PASS4TEST

IT Ce
Certif
rtif
rtifica
ica
ication
tion Guar
uarante
ante
anteed,
ed, The Ea
Easy
sy Way!

http://www.pass4test.com
We offer free update service for one year

0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

Exam : 1z0-997-20

Title : Oracle Cloud Infrastructure

2020 Architect Professional

Vendor : Oracle

Version : DEMO

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 1
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

NO.1 Many development engineers are deploying new instances as part of their projects in Oracle
Cloud Infrastructure tenancy, but majority of these instances have not been tagged. You as an
administrator of this tenancy want to enforce tagging to identify owners who are launching these
instances.
Which option below should be used to implement this requirement?
A. Create tag variables for each compartment to automatically tag a resource with user name.
B. Create a predefined tag with tag variables to automatically tag a resource with usemame.
C. Create an 1AM policy to automatically tag a resource with the usemame.
D. Create a default tag for each compartment which ensure appropriate tags are allowed at resource
creation.
Answer: B

NO.2 A global retailer has decided to re-design its e-commerce platform to have a micro-services
architecture. They would like to decouple application architecture into smaller, independent services
using Oracle Cloud Infrastructure (OCI). They have decided to use both containers and servers
technologies to run these application instances.
Which option should you recommend to build this new platform?
A. Use OCI Resource Manager to automate compute Instances provisioning and use OCI Streaming
service.
B. Install a kubernetes cluster on OCI and use OCI event service.
C. Use OCI functions, OCI object storage and OCI event service.
D. Use Oracle Container Engine for kubernetes, OCI Registry and OCI Functions.
Answer: D
Explanation
Oracle Functions is a fully managed, multi-tenant, highly scalable, on-demand, Functions-as-a-Service
platform. It is built on enterprise-grade Oracle Cloud Infrastructure and powered by the Fn Project
open source engine. Use Oracle Functions (sometimes abbreviated to just Functions) when you want
to focus on writing code to meet business needs.

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 2
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully-managed, scalable, and highly
available service that you can use to deploy your containerized applications to the cloud. Use
Container Engine for Kubernetes (sometimes abbreviated to just OKE) when your development team
wants to reliably build, deploy, and manage cloud-native applications. You specify the compute
resources that your applications require, and Container Engine for Kubernetes provisions them on
Oracle Cloud Infrastructure in an existing OCI tenancy.

NO.3 You are working with a social media company as a solution architect. The media company
wants to collect and analyze large amounts of data being generated from their websites and social
media feeds to gain insights and continuously improve the user experience. In order to meet this
requirement, you have developed a microservices application hosted on Oracle Container Engine for
Kubernetes. The application will process the data and store the result to an Autonomous Data
Warehouse (ADW) instance.
Which Oracle Cloud Infrastructure (OCI) service can you use to collect and process a large volume of
unstructured data in real time?
A. OCI Events
B. OCI Notifications
C. OCI Streaming
D. OCI Resource Manager
Answer: C

NO.4 A global retailer is setting up the cloud architecture to be deployed in Oracle Cloud
infrastructure (OCI) which will have thousands of users from two major geographical regions: North
America and Asia Pacific. The requirements of the services are:
* Service needs to be available 27/7 to avoid any business disruption

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 3
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

* North American customers should be served by application running In North American regions
* Asia Pacific customers should be served by applications running In Asia Pacific regions
* Must be resilient enough to handle the outage of an entire OCI region
A. OCl DNS, Traffic Management with Geolocation steering policy
B. OCl DNS,' Traffic Management with Load Balancer steering policy, Health Checks
C. OCl DNS, Traffic Management with Failover steering policy
D. OCl DNS, Traffic Management with Geolocation steering policy. Health Checks
Answer: D
Explanation
GEOLOCATION STEERING
Geolocation steering policies distribute DNS traffic to different endpoints based on the location of
the end user. Customers can define geographic regions composed of originating continent, countries
or states/provinces (North America) and define a separate endpoint or set of endpoints for each
region. Combine with Oracle Health Checks to fail over from one region to another

NO.5 You have deployed a web application targeting a global audience across multiple Oracle Cloud
Infrastructure (OCI) regions.
You decide to use Traffic Management Geo-Location based Steering Policy to serve web requests to
users from the region closets to the user. Within each region you have deployed a public load
balancer with 4 servers in a backend set. During a DR test disable all web servers in one of the regions
however, traffic Management does not automatically direct all users to the other region.
Which two are possible causes?
A. You did not setup a Route Table associated with load Balancer's subnet
B. Rather than using Geo-Location based Steering Policy, you should use Failover Policy Type to serve
traffic.
C. You did not setup an HTTP Health Check associated with Load Balancer public IP in the disabled

