How to pass Oracle 1z0-1085-22 exam with the help of dumps?
DumpsPool provides you the finest quality resources you’ve been looking for to no avail. So, it's due time you stop stressing and get ready for the exam. Our Online Test Engine provides you with the guidance you need to pass the certification exam. We guarantee top-grade results because we know we’ve covered each topic in a precise and understandable manner. Our expert team prepared the latest Oracle 1z0-1085-22 Dumps to satisfy your need for training. Plus, they are in two different formats: Dumps PDF and Online Test Engine.
How Do I Know Oracle 1z0-1085-22 Dumps are Worth it?
Did we mention our latest 1z0-1085-22 Dumps PDF is also available as Online Test Engine? And that’s just the point where things start to take root. Of all the amazing features you are offered here at DumpsPool, the money-back guarantee has to be the best one. Now that you know you don’t have to worry about the payments. Let us explore all other reasons you would want to buy from us. Other than affordable Real Exam Dumps, you are offered three-month free updates.
You can easily scroll through our large catalog of certification exams. And, pick any exam to start your training. That’s right, DumpsPool isn’t limited to just Oracle Exams. We trust our customers need the support of an authentic and reliable resource. So, we made sure there is never any outdated content in our study resources. Our expert team makes sure everything is up to the mark by keeping an eye on every single update. Our main concern and focus are that you understand the real exam format. So, you can pass the exam in an easier way!
IT Students Are Using our Oracle Cloud Infrastructure 2022 Foundations Associate Dumps Worldwide!
It is a well-established fact that certification exams can’t be conquered without some help from experts. The point of using Oracle Cloud Infrastructure 2022 Foundations Associate Practice Question Answers is exactly that. You are constantly surrounded by IT experts who’ve been through you are about to and know better. The 24/7 customer service of DumpsPool ensures you are in touch with these experts whenever needed. Our 100% success rate and validity around the world, make us the most trusted resource candidates use. The updated Dumps PDF helps you pass the exam on the first attempt. And, with the money-back guarantee, you feel safe buying from us. You can claim your return on not passing the exam.
How to Get 1z0-1085-22 Real Exam Dumps?
Getting access to the real exam dumps is as easy as pressing a button, literally! There are various resources available online, but the majority of them sell scams or copied content. So, if you are going to attempt the 1z0-1085-22 exam, you need to be sure you are buying the right kind of Dumps. All the Dumps PDF available on DumpsPool are as unique and the latest as they can be. Plus, our Practice Question Answers are tested and approved by professionals. Making it the top authentic resource available on the internet. Our expert has made sure the Online Test Engine is free from outdated & fake content, repeated questions, and false plus indefinite information, etc. We make every penny count, and you leave our platform fully satisfied!
Frequently Asked Questions
Oracle 1z0-1085-22 Sample Question Answers
Question # 1
Which statement about Oracle Cloud Infrastructure (OCI) shared security model is true?
A. You are responsible for managing security controls within the physical OCInetwork. B. You are not responsible for any aspect of security in OCI. C. You are responsible for securing all data that you place in OCI D. You are responsible for securing the hypervisor within OCI Compute service.
Answer: C Explanation: Oracle Cloud Infrastructureoffers best-in-class security technology and operational processes to secure its enterprise cloud services. However, for you to securely run your workloads in Oracle Cloud Infrastructure, you must be aware of your security and compliance responsibilities.By design, Oracle provides security of cloud infrastructure and operations (cloud operator access controls, infrastructure security patching, and so on), and you are responsible for securely configuring your cloud resources. Security in the cloud
is a shared responsibility between you and Oracle.
In a shared, multi-tenant compute environment, Oracle is responsible for the security of the
underlying cloud infrastructure (such as data-center facilities, and hardware and software
systems) and you are responsible for securing your workloads and configuring your
services (such as compute, network, storage, and database) securely.
In a fully isolated, single-tenant, bare metal server with no Oracle software on it, your
responsibility increases as you bring the entire software stack (operating systems and
above) on which you deploy your applications. In this environment, you are responsible for
securing your workloads, and configuring your services (compute, network, storage,
database) securely, and ensuring that the software components that you run on the bare
metal servers are configured, deployed, and managed securely.
