Scribd Logo
Upload

Welcome to Scribd!

  • Testsdumps: Latest Test Dumps For It Exam Certification

    Uploaded by

    reportesbackups
    8 views7 pages
    The document discusses sample questions and answers related to the Oracle Cloud Infrastructure (OCI) Architect Professional certification exam. It includes four multiple choice practice questions about topics like traffic management policies, data transfer requirements, object storage lifecycle policies, and encryption compliance. For each question, it provides the question stem, four answer options, and an explanation of the correct answer.

    Original Description:

    Original Title

    1z0-997

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses sample questions and answers related to the Oracle Cloud Infrastructure (OCI) Architect Professional certification exam. It includes four multiple choice practice questions about topics like traffic management policies, data transfer requirements, object storage lifecycle policies, and encryption compliance. For each question, it provides the question stem, four answer options, and an explanation of the correct answer.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    8 views7 pages

    Testsdumps: Latest Test Dumps For It Exam Certification

    Uploaded by

    reportesbackups
    The document discusses sample questions and answers related to the Oracle Cloud Infrastructure (OCI) Architect Professional certification exam. It includes four multiple choice practice questions about topics like traffic management policies, data transfer requirements, object storage lifecycle policies, and encryption compliance. For each question, it provides the question stem, four answer options, and an explanation of the correct answer.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 7

    TestsDumps

    http://www.testsdumps.com
    Latest Test Dumps for IT Exam Certification
    Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
    IT Certification Guaranteed, The Easy Way!

    Exam : 1Z0-997

    Title : Oracle Cloud Infrastructure


    2019 Architect Professional

    Vendor : Oracle

    Version : DEMO

    1 from Testsdumps.com.
    Get Latest & Valid 1z0-997 Exam's Question and Answers 1
    https://www.testsdumps.com/1Z0-997_real-exam-dumps.html
    Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
    IT Certification Guaranteed, The Easy Way!

    NO.1 A customer is in a process of shifting their web based Sales application from their own data
    center located in US West to OCI India West (Mumbai) region. They want to do it in a controlled
    manner and initially only 1% of the traffic will be steered to the servers in OCI. After verification of
    everything is working as expected, the company is gradually planning to increase the ratio until they
    are comfortable with fully migrating all traffic to OCI.
    Which of the following solution can be used in this situation?
    A. OCI DNS and Traffic Management with Load Balancer Steering policy
    B. OCI DNS and OCI Load Balancer Service
    C. OCI DNS and Traffic Management with Failover Steering policy
    D. OCI DNS and Traffic Management with Geolocation Steering policy
    Answer: A
    Explanation:
    STEERING POLICIES is A framework to define the traffic management behavior for your zones.
    Steering policies contain rules that help to intelligently serve DNS answers.
    FAILOVER
    Failover policies allow you to prioritize the order in which you want answers served in a policy (for
    example, Primary and Secondary). Oracle Cloud Infrastructure Health Checks are leveraged to
    determine the health of answers in the policy. If the Primary Answer is determined to be unhealthy,
    DNS traffic will automatically be steered to the Secondary Answer.
    LOAD_BALANCE
    Load Balancer policies allow distribution of traffic across multiple endpoints. Endpoints can be
    assigned equal weights to distribute traffic evenly across the endpoints or custom weights may be
    assigned for ratio load balancing. Oracle Cloud Infrastructure Health Checks are leveraged to
    determine the health of the endpoint. DNS traffic will be automatically distributed to the other
    endpoints, if an endpoint is determined to be unhealthy.
    ROUTE_BY_GEO
    Geolocation-based steering policies distribute DNS traffic to different endpoints based on the
    location of the end user. Customers can define geographic regions composed of originating
    continent, countries or states/provinces (North America) and define a separate endpoint or set of
    endpoints for each region.
    ROUTE_BY_ASN
    ASN-based steering policies enable you to steer DNS traffic based on Autonomous System Numbers
    (ASN).
    DNS queries originating from a specific ASN or set of ASNs can be steered to a specified endpoint.
    ROUTE_BY_IP
    IP Prefix-based steering policies enable customers to steer DNS traffic based on the IP Prefix of the
    originating query.

    NO.2 The Finance department of your company has reached out to you. They have customer
    sensitive data on compute Instances In Oracle Cloud Infrastructure (OCI) which they want to store in
    OCI Storage for long term retention and archival.
    To meet security requirements they want to ensure this data is NOT transferred over public internet,
    even if encrypted.
    which they want to store In OCI Object Storage fin long term retention and archival To meet security
    requirements they want to ensure this data is NOT transferred over public Internet, even it

    2 from Testsdumps.com.
    Get Latest & Valid 1z0-997 Exam's Question and Answers 2
    https://www.testsdumps.com/1Z0-997_real-exam-dumps.html
    Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
    IT Certification Guaranteed, The Easy Way!

