1Z0-1067

You have created several block volumes in the us-phoenix-1 region in a specific compartment. The
compartment can be identified by the following Orade Cloud Infrastructure (OCI) unique identifier, or
ocid1.compartment.oc1.phx..exampleuniquelD

Your manager has asked you to leverage the OCI monitoring service and write a metric query showing
all read IOPS at a one-minute interval, filtered to this compartment and aggregated for the maximum.

Which metric query will you create?

You have recently been asked to take over management of your company's infrastructure
provisioning efforts, utilizing Terraform v0.12 to provision and manage infrastructure resources in
Oracle Cloud Infrastructure (OCI). For the past few days the development environments have been
failing to Provision. Teraform returns the following error:

You are a Cloud Operations administrator who has recently joined a new department. You have
created 10 Terraform stacks using Oracle Cloud Infrastructure (OCI) resource manager. Each stack
creates a different set of resources In OCI for your development team.
What determines the cost of these Terraform stacks?

An organization wants to extend their existing on-premises data centers to the Oracle Cloud
Infrastructure (OCI) us-phoenix-1 region. In order to achieve It, they have created an IPSec VPN
connection between their Customer-Premises Equipment(CPE) and Dynamic Routing Gateway(DRG)
on

How can you make this connection highly available (HA)?

An Insurance company has contracted you to help automate their application business continuity
plan. They have the application running in eu-frankfurt-1 as the primary site and uk-london-1 as a
disaster recovery site. Normally they have a DNS A record associated with the IP address of the
primary endpoint In eu-frankfurt-1. In the event of a disaster, they use OCI DNS Zone Management to
update the A record and replace it with the IP address of the endpoint In uk-london-1.

How can you automate the failover process?

You are configuring on alarm In Oracle Cloud Infrastructure (OCI) for a compute instance named
vision. The metric needs to be triggered when the ingress network rate is greater than 1MB.
Which statement will accomplish this?

You have recently Joined a startup company and quickly find that nobody is tracking the amount of
money spent on Oracle Cloud Infrastructure (OCI). Seeing an opportunity to help save money you
begin creating a solution to better track the cost of resources provisioned by each individual on the
team.

Which option allows you to identify excessive spend across all resources in your tenancy?

You saw created a group for several auditors. You assign the following policies to the group:What
actions are the auditors allowed to perform within your tenancy?

You have received an email from your manager to provision new resources on Oracle Cloud
Infrastructure (OCI). When researching OCI y detect that you should use OCI Resource Manager. Since
this is a task that will be done multiple times for development, test, and production need to create a
command that can be re-used.

Which CLI command can be used In this situation?

oci resource-manager stack create --compartment-id <compartment_OCID> --config-source prod.zip --
variables file://variables.json --display-name "Production Stack build" --description "Creating new
Production environment"
You have shared your Oracle Cloud Infrastructure (OCI) tenancy with a group of developers in your
organization by creating a compartment called a-developer. You are an administrator in the tenancy
with privileges to modify IAM policies. Developers need privileges to configure Federation to Wt
Single Sign-On (SSO).

would you give them permissions to complete their task In the most secure manner?

You need to set up daily Incremental backups of your database In Oracle Cloud Infrastructure (OCI)
Database Service. The backups need to be retained for at least 50 days.

Which of the following method allows you do accomplish this Is an efficient and cost effective
manner?

You set up a bastion host in your VCN to only allow your IP address (140.19.2.140) to establish SSH
connections to your Compute instances that are deployed private subnet. The Compute instances
have an attached Network Security Group with a Source Type: Network security Group (NSG) , Source
NSG-050504. To secure the bastion host, you added the following ingress rules to its Network
Security Group:

However, after checking the bastion host logs, you discovered that there are IP addresses other than
your own that can access your bastion host.

What is the root cause of this issue?

To take advantage of cloud agility and burst computing capability, ABC Automobiles have extended
their data center to a Virtual Cloud Network (VCN). In Oracle Cloud Infrastructure's (OCI) us-phoenlx-
1 region. They have several members in their Cloud Operations (CloudOps) team that need to access
the OCI management console. The security administrator does not want to create new IAM users and
credentials that would then need to be ibuted to each CloudOps member.

Which option will help solution architect meet the needs for CloudOps?
The boot volume on your Oracle Linux instance has run out of space. Your application has crashed due
to a lack of swap space, forcing you to Increase the size of the boot volume.

Which step should NOT be Included In the process used to solve the Issue?

