Oracle Cloud Infrastructure (OCI) 2021 Architect Associate (1Z0-1072-21) Certification (Practice Exam)
Test: Practice Exam For - Oracle Cloud Infrastructure 2021 Architect Associate Certification
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. Which TWO statements are true about autoscaling?
Ans: An autoscaling configuration can include one or more autoscaling policies.
Each instance pool can have only one autoscaling configuration.
2. Which FOUR types of images can be used in Oracle Cloud Infrastructure?
Ans: Custom images created from existing images in OCI
Oracle-provided Linux images
Oracle-provided Windows images
Prebuilt application images from Oracle available in the OCI Marketplace
3. When you create a block volumne, what is its default performance level?
Ans: Balanced
4. Which autonomous database type is specialized for developing NoSQL-style applications that use JavaScript Object Notation documents?
Ans: Aunomous JSON Database
5. Which three security services provide infrastructure protection?
Ans: WAF
Securtiy lists
DdoS Protection
6. Which type of load balancer distributes traffic based on IP address and destination ports only?
Ans: Layer-4
7. Which two statements are true about cloning a file system?
Ans: All snapshots that exist in the parent file system are inherited by the clone, up to and including the snapshot that is used as the source of the clone.
File system properties such as compartment, tags, display name, keys, and mount target export information are not copied over from the parent.
8. Which two statements are true about local VCN peering?
Ans: The VCNs can be in different Oracle Cloud Infrastructure tenancies but in the same region.
You can use a single DRG for local peering.
9. Which Object Storage tier would you use for data that you need to access quickly, immediately, and frequently?
Ans: Standard tier
10. At which level are retention rules configured?
Ans: Bucket level
11. Your application or workload includes big data and analytics, media processing, or content management.
You require Portable Operating System Interface (POSIX)-compliant file system access semantics and concurrently accessible storage.
Which storage servce must you use?
Ans: File Storage
12. Compartment A is a child compartment of root.
Compartment B is a child compartment of Compartment A.
Compartment C is a child compartment of Compartment B.
You have attached the following policy to Compartment A:
Allow group NetworkAdmins to manage virtual-network-family in Compartment A.
For which compartments can a user of the NetwrokAdmin group manage VCNs?
Ans: Compartment A, Compartment B, and Compartment C only
13. Which two statements are true about application-based load balancers?
Ans: They perform content-based routing.
They support both HTTP and HTTPS.
14. You want a specific set of users, who do not have IAM user credentials, to access a bucket for a duration of 2 days.
Which mechanism can help you achive this?
Ans: Pre-authenticated requests
15. Examine this policy:
Allow group GroupMgr to manage volumes in tenancy where request.permission != 'VOLUME_DELETE'
Which three actions can a user belonging to the GroupMgr group perform?
Ans: Move volumes.
Create volumes.
Update volumes.
16. Which TWO connectivity options can you use to give your virtual cloud network (VCN) access to the Internet?
Ans: NAT gateway
Internet gateway
17. Which type of logs are emitted by API gateways, events, and Object Storage?
Ans: Service logs
18. Which three statements are true about compartments?
Ans: One compartment can have resources from multiple regions.
You can set a budget on a compartment such that you are notified as soon as the budget is exceeded.
Compartments can be nested.
19. Which two statements are true about boot volumes?
Ans: When you terminate the instance, you can preserve the boot volume and its data.
When you launch a virtual machine (VM) or bare metal instance based on a platform image or custom image, a new boot volume for the instance is created in the same compartment.
20. Which three other components are emitted along with raw data points or timestamp-value pairs as metrics to the Monitoring service?
Ans: Metadata
Namespace
Dimension
21. Which TWO statements are true about the OS Management service?
Ans: It allows you to specify a date and time when a managed instance will be updated.
If a managed instance is terminated, the OS Management service will automatically remove it from the managed instance list.
22. Which TWO statements are true about private IP objects?
Ans: A private IP can have a public IP assigned to it.
You can add a secondary private IP to either the primary VNIC or a secondary VNIC of an instance after it's launched.
23. Which three components are managed by the customer and not by Oracle in a shared security model of OCI?
Ans: Data
Accounts and identities
Application
24. Which TWO statements are true about site-to-site VPN?
Ans: It provides a site-to-site IPSec connection between your on-premises network and your virtual cloud network (VCN).
It encrypts IP traffic before the packets are transferred from the source to the destination and decrypts the traffic when it arrives.
25. For which TWO types of workloads must you use a bare metal compute instance?
Ans: Performance-sensitive workloads
Workloads that require a specific hypervisor
26. Which protocol is used by FastConnect?
Ans: BGP
27. What happens to traffic if there is no route rule that matches the network traffic you intend to route outside the VCN?
Ans: It is dropped.
28. What is the allowable VCN size range?
Ans: /16 through /30
29. Which gateway allows resources within a VCN to communicate with the Internet but prevents any inbound traffic?
Ans: NAT gateway
30. Database admins and app developers want to run OLTP and OLAP workloads directly from their MySQL database, thus eliminating the need for complex, time-consuming, and expensive data movement and integration with a separate analytics database? Which feature of MySQL database service enables this?
Ans: Heatwave
31. For maximum cost efficiency, when launching compute instances, which capacity type must you select for workloads that run periodically or for short periods of time and that don’t require continuous availability?
