtual circuit as a backup connection. Make sure your FastConnect physical connectivity is redundant. Use a single edge device in your on-premises data center for each connection. From your edge device, advertise more specific routes via primary FastConnect virtual circuit, and less specific routes through the backup FastConnect virtual circuit.
  • D. Setup IPSec VPN as your primary connection, and a second IPSec VPN as a backup connection. Use separate edge devices in your on-premises data center for each connection. From your edge devices, advertise more specific routes via primary IPSec VPN, and less specific routes through the backup IPSec VPN.


Answer : A

A global retailer is setting up the cloud architecture to be deployed in Oracle Cloud Infrastructure (OCI) which will have thousands of users from two major geographical regions: North America and Asia Pacific. The requirements of the services are:
-> Service needs to be available 24/7 to avoid any business disruption
-> North American customers should be served by application running in North American regions
-> Asia Pacific customers should be served by applications running in Asia Pacific regions
-> Must be resilient enough to handle the outage of an entire OCI region
To meet this requirement, you have deployed your OCI resources to multiple OCI Regions.
Which solution will deliver traffic with the lowest latency and provide fault tolerance? (Choose the best answer.)

  • A. OCI DNS, Traffic Management with Geolocation steering policy
  • B. OCI, DNS, Traffic Management with Failover steering policy
  • C. OCI, DNS, Traffic Management with Load Balancer steering policy, Health Checks
  • D. OCI DNS, Traffic Management with Geolocation steering policy, Health Checks


Answer : D

You are a solutions architect for a global health care company which has numerous data centers around the globe. Due to the ever growing data that your company is storing, you were instructed to set up a durable, cost-effective solution to archive your data from your existing on-premises tape-based backup infrastructure to Oracle Cloud Infrastructure (OCI).
What is the most-effective mechanism to implement this requirement? (Choose the best answer.)

  • A. Use the File Storage Service in OCI and copy the data from your existing tape-based backup to the shared file system.
  • B. Setup an on-premises OCI Storage Gateway which will back up your data to OCI Object Storage Standard tier. Use Object Storage life cycle policy management to move any data older than 30 days from Standard to Archive tier.
  • C. Setup FastConnect to connect your on-premises network to your OCI VCN and use rsync tool to copy your data to OCI Object Storage Archive tier.
  • D. Setup an on-premises OCI Storage Gateway which will back up your data to OCI Object Storage Standard tier.
  • E. Setup an on-premises OCI Storage Gateway which will back up your data to OCI Object Storage Archive tier.


Answer : D

A digital marketing company is planning to host a website on Oracle Cloud Infrastructure (OCI) and leverage OCI Container Engine for Kubernetes (OKE). This web server will make API calls to access OCI Object Storage to store all images uploaded by users.
For security purposes, your manager instructed you to ensure that the credentials used by the web server to allow access to OCI Object Storage are not stored locally on the compute instance.
What solution results in an implementation with the least effort for this scenario? (Choose the best answer.)

  • A. Configure the credentials using OCI Registry (OCIR) which will automatically connect with OKE allowing the web server to make API calls to OCI Object Storage.
  • B. Configure the credentials using Instance Principal to allow the web server to make API calls to OCI Object Storage.
  • C. Configure the credentials using OCI Key Management to allow an instance to make API calls and grant access to OCI Object Storage.
  • D. Configure the credentials to use Transparent Data Encryption (TDE) which will automatically allow the web server to make API calls to OCI Object Storage.


Answer : C

You are tasked with building a highly available, fault tolerant web application for your current employer. The security team is concerned about an increase in malicious web-based attacks across the internet and asked what you can do to add a higher level of security to the website.
How should you architect the solution on Oracle Cloud Infrastructure (OCI) to meet all requirements defined by your organization? (Choose the best answer.)

  • A. Deploy at least 3 web application servers, each in a different fault domain, using a regional private subnet. Place a public load balancer in a regional public subnet and create a backend set for all of the web application servers. Deploy a Web Application Firewall (WAF) and configure the load balancer public IP address as the origin.
  • B. Deploy at least 3 web application servers, each in a different fault domain, using a regional private subnet. Place a public load balancer in a regional public subnet and create a backend set for all of the web application servers. Create a Geolocation steering policy in Traffic Management and add an answer pool that directs to the public IP address of the load balancer. Configure a global catch-all rule to use this answer pool.
  • C. Deploy at least 3 web application servers, each in a different fault domain, using a regional public subnet. Ensure that each web application server is assigned a public IP address. Deploy a Web Application Firewall (WAF) and configure one Origin for each public IP address.
  • D. Deploy at least 3 web application servers, each in a different fault domain, using a regional public subnet. Use the OCI Traffic Management service to create a load balancing policy that will resolve DNS evenly between all web servers.


Answer : D

Given this compartment structure:


You are managing a compute instance that currently resides in the Compute compartment. The Virtual Cloud Network (VCN) into which the compute instance was originally deployed, also resides in this compartment. To support a project-related task, you need to move just the compute instance to the SysTest-Team compartment. You log into your Oracle Cloud Infrastructure (OCI) account and use the Move Resource option to place the compute instance in the new compartment.
What will be the result of your attempt to move the compute instance to the new compartment? (Choose the best answer.)

  • A. The move will be successful. The compute instance"™s public and private IP addresses will stay the same. The compute instance will remain associated with the VCN from the source compartment.
  • B. The move will fail and you will be prompted to move the VCN first. Once VCN is moved to the target compartment, the compute instance can be moved.
  • C. After moving the compute instance, you must move the compute instance VNIC as a separate action. The public and private IP addresses of the instance will remain unchanged and it will still be associated with the VCN from the source compartment.
  • D. The move will be successful. However, the compute instance"™s public and private IP addresses will change, and it will be associated to the first VCN that was created in the new, target compartment.


Answer : C

Page:    1 / 4   
Total 50 questions