More specifically, your and Oracle's responsibilities can be divided into the following areas:
Identity and Access Management (IAM): As with all Oracle cloud services, you should
protect your cloud access credentials and set up individual user accounts. You are
responsible for managing and reviewing access for your own employee accounts and for all
activities that occur under your tenancy. Oracle isresponsible for providing effective IAM
services such as identity management, authentication, authorization, and auditing.
Workload Security: You are responsible for protecting and securing the operating system
and application layers of your compute instances from attacks and compromises. This
protection includes patching applications and operating systems, operating system
configuration, and protection against malware and network attacks. Oracle is responsible
for providing secure images that are hardenedand have the latest patches. Also, Oracle
makes it simple for you to bring the same third-party security solutions that you use today.
Data Classification and Compliance: You are responsible for correctly classifying and
labeling your data and meeting anycompliance obligations. Also, you are responsible for
auditing your solutions to ensure that they meet your compliance obligations.
Host Infrastructure Security: You are responsible for securely configuring and managing
your compute (virtual hosts, containers), storage (object, local storage, block volumes), and
platform (database configuration) services. Oracle has a shared responsibility with you to
ensure that the service is optimally configured and secured. This responsibility includes
hypervisor security and the configuration of the permissions and network access controls
required to ensure that hosts can communicate correctly and that devices are able to
attach or mount the correct storage devices.
Network Security: You are responsible for securely configuring network elements such as
virtual networking, load balancing, DNS, and gateways. Oracle is responsible for providing
a secure network infrastructure.
Client and Endpoint Protection: Your enterprise uses various hardware and software
systems, such as mobile devices and browsers, to access your cloud resources. You are
responsible for securing all clients and endpoints that you allow to access Oracle Cloud Infrastructure services.
Physical Security: Oracle is responsible for protecting the global infrastructure that runs all
of the services offered in Oracle Cloud Infrastructure. This infrastructure consists of the
hardware, software, networking, and facilities that run Oracle Cloud Infrastructure services.
Reference:
https://www.oracle.com/a/ocom/docs/oracle-cloud-infrastructure-security-architecture.pdf
Question # 2
Your company hasdeployed a business critical application in Oracle Cloud Infrastructure.
What should you do to ensure that your application has the highest level of resilience and
availability?
A. Deploy the application across multiple Availability Domains and Subnets B. Deploy the application across multiple Virtual Cloud Networks C. Deploy the application across multiple Regions and Availability Domains D. Deploy the application across multiple Availability Domains and Fault Domains
Answer: C Explanation: To design a high availability architecture, three key elements should be considered— redundancy, monitoring, and failover: 1) Redundancy means that multiple components can perform the same task. The problem of a single point of failure is eliminated because redundant components cantake over a task performed by a component that has failed. 2) Monitoring means checking whether or not a component is working properly. 3) Failover is the process by which a secondary component becomes primary when the primary component fails. The best practices introduced here focus on these three key elements. Although high availability can be achieved at many different levels, including the application level and the cloud infrastructure level, here we will focus on the cloud infrastructure level. An Oracle Cloud Infrastructure region is a localized geographic area composed of one or
more availability domains, each composed of three fault domains. High availability is
ensured by a redundancy of fault domains within the availability domains.
An availability domain is one or more data centers located within a region. Availability
domains are isolated from each other, fault tolerant, and unlikely to fail simultaneously.
Because availability domains do not share physical infrastructure, such as power or
cooling, or the internal availability domain network, a failure that impacts one availability
domain is unlikely to impact the availability of others.
A fault domain is a grouping of hardware and infrastructure within an availability domain.
Each availability domain contains three fault domains. Fault domains let you distribute your
instances so that they are not on the same physical hardware within a single availability
domain. As a result, an unexpected hardware failure or a Compute hardware maintenance
that affects one fault domain does not affect instances in other fault domains. You can
optionally specify the fault domain for a new instance at launch time, or you can let the
system select one for you.
All the availability domains in a region are connected toeach other by a low-latency, high
bandwidth network. This predictable, encrypted interconnection between availability
domains provides the building blocks for both high availability and disaster recovery.