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 4
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

region.
D. You did not correctly setup the Load Balancer HTTP health check policy associated with backend
set
E. One of the two working web servers In the other region did not pass Its HTTP health check
Answer: C,D
Explanation
Managing Traffic Management GEOLOCATION
Geolocation steering policies distribute DNS traffic to different endpoints based on the location of
the end user. Customers can define geographic regions composed of originating continent, countries
or states/provinces (North America) and define a separate endpoint or set of endpoints for each
region.
The Health Checks service allows you to monitor the health of IP addresses and hostnames, as
measured from geographic vantage points of your choosing, using HTTP and ping probes. After
configuring a health check, you can view the monitor's results. The results include the location from
which the host was monitored, the availability of the endpoint, and the date and time the test was
performed.
Also you can Combine Managing Traffic Management GEOLOCATION Steering Policies with Oracle
Health Checks to fail over from one region to another The Load Balancing service provides health
status indicators that use your health check policies to report on the general health of your load
balancers and their components.
if you misconfigure the health check Protocol between the Load balancer and backend set that can
lead to not get an accurate response as example below If you run a TCP-level health check against an
HTTP service, you might not get an accurate response. The TCP handshake can succeed and indicate
that the service is up even when the HTTP service is ly configured or having other issues. Although
the health check appears good customers might experience transaction failures.

NO.6 By copying block volume backups to another region at regular intervals, it makes it easier for
you to rebuild applications and data in the destination region if a region-wide disaster occurs in the
source region.
Which IAM Policy statement allows the VolumeAdmins group to copy volume backups between
regions '
A. Allow group VolumeAdmins to inspect volumes in tenancy
B. Allow group VolumeAdmins to copy volume' backups in tenancy
C. Allow group VolumeAdmins to use volumes in tenancy
D. Allow group VolumeAdmins to manage volume-family In tenancy
Answer: D
Explanation
The backups feature of the Oracle Cloud Infrastructure Block Volume service lets you make a point-
intime snapshot of the data on a block volume.These backups can then be restored to new volumes
either immediately after a backup or at a later time that you choose.
You can copy block volume backups between regions using the Console, command line interface
(CLI), SDKs, or REST APIs.
To copy volume backups between regions, you must have permission to read and copy volume
backups in the source region, and permission to create volume backups in the destination region.
to do all things with block storage volumes, volume backups, and volume groups in all compartments

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 5
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

with the exception of copying volume backups across regions.

Allow group VolumeAdmins to manage volume-family in tenancy
The aggregate resource type volume-family does not include the VOLUME_BACKUP_COPY
permission, so to enable copying volume backups across regions you need to ensure that you include
the third statement in that policy, which is:
Allow group VolumeAdmins to use volume-backups in tenancy where request.permission='VOLUME
_BACKUP_COPY'

NO.7 A manufacturing company is planning to migrate their on-premises database to Oracle Cloud
Infrastructure and has hired you for the migration. Customer has provided following information
regarding their existing on-premises database:
Database version, database character set, storage for data staging, acceptable length of system
outage.
What additional information do you need from customer in order to recommend a suitable migration
method?
(Choose Two)
A. Elapsed time since database was last patched.
B. Number of active connections.
C. Data types used in the on-premises database.
D. On-Premises host operating system and version.
E. Top 5 longest running queries.
Answer: C,D

NO.8 You are building a highly available and fault tolerant web application deployment for your
company. Similar application delayed by competitors experienced web site attack including DDoS
which resulted in web server failing.
You have decided to use Oracle Web Application Firewall (WAF) to implement an architecture which
will provide protection against such attacks and ensure additional configuration will you need to
implement to make sure WAF is protecting my web application 24*7.
Which additional configuration will you need to Implement to make sure WAF Is protecting my web
application 24*7?
A. Configure new rules based on now vulnerabilities and mitigations
B. Configure auto scaling policy and it to WAF instance.
C. Configure Control Rules to send traffic to multiple web servers
D. Configure multiple origin servers
Answer: D
Explanation
Origin Management
An origin is an endpoint (typically an IP address) of the application protected by the WAF. An origin
can be an Oracle Cloud Infrastructure load balancer public IP address. A load balancer IP address can
be used for high availability to an origin. Multiple origins can be defined, but only a single origin can
be active for a WAF. You can set HTTP headers for outbound traffic from the WAF to the origin
server. These name value pairs are then available to the application.
Oracle Cloud Infrastructure Web Application Firewall (WAF) is a cloud-based, Payment Card Industry
(PCI) compliant, global security service that protects applications from malicious and unwanted

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 6
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

internet traffic.
WAF can protect any internet facing endpoint, providing consistent rule enforcement across a
customer's applications. WAF provides you with the ability to create and manage rules for internet
threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities.
Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can
limit based on geography or the signature of the request.
Distributed Denial of Service (DDoS)
A DDoS attack is an often intentional attack that consumes an entity's resources, usually using a large
number of distributed sources. DDoS can be categorized into either Layer 7 or Layer 3/4 (L3/4) A
layer 7 DDoS attack is a DDoS attack that sends HTTP/S traffic to consume resources and hamper a
website's ability to delivery content or to harm the owner of the site. The Web Application Firewall
(WAF) service can protect layer 7 HTTP-based resources from layer 7 DDoS and other web application
attack vectors.