You are using Oracle Cloud Infrastructure (0CI) services across several regions: us-phoenlx-1, us-
ashburn-1, uk-london-1 and ap-tokyo-1. You have created a separate administrator group for each
region: PHX-Admins, ASH-Admins, LHR-Admins and NRT-Admins, respectively.
you want to restrict admin access to a specific region. E.g., PHX-Admins should be able to manage all
resources In the us-phoenlx-1 region only and don't any other OCI regions.

What IAM policy syntax is required to restrict PHX-Admins to manage OCI resources in the us-
phoenix-1 region only?

You have created an Autonomous Data Warehouse (ADW) service in your company's Oracle Cloud
Infrastructure (OCI) tenancy and you now have to load historical data Into It. You have already
extracted this historical data from multiple data marts and data warehouses. This data is stored in CSV
text files and these file are ranging in size from 25 MB to 20 GB.

Which step Is most efficient and error tolerant method for loading data Into ADW?

Testing Policy describes when and how you may conduct certain types of security testing of Oracle
Cloud Services, Including vulnerability and penetration tests, as well as tests Involving data scraping
tools.

What does Oracle allow as part of this testing?

Multiple teams are sharing a tenancy in Oracle Cloud Infrastructure (OCI). You are asked to figure out
an appropriate method to manage OC1 cost*. NOT a valid technique to accurately attribute costs to
resources used by each team?

Which two statements about the Oracle Cloud Infrastructure (OCI) Command Line Interface (CLI) are
true?

Which two statements are true about the Bulk Export of Oracle Cloud Infrastructure Audit Log Events?

You launched a Linux compute Instance to host the new version of your company website via Apache
Httpd server on HTTPS (port 443) The Instance is created in a public subnet along with other
Instances. The default security list associated to the subnet Is:

You want to allow access to the company website from public Internet without exposing websites
eventually hosted on the other instances in the public subnet.

Which two actions should you do?

 You are tasked with creating a group called volumeBackcupAdmins to manage only block volume
backups.

Which of the following set of policy/policies would you need to write to meet this requirement?

1. Allow group VolumeBackupAdmins to use volumes in tenancy -- Correct

2. Allow group VolumeBackupAdmins to manage volume-backups in tenancy -- Correct

You have the following compartment structure within your company's Oracle Cloud Infrastructure
(OCI) tenancy: You want to create a policy in the root compartment to allow SystemAdmlns to
manage VCNs only In CompartmentC.

Which policy is correct?

you provisioned an Oracle Linux compute Instance through the Oracle Cloud Infrastructure (OCI)
management console then immediately realize you add an SSH key file. You notice that OCI compute
service provides instance console connections that supports adding SSH keys for a running Instance.
Hence, you created the console connection for your Linux server and activated it using the connection
string provided. However, now you get' prompted for a username and password to login.
What option should you recommend to add the SSH key to your running Instance, while minimizing
the administrative overhead?

You are asked to Implement the disaster recovery (DR) and business continuity requirements for
Oracle Cloud
Infrastructure (OCI) Block Volumes. Two OCI regions being used: a primary/source region and a
DR/destination region. The requirements are:
• There should be a copy of data in the destination region to use If a region-wide disaster occurs in
the source region

• Minimize costs

Which of the following design will help you meet these requirements?

Which two statements accurately describe Ansible Modules for Oracle Cloud Infrastructure (OCI)?

You are system administrator at a retail company. You Just received a ticket stating that the account
team is unable to access an internal application. The application is running behind an Oracle Cloud
Infrastructure (OCI) Public Load Balancer and is using a compute instance pool with autoscaling
enabled. You noticed some deleted items In the Audit Log while troubleshooting.

Which resource deletion could have caused this Issue?

One of the compute Instances that you have deployed Is malfunctioning. You have created a console
connection to remotely troubleshoot.
Which two statements about console connections are true?
You are using Oracle Cloud Infrastructure (OCI) console to set up an alarm on a budget to track your
OCI spending. Which two are valid targets for creating a budget In OCI?

You have a Linux compute Instance located in a public subnet in a VCN which hosts a web application.
The security list attached to subnet containing the compute Instance has the following stateful Ingress
rule.

Which step will resolve the issue?

One of your development teams has asked for your help to standardize the creation of several
compute instances that must be provisioned each day of the week. You initially write several
Command Line Interface (CLI) commands with all appropriate configuration parameters to achieve
this task later determining this method lacks flexibility.

Which command generates a JSON-based template that Oracle Cloud Infrastructure (OCI) CLI can use
to provision these Instances on a regular basis?

You are using the Oracle Cloud Infrastructure Command Line Interface to launch a Linux virtual
machine. You enter the following command (with correct values for all parameters):The command
fails.Which is NOT a valid parameter in this command?