    encrypted.
    Which option meets this requirements?
    A. Use NAT gateway with appropriate route table when transferring data. Then use NAT gateways'
    toggle (on/off) once data transfer is complete.
    B. Configure a NAT instance and all traffic between compute In Private subnet should use this NAT
    instance with Private IP as the route target.
    C. Use Storage gateway with appropriate firewall rule.
    D. Use Service gateway with appropriate route table.
    Answer: D
    Explanation:
    Service Gateway is virtual router that you can add to your VCN. It provides a path for private network
    traffic between your VCN and supported services in the Oracle Services Network like Object Storage)
    so compute Instances in a private subnet in your VCN can back up data to Object Storage without
    needing public IP addresses or access to the intern

    NO.3 A cloud consultant is working on implementation project on OCI. As part of the compliance
    requirements, the objects placed in object storage should be automatically archived first and then
    deleted. He is testing a Lifecycle Policy on Object Storage and created a policy as below:
    [ { "name": "Archive_doc", "action": "ARCHIVE", "objectNameFilter": { "inclusionPrefixes": "doc"] },
    "timeAmount": 5, "timeunit": "DAYS", "isEnabled": true },
    { "name": "Delete_doc", "action": "DELETE", "objectNameFilter": "inclusionPrefixes": [ "doc"]
    1."timeAmount": 5, "timeunit": "DAYS", "isEnabled": true }
    What will happen after this policy is applied?
    A. All the objects having file extension ".doc" will be archived for 5 days and will be deleted 10 days
    after object creation
    B. All the objects with names starting with "doc" will be archived 5 days after object creation and will
    be deleted 5 days after archival
    C. All objects with names starting with "doc" will be deleted after 5 days of object creation
    D. All the objects having file extension ".doc" will be archived 5 days after object creation
    Answer: C
    Explanation:
    Object Lifecycle Management works by defining rules that instruct Object Storage to archive or
    delete objects on your behalf within a given bucket. A bucket's lifecycle rules are collectively known
    as an object lifecycle policy.
    You can use a rule to either archive or delete objects and specify the number of days until the
    specified action is taken.
    A rule that deletes an object always takes priority over a rule that would archive that same object.

    NO.4 Your company will soon start moving critical systems Into Oracle Cloud Infrastructure (OCI)
    platform. These systems will reside in the us-phoenix-1and us-ashburn 1 regions. As part of the
    migration planning, you are reviewing the company's existing security policies and written guidelines
    for the OCI platform usage within the company. you have to work with the company managed key.
    Which two options ensure compliance with this policy?
    A. When you create a new compute instance through OCI console, you use the default options for
    "configure boot volume" to speed up the process to create this compute instance.

    3 from Testsdumps.com.
    Get Latest & Valid 1z0-997 Exam's Question and Answers 3
    https://www.testsdumps.com/1Z0-997_real-exam-dumps.html
    Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
    IT Certification Guaranteed, The Easy Way!

    B. When you create a new block volume through OCI console, select Encrypt using Key Management
    checkbox and use encryption keys generated and stored in OCI Key Management Service.
    C. When you create a new OCI Object Storage bucket through OCI console, you need to choose
    "ENCRYPT USING CUSTOMER-MANAGED KEYS" option.
    D. You do not need to perform any additional actions because the OCI Block Volume service always
    encrypts all block volumes, boot volumes, and volume backups at rest by using the Advanced
    Encryption Standard (AES) algorithm with 256-bit encryption.
    E. When you create a new compute instance through OCI console, you use the default shape to
    speed up the process to create this compute instance.
    Answer: B,C
    Explanation:
    Block Volume Encryption
    By default all volumes and their backups are encrypted using the Oracle-provided encryption keys.
    Each time a volume is cloned or restored from a backup the volume is assigned a new unique
    encryption key.
    You have the option to encrypt all of your volumes and their backups using the keys that you own
    and manage using the Vault service.If you do not configure a volume to use the Vault service or you
    later unassign a key from the volume, the Block Volume service uses the Oracle-provided encryption
    key instead.

    This applies to both encryption at-rest and in-transit encryption.


    Object Storage Encryption
    Object Storage employs 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on
    the server. Each object is encrypted with its own data encryption key. Data encryption keys are
    always encrypted with a master encryption key that is assigned to the bucket. Encryption is enabled
    by default and cannot be turned off. By default, Oracle manages the master encryption key.
    However, you can optionally configure a bucket so that it's assigned an Oracle Cloud Infrastructure
    Vault master encryption key that you control and rotate on your own schedule.
    Encryption: Buckets are encrypted with keys managed by Oracle by default, but you can optionally
    encrypt the data in this bucket using your own Vault encryption key. To use Vault for your encryption
    needs, select Encrypt Using Customer-Managed Keys. Then, select the Vault Compartment and Vault
    that contain the master encryption key you want to use. Also select the Master Encryption Key
    Compartment and Master Encryption Key.