NO.9 You are creating an Oracle Cloud Infrastructure Dynamic Group. To determine the members of
this group you are defining a set of matching rules.
Which of the following are the supported variables to define conditions in the matching rules?
(Choose Two)
A. instance.compartment.id - the OCID of the compartment where the instance resides.
B. instance.tenancy.id - the OCID of the tenancy where the instance resides.
C. tag.<tagnamespace>.<tagkey>.value - the tag namespace and tag key.
D. iam.policy.id - the OCID of the IAM policy to apply to the group.
Answer: A,C
Explanation
You can define the members of the dynamic group based on the following:
- compartment ID
- instance ID
- tag namespace and tag key
- tag namespace, tag key, and tag value
Supported variables are:
instance.compartment.id - the OCID of the compartment where the instance resides instance.id - th
e OCID of the instance tag.<tagnamespace>.<tagkey>.value - the tag namespace and tag key. For
example, tag.department.operations.value .
tag.<tagnamespace>.<tagkey>.value=' ' - the tag namespace, tag key, and tag value. For example,
tag.department.operations.value='45'

NO.10 You have an Oracle database system in a virtual cloud network (VCN) that needs to be
accessible on port 1521 from your on-premises network CIDR 172.17.0.0/24.
You have the following configuration currently.
Virtual cloud network (VCD) is associated with a Dynamic Routing Gateway (DRG), and DRG has an
active IPSec connection with your on-premises data center.
Oracle database system is hosted in a private subnet
The private subnet route table has the following configuration
The private subnet route table has following configuration.

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 7
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

However, you are still unable to connect to the Oracle Database system.
Which action will resolve this issue?
A)
Add an EGRESS rule in network security group as following.

B)
Add a route rule in the private subnet route table as following.

C)
Add an EGRESS rule in private subnet scurity list as following.

D)
Add an EGRESS rule in private subnet security list as following.

A. Option C
B. Option B
C. Option A
D. Option D
Answer: A ???

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 8
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

NO.11 An online Stock trading application is deployed to multiple Availability Domains in the us
phoenix-1 region.
Considering the high volume of transactions that the trading application handles, the company has
hired you to ensure that the data stored by the application available, and disaster resilient. In the
event of failure, the Recovery lime Objective (UK)) must be less than 2 hours to meet regulator
requirements.
Which Disaster Recovery strategy should be used to achieve the RTO requirement In the event of
system failure?
A. Configure hourly block volumes backups through the Storage Gateway service.
B. Store hourly block volumes backup to NVMe device under a compute instance and generate a
custom Image every 5 minutes.
C. Configure hourly block volumes backups using the Oracle Cloud Infrastructure (OCI) Command
Line Interface (CLI)
D. Configure your application to use synchronous master slave data replication between Availability
Domains.
Answer: C
Explanation
You can use the CLI, REST APIs, or the SDKs to automate, script, and manage volume backups and
their lifecycle.
Planning Your Backup
The primary use of backups is to support business continuity, disaster recovery, and long-term
archiving requirements. When determining a backup schedule, your backup plan and goals should
consider the following:
Frequency: How often you want to back up your data.
Recovery time: How long you can wait for a backup to be restored and accessible to the applications
that use it. The time for a backup to complete varies on several factors, but it will generally take a
few minutes or longer, depending on the size of the data being backed up and the amount of data
that has changed since your last backup.
Number of stored backups: How many backups you need to keep available and the deletion schedule
for those you no longer need. You can only create one backup at a time, so if a backup is underway, it
will need to complete before you can create another one. For details about the number of backups
you can store

NO.12 Which three scenarios are suitable for the Oracle Infrastructure (OCI) Autonomous
transaction Processing Server less (ATP-S) deployment?
A. A manufacturing company is running Oracle E-Business Suite application on premises. They are
looking to move this application to OCI and they want to use a managed database offering for their
database tier.
B. A midsize company is considering migrating its legacy on premises MongoDB database to Oracle
Cloud Infrastructure (OCI). The database has significantly higher workloads on weekends than
weekdays
C. well established, online auction marketplace is running an application where there is database
usage
24*7 but also has peaks of activity that the hard to predict when the peaks happen, the total

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 9
http://www.pass4test.com/1z0-997-20.html
0 0
 Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!

activities may reach 3 times the normal activity level (Correct)

D. A developer working on an Internal project needs to use a database during work hours but doesn't
need It during nights or weekends. the project budget requires her to keep costs low. (Correct)
E. A small startup is deploying a new application fen eCommerce and it requires database to store
customers' transactions the team b of what the load will look like since it is a new application.
(Correct)
Answer: C,D,E
Explanation
MongoDB is a cross-platform document-oriented database program. Classified as a NoSQL database
program, MongoDB uses JSON-like documents with schema, so the best to be migrated to Oracle
NoSQL Database.
https://blogs.oracle.com/nosql/migrate-mongodb-data-to-oracle-nosql-database Autonomous
transaction Processing Serverless (ATP-S) isn't supported yet for EBS database

Get Latest & Valid 1Z0-997-20 Exam's Question and Answers from Pass4test.com. 10
http://www.pass4test.com/1z0-997-20.html
0 0