What is a key benefit of using Oracle Cloud Infrastructure's Resource Manager for your Terraform
provisioning and management activities?
You have been asked to provision a new production environment on Oracle Cloud Infrastructure
(OCI). After working with the solution architect you docket that you are going to automate this
process.

Which OCI service can help automate the provisioning of this new environment?

You have set up threshold alarm for CPU Utilization metric for a value greater than 80 percent. You
get a notification email about this alarm.
Which of the following action will help you respond to this notification?

You have been asked to update the llfecycle policy for object storage using the Oracle Cloud
Infrastructure (OCI) Command Line Interface (f command can successfully update the policy?

Your application is using Object Storage bucket named app-data In the namespace vision, to store
both persistent and temporary data. Every week all the temporary data should be deleted to limit the
storage consumption.

Currently you need to navigate to the Object Storage page using the web console, select the
appropriate bucket to view all the objects and delete the temporary ones.

To simplify the task you have configured the application to save all the temporary data with /temp
prefix. You have also decided to use the Command Line Interface (CLI) to perform this operation.

What is the command you should use to speed up the data cleanup?

D)

oci os object bulk-delete -ns vision -bn app-data --prefix /temp --force

You have a group of developers who launch multiple VM.Standard2.2 compute Instances every day
into the compartment Dcv. As a result your OCI tenancy quickly hit the service limit for this shape.
Other groups can no longer create new instances using VM.Standard2.2 shape. of this, your company
has Issued a new mandate that the Dev compartment must include a quota to allow for use of only 20
VM.Standar shapes per Availability Domain.

Your solution should not affect any other compartment In the tenancy.

Which quota statement should be used to implement this new requirement?

C) set compute quota vm-standard2-2-count to 20 in compartment dev

Your company has restructured its HR departments. As part of this change, you also need to re-
organize compartments within Oracle Cloud Infrastructure (OCI) to align them to the company's new
organizational structure. The following change is required:

Comportment Team_x needs to be moved under a new parent compartment, Project_B

The tenancy has the following policies defined for compartments Project_A and Project_B:

Policy1 Allow group G1 to manage instance-family in compartment HR:Project_A

Policy2 Allow group G2 to manage instance-family in compartment HR:Project_B

Which two statements describe the impacts after the compartment Team_x is moved?

As the operations administrator for your company's Oracle Cloud Infrastructure (OCI), you have been
entrusted the task of ensuring that data being accessed by the application is encrypted. Your
application portfolio Includes both Virtual Machine (VM) and Bare Metal (BM) database systems.

Which method should you use to achieve encryption of data in-transit?

You have deployed a three-tier web application inside an Oracle Cloud Infrastructure (OCI) VCN with a
CIDR block of 10.0.0.0/28. You Initially deploy three web servers (VM.Standard2.2), two application
servers (VM.Standard2.4), and two servers (VM.Standard2.8) running Oracle database.

The web, application and database servers are deployed across two availability domains in the us-
ashburn-1 region.

You also deployed a Public Load Balancer In front of the two web servers. The web traffic gradually
Increases in the first few days following the deployment, so you attempt to double the number of
instances in each tier of the application to handle the new load. Unfortunately, some of these new
Instances fail to launch.

Your tenancy comes with the following set of predefined services limits for the availability domain
and compartment where the application is deployed.

What is a possible reason for this deployment to fail?

Which technique does NOT help you get the optimal performance out of the Oracle Cloud
Infrastructure (OCI) File Storage service?

Your company will undergo a security audit in one week. Your manager has asked you to download
and review recent logs from an Object Storage bucket. The current log archive file is approximately 19
GB In size.

Which command would you run to download the archive file as quickly as possible?

B)

oci os object get -ns my-namespace -bn my-bucket --name my-large-object --multipart-download-
threshold 2000 --part-size 128

Your company recently adopted a hybrid cloud architecture which requires them to migrate some of
their on-premises web applications to Oracle Cloud Infrastructure OCI). You created a Terraform
template which automatically provisions OCI resources such as compute instances, load balancer, and
a database instance.

After running the stack using the terraform apply command, it successfully launched the compute
Instances and the load balancer, but it failed to create a new database Instance with the following
error:
Service error:NotAuthorizedOrNotFound. shape VM.Standard2.4 not found, http status code: 404

You discovered that the resource quotas assigned to your compartment prevent you from using
VM.Standard2.4 instance shapes available in your tenancy. You edit the Terraform script and replace
the shape with VM.Standard2.2.