Reference: https://docs.oracle.com/en/solutions/design-ha/index.html#GUID-76ECDDB4-
4CB1-4D93-9A6D-A8B620F72369
Question # 3
Which Oracle Cloud Infrastructure storage service can provide a shared file system across
multiple compute instances?
A. file Storage B. Local NVMe C. Object Storage D. Archive storage
Answer: A Explanation: Oracle Cloud Infrastructure File Storage service provides a durable, scalable,
secure, enterprise-grade network file system. You can connect to a File Storage service file
system from any bare metal, virtual machine, or container instance in your Virtual Cloud
Network (VCN). You can also access a file system from outside the VCN using Oracle
Cloud Infrastructure FastConnect and Internet Protocol security (IPSec) virtual private
network (VPN).
Large Compute clusters of thousands of instances can use the File Storage service
for high-performance shared storage. Storage provisioning is fully managed and automatic
as your use scales from a single byte to exabytes withoutupfront provisioning.
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/File/Concepts/filestorageoverview.htm
Question # 4
What purpose does an Oracle Cloud Infrastructure (OCI) Dynamic Routing Gateway
Serve?
A. Enables OCI Compute Instance to privately connect to OCI Object Storage B. Enables OCI Compute instance to connect to on-promises environments C. Enable OCI Compute instances to connect to the internal D. Enables OCI Compute instances to be reached from internet
Answer: B Explanation: You can think of a Dynamic Routing Gateway (DRG) as a virtual router that provides a path for private traffic (that is, traffic thatuses private IPv4 addresses) between your VCN and networks outside the VCN's region. For example, if you use an IPSec VPN or Oracle Cloud Infrastructure FastConnect (or both) to connect your on-premises network to your VCN, that private IPv4 address traffic goes through a DRG that you create and attach to your VCN. For scenarios for using a DRG to connect a VCN to your on-premises network, see Networking Scenarios. For important details about routing to your on-premises network, see Routing Details for Connections toYour On-Premises Network. Also, if you decide to peer your VCN with a VCN in another region, your VCN's DRG routes traffic to the other VCN over a private backbone that connects the regions (without traffic traversing the internet). For information about connecting VCNs in different regions, see Remote VCN Peering (Across Regions). Reference: https://docs.cloud.oracle.com/en-us/iaas/tools/ocicli/2.9.1/oci_cli_docs/cmdref/network/drg.html
Question # 5
Which feature allows you to group and logically isolate your Oracle Cloud
Infrastructure (OCI) resources?
A. Tenancy B. Identity and Access Management Groups C. Availability Domains D. Compartments
Answer: D Explanation: It is collection of related resources. Compartments are a fundamental component of Oracle Cloud Infrastructure for organizing and isolating your cloud resources. You use them to clearly separate resources for the purposes of measuring usage and billing, access (through the use of IAM Service policies), and isolation (separating the resources for one project or business unit from another). A common approach is to create a compartment for each major part of your organization. For more information, see Overview of the IAM Service and also Setting Up Your Tenancy. To place a resource in a compartment, simply specify the compartment ID in the "Create" request object when initially creating the resource. For example, to launch an instance into a particular compartment, specify that compartment's OCID in the LaunchInstance request. You can't move an existing resource from one compartment to another. To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized, talk to an administrator. Ifyou're an administrator who needs to write policies to give users access, see Getting Started with Policies. Reference: https://docs.cloud.oracle.com/en-us/iaas/tools/ocicli/2.9.9/oci_cli_docs/cmdref/iam/compartment.htm...
Question # 6
You want to leverage a managed Real Application Cluster (RAC) offering in Oracle Cloud
Infrastructure. which OCIManaged database service would you choose?
A. Autonomous Transaction Processing (shared) B. VM DB System C. Autonomous Data Warehousing (shared) D. Bare Metal DB Systems
Answer: B Explanation: There are 2 types of DB systems on virtual machines: A 1-node VMDB system consists of one VM. A 2-node VM DB system consists of two VMs clustered with RAC enabled. Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Database/Concepts/overview.htm Oracle Cloud Infrastructure offers single-node DB systems on either bare metal or virtual machines, and 2-node RAC DB systems on virtual machines. If you need to provision a DB system for development or testing purposes, then a special fast provisioning single-node virtual machine system is available. You can manage these systems by using the Console, the API, the OracleCloud Infrastructure CLI, the Database CLI (DBCLI), Enterprise Manager, Enterprise Manager Express, or SQL Developer. Reference: https://docs.cloud.oracle.com/enus/iaas/Content/Database/Concepts/overview.htm
Question # 7
Which of the following is an example of an edge service in OCI?