Ans: Pre-emptible capacity
32. You have two objects in a bucket: ObjectX and ObjectY. ObjectX was last modified 14 months ago and Object Y was last modified 3 months ago. You create a retention rule with a duration of 1 year. Which two statements are true?
Ans: Object Y cannot be modified or deleted for the next 9 months.
Object X can be modified or deleted immediately.
33. Which TWO conditions must be met for an instance to communicate directly with the Internet?
Ans: Instance must have a public IP address.
Instance's VCN must have an Internet gateway.
34. Which two statements are true about a block volume clone?
Ans: You can clone a volume group.
It creates a single point-in-time copy of a volume without having to go through the backup and restore process.
35. You have enabled versioning for a bucket. What happens when you upload an object with the same name as an existing object?
Ans : The existing object becomes a previous version and the newly uploaded object becomes the latest version.
36. Which two statements are true about NoSQL Cloud Service?
Ans: Throughput capacity is measured in write units and read units.
It interoperates with NoSQL Database Enterprise edition through a single programmatic interface with no application code modification.
37. Which Traffic Management Steering policy distributes DNS traffic to different endpoints based on the location of the end user?
Ans: Geolocation steering
38. What is used to specify the actions that Cloud Guard can take when detectors identify problems?
Ans: Responder
39. Which two statements are true about Object Storage?
Ans : It is a regional service and is not tied to any specific compute instance.
It supports private access from Oracle Cloud Infrastructure resources in a VCN through a service gateway.
40. Which Oracle Database edition is required to deploy a two-node Oracle RAC DB system?
Ans: Enterprise Edition - Extreme Performance
41. You want to forbid the creation of public buckets in Object Storage.
Which OCI security feature can you use to achieve this?
Ans: Security zone and security zone recipe
42. Examine these two policies:
Allow group GroupAdmins to manage groups in tenancy where all {target.group.name=/A-*/,target.group.name!='A-Admins'}
Allow group GroupAdmins to inspect groups in tenancy
Which statement is true?
Ans: GroupAdmins can create, update, or delete any groups whose names start with "A-", except for the A-Admins group.
43. At which layer of the OSI model does a web application firewall help to filter traffic?
Ans: Application layer
44. Which policy is automatically applied when you create a cloud account?
Ans: Allow Group Administrator to manage all-resources in tenancy
45. When you enable auto tiering, objects larger than 1 MiB are automatically moved from the Standard tier to which tier?
Ans: Infrequent Access tier
46. When changing the performance level of boot volumes, which two performance levels can you select?
Ans: High performance
Balanced
47. You want users of the NetworkAdmin group to manage a cloud network in any compartment of a tenancy. What must you allow the NetworkAdmin group to do?
Ans: Manage virtual-network-family in tenancy.
48. When triggered, an alarm sends an alarm message to the configured topic. In which service is the topic configured?
Ans: Notification
49. Which three encryption algorithms are supported by OCI Vault?
Ans: AES
RSA
ECDSA
50. Which Oracle-defined backup policy includes weekly incremental backups that run on Sunday, also includes a full backup that runs yearly during the first part of January, and is retained for five years?
Ans: Silver policy
51. Which four layers of access control are used by the File Storage service?
Ans: NFS export option
Network security
NFS v.3 Unix security
Oracle Cloud Infrastructure (OCI) policy
52. Which block volume performance level is recommended for throughput-intensive workloads with large sequential I/O, such as streaming,
log processing, and data warehouses?
Ans: Lower cost
53. Which co-managed database service applies the combined power of Exadata and Oracle Cloud Infrastructure while enabling you to meet your organization's data-residency requirements?
Ans: Exadata Cloud@Customer
54. An instance running in a development compartment needs to make API calls to other OCI services. How can you achieve this without configuring user credentials or setting up a configuration file?
Ans: Create a dynamic group with matching rules to include your instance and write a policy for this dynamic group.
55. You want to make a point-in-time snapshot of the data on a block volume. Under which condition can you make a block volume backup?
Ans: When it is attached to an instance or while it is detached
56. Which OCI networking method must you use to divide your network into multiple VCNs based on departments, with each VCN having direct, private access to the others while avoiding traffic flowing over the Internet or through your on-premises network?
Ans: VCN peering
57. Which cloud solution in Oracle Cloud Infrastructure lets you index, enrich, aggregate, explore, search, analyze, correlate, visualize, and monitor all log data from your applications and system infrastructure?
Ans: Logging analytics
58. Which TWO statements are true about security lists?
Ans: The default security list allows TCP traffic on destination port 22 (SSH) from authorized source IP addresses and any source port.
The default security list does not include a rule to allow ping requests.
59. Which two statements are true about auth tokens?
Ans: Every user can generate up to two auth tokens.
They can be used to authenticate third-party APIs.
60. Which three statements are true about a master encryption security key protected by software?
Ans: Cryptographic operations are allowed on clients.
It can be exported from a server.
It is stored in a server.
61. Which OCI security feature can you use to ensure that unwanted bots are mitigated while desirable bots are allowed to enter?
Ans: Web application firewall
62. Which network security service allows you to separate the VCN's subnet architecture from your application security requirements?
Ans: Network security group