    4 from Testsdumps.com.
    Get Latest & Valid 1z0-997 Exam's Question and Answers 4
    https://www.testsdumps.com/1Z0-997_real-exam-dumps.html
    Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
    IT Certification Guaranteed, The Easy Way!

    NO.5 An organization has its mission critical application consisting of multiple application servers
    and databases running inside Virtual Cloud Network (VCN) in uk-london-1 region. Their solution
    architect wants to further strengthen their architecture by planning for Disaster Recovery (DR) in eu-
    frankfurt-1 region.
    Which two solutions should their architect keep in mind while designing for DR?
    A. Load balancer will automatically distribute traffic between both the regions.
    B. A remote VCN peering connection is required to establish secure and reliable connectivity
    between different VCNs created in uk-london-1 and eu-frankfurt-1 region.
    C. The RTO is the acceptable timeframe of lost data that application can tolerate.
    D. rsync utility can be used to asynchronously copy file systems or snapshot data to another region.
    E. It is not possible to use Active Data Guard to synchronize a database in uk-london-1 region to
    equivalent database in eu-frankfurt-1 region.
    Answer: A,B

    NO.6 You are working as a solution architect for an online retail store to create a portal to allow the
    users to pay for their groceries using credit cards. Since the application is not fully compliant with the
    Payment Card Industry Data Security Standard (PCI DSS), your company is looking to use a third party
    payment service to process credit card payments.
    The third party service allows a maximum of Spelunk IP addresses 5 public IP addresses at a time
    However, your website is using Oracle Cloud Infrastructure (OCI) Instance Pool Auto Scaling policy to
    create up to create up to 15 Instances during peak traffic demand, which are launched In VCN private
    in VCN private subnets and attached to an OCI public Load Balancer. Upon user payment, the portal
    connects to the payment service over the Interne! to complete the transaction What solution can you
    implement to make sure that all compute Instances can connect to the third party system to process
    the payments aw peak traffic demand?
    A. Route payment request from the compute instances through the OCI Load Balancer, which will
    then be routed to the third party service.
    B. Route credit card payment request from the compute instances through the NAT Gateway. On the
    third-party services, whitest the public IP associated with the NAT Gateway.

    5 from Testsdumps.com.
    Get Latest & Valid 1z0-997 Exam's Question and Answers 5
    https://www.testsdumps.com/1Z0-997_real-exam-dumps.html
    Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
    IT Certification Guaranteed, The Easy Way!

    C. Whitelist the Internet Gateway Public IP on the third party service and route all payment requests
    through the Internet Gateway.
    D. Create an OCI Command Line Interface (CLI) script to automatically reserve public IP address for
    the compute instances. On the third services, whitelist the Reserved public IP.
    Answer: A
    Explanation:
    You can OCI Load Balancer for this solution which can you the Public IPs of Load balancer to Traffic to
    third party services which allows a maximum of Spelunk IP addresses 5 public IP addresses at a time
    However, your website is using Oracle Cloud Infrastructure (OCI) Instance Pool Auto Scaling policy to
    create up to 15 Instances during peak traffic demand

    NO.7 A large London based eCommerce company is running Oracle DB System Virtual RAC database
    on Oracle Cloud Infrastructure (OCI) for their eCommerce application activity. They are launching a
    new product soon, which is expected to sell in large quantities all over the world.
    The application architecture should have minimal cost, no data loss, no performance impacts during
    the database backup windows and should have minimal downtime.
    A. Turn off automatic backups from the eCommerce database, implement Oracle Active Data Guard
    with the standby database deployed on another availability domain, and take backups from the
    standby database.
    B. Launch a new VM RAC database in another availability domain, launch a compute instance, deploy
    Oracle GoldenGate on it and then configure it to replicate the data from the eCommerce Database
    over to the new RAC database using GoldenGate. Take backups from the new VM RAC database.
    C. Turn off automated backups from the eCommerce database, implement Oracle Data Guard with
    the Standby database deployed on another availability domain, take backups from the standby
    database.
    D. Launch a new VM RAC database in another availability domain, launch a compute instance, deploy
    Oracle GoldenGate on it and then configure bi-directional replication from the eCommerce Database
    over to the new VM RAC database using GoldenGate. Take backups from the new VM RAC database.
    Answer: D
    Explanation:
    Active Data Guard or GoldenGate are used for disaster recovery when fast recovery times or
    additional levels of data protection are required. And offload queries and backup to standby system.
    Oracle GoldenGate to support a disaster recovery site is to have a working bi-directional data flow,
    from the primary system to the live-standby system and vice versa.
    DataGuard and Automatic Backup
    You can enable the Automatic Backup feature on a database with the standby role in a Data Guard
    association. However, automatic backups for that database will not be created until it assumes the
    primary role.

    6 from Testsdumps.com.
    Get Latest & Valid 1z0-997 Exam's Question and Answers 6
    https://www.testsdumps.com/1Z0-997_real-exam-dumps.html

    You might also like