CertsTopics Logo

Pre-Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Oracle Cloud Solutions Infrastructure 1z0-1072-22 Syllabus Exam Questions Answers

Page: 5 / 9
Total 253 questions
Get 1z0-1072-22 Full Access Download 1z0-1072-22 PDF

Oracle Cloud Infrastructure 2022 Architect Associate Questions and Answers

Question 17

You have created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system so you have provisioned one using the file storage service (FSS). You also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that both application servers and the DB System can access the file system. The security team determines that the DB System should have read-only access to the file system.

What change would you make to satisfy this requirement?

Options:

A.

Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet.

B.

Connect via SSH to one of the application servers where the file system has been mounted. Use the Unix command chmod to change permissions on the file system directory, allowing the database user read only access.

C.

Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateless.

D.

Create an instance principal for the DB System. Write an Identity and Access Management (IAM) policy that allows the instance principal read-only access to the file storage service.

Question 18

You developed a microservices based application that runs on Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE). You want to provide access to this cluster to other team members.

What should you do to provide access to this cluster using as fewest steps as possible?

Options:

A.

Create a group in OCI Infrastructure Access Management (IAM). Create a policy to grant access to the OKE cluster. Other team members should use OCI Cloud Shell to generate the kubeconfig into their own cloud shell environment and access the cluster using kubectl from cloud shell.

B.

Create a group in OCI Infrastructure Access Management (IAM). Create a policy to grant access to the OKE cluster. Create individual users and access token for each team member. Other team members should use OCI Cloud Shell to generate the kubeconfig into their own cloud shell environment and access the cluster using kubectl from cloud shell.

C.

Create a group in OCI Infrastructure Access Management (IAM). Create a policy to grant access to the OKE cluster. Create a cluster role and cluster role binding to provide access to the cluster for each team member. Other team members should install oci cli and kubectl locally on their laptop. Use the oci cli to generate the kubeconfig and use kubectl to access the cluster.

D.

Create a group in OCI Infrastructure Access Management (IAM). Create a policy to grant access to the OKE cluster. Other team members should install oci cli and kubectl locally on their laptop. Use the oci cli to generate the kubeconfig and use kubectl to access the cluster.

Question 19

Which statement is true about interconnecting Virtual Cloud Network (VCN)?

Options:

A.

VCNs support transitive peering.

B.

Peering VCNs should not have overlapping CIDR blocks.

C.

VCNs must be in the same tenancy to be peered.

D.

The only way to interconnect VCNs is through peering.

Question 20

Your company decided to move a few applications to Oracle Cloud Infrastructure (OCI) in the US West (us-phoenix-1) region.

You need to design a cloud-based disaster recovery (DR) solution with a requirement to deploy the DR resources in the US East (us-ashburn-1) region to minimize network latency.

What is the recommended deployment?

Options:

A.

Deploy production and DR applications in two separate virtual cloud networks (VCNs), each in different regions, and then use VCN local peering gateways for connectivity.

B.

Deploy production and DR applications in two separate VCNs, each in different regions. Connect them using a VCN remote peering connection.

C.

Deploy production and DR applications in the same VCN. Create production subnets in one AD, and DR subnets in another AD (assume a multi-AD region).

D.

Deploy production and DR applications in two separate VCNs in different availability domains (ADs) within the primary region, and then use a VCN remote peering connection for connectivity.

Page: 5 / 9
Total 253 questions
Get 1z0-1072-22 Full Access Download 1z0-1072-22 PDF