A. DNS ZoneManagement B. Virtual Machines C. OCI compute instances D. Oracle Data Guard
Answer: A Explanation: The Oracle Cloud Infrastructure Domain Name System (DNS) service lets you create and manage your DNS zones. You can create zones, add records to zones, and allow Oracle Cloud Infrastructure's edge network to handle your domain's DNS queries.
Which is NOT considered a security resource within Oracle Cloud Infrastructure?
A. Network Security Group B. Web Application Firewall C. File Storage Service D. Security Lists
Answer: C
Explanation: Oracle Cloud Infrastructure File Storage service provides a durable, scalable,
secure, enterprise-grade network file system. You can connect to a File Storage service file
system from any bare metal, virtualmachine, or container instance in your Virtual Cloud
Network (VCN).
You can control the access of the file system from FSS by applying some security rules
and others but the services it self not related to security but it related to shared storage
nce:
https://docs.cloud.oracle.com/en-us/iaas/Content/File/Concepts/filestorageoverview.htm
Question # 9
Which three components are part of Oracle Cloud Infrastructure Identity and Access
Management service?
A. Virtual Cloud Networks B. Policies C. Regional Subnets D. Dynamic Groups E. Roles F. Compute Instances G. Users
Answer: B,D,G Explanation: IAM components are
RESOURCE
Thecloud objects that your company's employees create and use when interacting with
Oracle Cloud Infrastructure. For example: compute instances, block storage volumes,
virtual cloud networks (VCNs), subnets, route tables, etc.
USER
An individual employee or system that needs to manage or use your company's Oracle
Cloud Infrastructure resources. Users might need to launch instances, manage remote
disks, work with your virtual cloud network, etc. End users of your application are not
typically IAM users. Users have one or more IAM credentials (see User Credentials).
POLICY
A document that specifies who can access which resources, and how. Access is granted
atthe group and compartment level, which means you can write a policy that gives a group
a specific type of access within a specific compartment, or to the tenancy itself. If you give
a group access to the tenancy, the group automatically gets the same typeof access to all
the compartments inside the tenancy. For more information, see Example
Scenario and How Policies Work. The word "policy" is used by people in different ways: to
mean an individual statement written in the policy language; to mean a collection of
statements in a single, named "policy" document(which has an Oracle Cloud ID (OCID)
assigned to it); and to mean the overall body of policies your organization uses to control
access to resources.
GROUP
A collection of users who all need the same type of access to a particular set of resources
or compartment.
DYNAMIC GROUP
A special type of group that contains resources (such as compute instances) that match
rules that you define (thus the membership can change dynamically as matching resources
are created or deleted). These instances act as "principal" actors and can make API calls
to services according to policies that you write for the dynamic group.
NETWORK SOURCE
A group of IP addresses that are allowed to access resources in your tenancy. The IP
addresses can be public IP addresses or IP addressesfrom a VCN within your tenancy.
After you create the network source, you use policy to restrict access to only requests that
originate from the IPs in the network source. COMPARTMENT
A collection of related resources. Compartments are a fundamental component of Oracle
Cloud Infrastructure for organizing and isolating your cloud resources. You use them to
clearly separate resources for the purposes of measuring usage and billing, access
(through the use of policies), and isolation (separating the resourcesfor one project or
business unit from another). A common approach is to create a compartment for each
major part of your organization. For more information, see Setting Up Your Tenancy.
TENANCY
The root compartment that contains all of your organization's Oracle Cloud Infrastructure
resources. Oracle automatically creates your company's tenancy for you. Directly within the
tenancy are your IAM entities (users, groups, compartments, and some policies; you can
also put policies into compartments inside the tenancy). You place the other types of cloud
resources (e.g., instances, virtual networks, block storage volumes, etc.) inside the
compartments that you create.
