New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Oracle 1z0-1072-23 Dumps Questions Answers

Page: 1 / 4
Total 55 questions

Oracle Cloud Infrastructure 2023 Architect Associate Questions and Answers

Question 1

Which is NOT a valid Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) approach?

Options:

A.

Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges.

B.

Ensure not all IP addresses are allocated at once within a VCN or subnet; instead reserve some IP

addresses for future use.

C.

Private subnets should ideally have individual route tables to control the flow of traffic within and outside of VCN.

D.

Use OCI tags to tag VCN resources so that all resources follow organizational tagging/naming conventions.

Buy Now
Question 2

You plan to launch a VM instance with the VM.Standard2.24 shape and Oracle Linux 8 platform image. You want to protect your VM instance from low-level threats, such as rootkits and bootkits that can infect the firmware and operating system and are difficult to detect.

What should you do?

Options:

A.

Use in-transit encryption.

B.

Use Vulnerability Scanning Service.

C.

Create a burstable instance.

D.

Create a shielded instance.

Question 3

You are backing up your on-premises data to the Oracle Cloud Infrastructure (OCI) Object Storage Service.

Your requirements are:

1. Backups need to be retained for at least full 31 days.

2. Data should be accessible immediately if and when needed after the backup.

Which OCI Object Storage tier is suitable for storing the backup to minimize cost?

Options:

A.

Infrequent Access tier

B.

Archive tier

C.

Standard tier

D.

Auto-Tiering tier

Question 4

You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin group set up: A-Admins, B-Admins, and C-Admins.

Each admin group has full access over their respective compartments as shown in the graphic below.

Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'.

You want to set up a Test compartment for members of the three projects to share. You also need to provide admin access to all three of your existing admin groups.

Which policy would you write to accomplish this task?

Options:

A.

Allow all-group to manage all-resources in compartment Test where

request.principal.group.tag.EmployeeGroup.Role='Admin'

B.

Allow dynamic-group to manage all-resources in compartment Test where

request.principal.group.tag.EmployeeGroup.Role='Admin'

C.

Allow group any-group to manage all-resources in compartment Test where

request.principal.group.tag.EmployeeGroup.Role='Admin'

D.

Allow any-user to manage all-resources in compartment Test where

request.principal.group.tag.EmployeeGroup.Role='Admin'

Question 5

When defining a query for metric data in Monitoring, which field provides the time window for aggregating metric data points plotted on the metric chart?

Options:

A.

Dimension

B.

Namespace

C.

Statistic

D.

Interval

Question 6

In which TWO ways does Cloud Guard help improve the overall security posture for your tenancy?

Options:

A.

Monitors unauthorized or suspicious user activity.

B.

Allows you to centrally manage encryption keys.

C.

Prevents you from creating misconfigurations on your resources in Oracle Cloud Infrastructure (OCI).

D.

Masks sensitive data and monitors security controls on your Oracle databases.

E.

Helps detect misconfigured resources, such as publicly accessible Object Storage buckets, instances, and restricted ports on security lists.

Question 7

You have an instance running in Oracle Cloud Infrastructure (OCI) that cannot be live-migrated during an

infrastructure maintenance event. OCI schedules a maintenance due date within 14 to 16 days and sends you a notification.

What would happen if you choose not to proactively reboot the instance before the scheduled maintenance due date?

Options:

A.

The instance will get terminated.

B.

The instance is either reboot-migrated or rebuilt in place for you.

C.

You will receive another notification to reboot within the next 14 days.

D.

You will receive another notification to reboot within the next 7 days.

Question 8

You are using a custom application with third-party APIs to manage the application and data hosted in an Oracle Cloud Infrastructure (OCI) tenancy. Although your third-party APIs do not support OCI’s signature-based

authentication, you want them to communicate with OCI resources. Which authentication option should you use to ensure this?

Options:

A.

Auth Tokens

B.

OCI Username and Password

C.

API Signing Key

D.

SSH Key Pair with 2048-bit algorithm

Question 9

In which two ways can Oracle Security Zones assist with the cloud security shared responsibility model?

Options:

A.

Encrypt storage resources with a customer-managed key.

B.

Allow access to an unsecured compartment, which is moved from a standard compartment.

C.

Deny public access to Oracle Cloud Infrastructure resources, such as databases and object storage buckets.

D.

Add or move a standard compartment to a highly secured security zone compartment.

Question 10

Which statement accurately describes the key features and benefits of OCI Confidential Computing?

Options:

A.

It encrypts and isolates in-use data and the applications processing that data, thereby preventing

unauthorized access or modification.

B.

It optimizes network performance and reduces latency through advanced routing algorithms and caching mechanisms.

C.

It enables users to securely store and retrieve data by using distributed file systems, ensuring high

availability and fault tolerance.

D.

It provides automatic scalability and load balancing capabilities, which allow seamless integration with other cloud providers.

Question 11

Which is NOT a valid option for an Oracle Cloud Infrastructure (OCI) compute shape?

Options:

A.

Bare Metal

B.

Dedicated Virtual Machine Host

C.

Virtual Machine

D.

Exadata Virtual Machine

Question 12

You want to create a policy to allow the NetworkAdmins group to manage Virtual Cloud Network (VCN) in compartment C. You want to attach this policy to the tenancy. The compartment hierarchy is shown below.

Which policy statement can be used to accomplish this task?

Options:

A.

Allow group NetworkAdmins to manage virtual-network-family in compartment B:C

B.

Allow group NetworkAdmins to manage virtual-network-family in compartment C

C.

Allow group NetworkAdmins to manage virtual-network-family in tenancy

D.

Allow group NetworkAdmins to manage virtual-network-family in compartment A:B:C

Question 13

Which tool provides a diagram of the implemented topology of all Virtual Cloud Networks (VCNs) in a selected region and tenancy?

Options:

A.

Network Watcher

B.

Traffic Analytics

C.

VCN Flow Logs

D.

Network Visualizer

Question 14

As a network architect you have deployed a public subnet on your Virtual Cloud Network (VCN) with this security list:

You have also created a network security group (NSG) as shown in the table here, and assigned it to your bastion host:

You have confirmed that routing is correct but when you SSH to the VM from your home over the Internet you are unable to connect.

What could be the problem?

Options:

A.

User will be able to SSH to the VM from the Internet as SSH is open on the NSG.

B.

Public subnet does not have a route rule to the Internet Gateway.

C.

Internet traffic should be allowed only on the NSG.

D.

SSH traffic is not allowed in the security list nor on the NSG from the Internet.

Question 15

As a solution architect, you are showcasing the Oracle Cloud Infrastructure (OCI) Object Storage feature about Object Versioning to a customer.

Which statement is true regarding OCI Object Storage Versioning?

Options:

A.

Objects are physically deleted from a bucket when versioning is enabled.

B.

Object Versioning is disabled on a bucket by default.

C.

A bucket that is versioning-enabled can and will always have the latest version of the object in the bucket.

D.

Object Versioning does not provide data protection against accidental or malicious object update,

overwrite, or deletion.

Page: 1 / 4
Total 55 questions