Which option would you recommend to re-run the terraform command to have required OCI
resources provisioned with the least effort?

A subscriber of on Oracle Cloud Infrastructure (OCI) Notifications service topic complained about not
receiving messages from the service. Which of the following options can help you debug this issue?
You have been contracted by a local e-commerce company to assist with enhancing their online
shopping application. The application is currently deployed In a single Oracle Cloud Infrastructure
(OCI) region. The application utilizes a public load balancer, application servers in a private subnet
and a database in a separate, private subnet.

The company would like to deploy another set of similar Infrastructure In a different OCI region that
will act as standby site. In the event of a failure at the primary site, all customers should be routed to
the failover site automatically.

After deploying the additional infrastructure within the second region, how should you configure
automated failover requirements?

You have been tasked with allocating an identity to one of your compute instances that needs to
retrieve and process static files that are stored in an Object Storage bucket. After creating a dynamic
group with a matching rule that specifies the OCID of the compute instance, you discover the that API
calls are failing.
Which step should you take to resolve this issue?

You have created a geolocation steering policy in the Traffic Management service, with this
configuration. What happens to requests that originate in Africa?

You have set an alarm to be generated when the CPU usage of a specified instance is greater than
10%. In the alarm behavior view below you note that the critical condition happened around 23:30.
You were expecting a notification after 1 minute, however, the alarm firing state did not begin until
23:33. What should you change to fix It?

Several development teams in your company have each been provided with a budget and a dedicated
compartment to be used for testing purpose u are asked to help them to control the costs and avoid
any overspending.
What should you do?
 team Implemented a SaaS application that requires a whole system deployment for each new
customer. The Infrastructure provisioning is already automated via Terraform, and now you have
been asked to develop an Ansible playbook to centralize configuration file management and
deployment.

What Is the most effective way to ensure your playbooks are utilizing up-to-date and accurate
Inventory?

You have been brought In to help secure an existing application that leverages Object Storage
buckets to distribute content. The data is currently being shared from public buckets and the security
team Is not satisfied with this approach. They have stated that all data must be stored In storage
buckets. Your application should be able to provide secure access to the data. The URL that is
provided for access to the data must be rotated every 30 days.

Which design option will meet these requirements?

In order to manage Alarms In Oracle Cloud Infrastructure (OCI), which three actions can be performed
through the OCI Console?

Which of the following are essential components of the Oracle Cloud Infrastructure Notifications
service?
Which command sample can be used to copy an object from Oracle Cloud Infrastructure (OCI) Object
Storage bucket in source region to a bucket in a destination region?

B)

oci os object copy --namespace-name <object_storage_namespace> --bucket-name <source_bucket_name> -

-source-object-name <source_object> --destination-namespace <destination_namespace_string> --
destination-region <destination_region> --destination-bucket <destination_bucket_name> --
destination-object-name <destination_object_name>

You are asked to deploy a new application that has been designed to scale horizontally. The business
stakeholders have asked that the application be deployed In us-phoenlx-1. Normal usage requires 2
OCPUs. You expect to have few spikes during the week, that will require up to 4 OCPUs, and a major
usage uptick at the end of each month that will require 8 OCPUs.

What is the most cost-effective approach to implement a highly available and scalable solution?

You have created the following JSON file to specify a lifecycle policy for one of your object storage
buckets: How will this policy affect the objects that are stored in the bucket?

You are working as a Cloud Operations Administrator for your company. They have different Oracle
Cloud Infrastructure (OCI) tenancies for development and production workloads. Each tenancy has
resources in two regions - uk-london-1 and eu-frankfurt-1. You are asked to manage all resources and
to automate all the tasks using OCI Command Line Interface (CLI).

Which is the most efficient method to manage multiple environments using OCI CLI?

You deployment platform within Oracle Cloud Infrastructure (OCI) leverages a compute instance with
multiple block volumes attached. There are multiple teams that use the same compute instance and
have access to these block volumes. You want to ensure that no one accidentally deletes of these
block volumes. You have started to construct the following IAM policy but need to determine which
permissions should be used.

Recently your e-commerce web application has been receiving significantly more traffic than usual.
Users are reporting they often encounter a 903. when trying to access your site. Sometimes the site is
very slow.
You check your instance pool configuration to confirm that the maximum number of instances Is
configured to allow 20 compute instances. Currently 14 compute instances have been provisioned by
the Instance pool. You also confirm that current CPU utilization across all hosts exceeds the scale-
threshold you set in your auto-scaling policy. However, the Instance pool is not provisioning any new
instances.

What can you check to determine why the application is NOT functioning properly?