HOME REGION
The region where your IAM resources reside. All IAM resources are global and available
across all regions, but the master set of definitions reside in a single region, the home
region. You must make changes to your IAM resources in your homeregion. The changes
will be automatically propagated to all regions. For more information, see Managing
Regions.
FEDERATION
A relationship that an administrator configures between an identity provider and a service
provider. When you federate Oracle Cloud Infrastructure with an identity provider, you
manage users and groups in the identity provider. You manage authorization in Oracle
Cloud Infrastructure'sIAM service. Oracle Cloud Infrastructure tenancies are federated with
Oracle Identity Cloud Service by default.
Reference:
https://docs.cloud.oracle.com/en-us/iaas/data-safe/doc/iam-components.html
Question # 10
Which Oracle Cloud Infrastructure (OCI) database solution will be most economical for a
customer looking to have the elasticity of the cloud with minimal administration and maintenance effort for their DBA team?
A. OCI Bare Metal DB Systems B. OCI Virtual Machine DB Systems C. OCI Exadata DB Systems. D. OCI Autonomous Database
Answer: C Explanation: Exadata DB systems allow you to leverage the power of Exadata within the Oracle Cloud Infrastructure. An Exadata DB system consists of a basesystem, quarter rack, half rack, or full rack of compute nodes and storage servers, tied together by a highspeed, low-latency InfiniBand network and intelligent Exadata software. You can configure automatic backups, optimize for different workloads, and scale up the system to meet increased demands. Oracle now offers the Zero Downtime Migration service, a quick and easy way to move onpremises Oracle Databases and Oracle Cloud Infrastructure Classic databases to Oracle Cloud Infrastructure. You can migrate databases to the following types of Oracle Cloud Infrastructure systems: Exadata, Exadata Cloud@Customer, bare metal, and virtual machine. Zero Downtime Migration leverages Oracle Active Data Guard to create a standby instance of your database in an Oracle Cloud Infrastructure system. You switch over only when you are ready, and your source database remains available as a standby. Use the Zero Downtime Migration service to migrate databases individually or at the fleet level. See Move to Oracle Cloud Using Zero Downtime Migration for more information. Reference: https://docs.cloud.oracle.com/enus/iaas/Content/Database/Concepts/exaoverview.htm
Question # 11
What does compute instance vertical scaling mean?
A. Providing Fault tolerance B. Adding additional compute instances C. Enabling Disaster recovery D. Changing to a large or smaller shape
Answer: D Explanation: Changing the Shape of an Instance (Horizontal Scaling) You can change the shape of a virtual machine (VM) instance without having to rebuild your instances or redeploy your applications. This lets you scale up your Compute resources for increased performance, or scale down to reduce cost. Autoscaling (vertical scaling) Autoscaling lets youautomatically adjust the number of Compute instances in an instance pool based on performance metrics such as CPU utilization. This helps you provide consistent performance for your end users during periods of high demand, and helps you reduce your costs during periods of low demand. As load increases, instances are automatically provisioned: the instance pool scales out. As load decreases, instances are automatically removed: the instance pool scales in.
Question # 12
Which statement about the Oracle Cloud Infrastructure (OCI) shared-security model is
true?
A. You are responsible for securing all data that you place in OCI B. You are not responsible for any aspect of security in OCI C. You are responsible for securing the hypervisor within OCIcompute service D. You are responsible for managing security controls within the physical OCI network
Answer: A Explanation: ExplanationOracle Cloud Infrastructure offers best-in-class security
technology and operational processes to secure its enterprise cloud services. However, for
you to securely run your workloads in Oracle Cloud Infrastructure, you must be aware of
your security and compliance responsibilities. By design, Oracle provides security of cloud
infrastructure and operations (cloud operator access controls, infrastructure security
patching, and so on), and you are responsible for securely configuring your cloud
resources. Security in the cloud is a shared responsibility between you and Oracle.
In a shared, multi-tenant compute environment, Oracle is responsible for the security of the
underlying cloud infrastructure (such as data-center facilities, and hardware and software
systems) and you are responsible for securing your workloads and configuring your
services (such as compute, network, storage, anddatabase) securely.
In a fully isolated, single-tenant, bare metal server with no Oracle software on it, your
responsibility increases as you bring the entire software stack (operating systems and
above) on which you deploy your applications. In this environment, you are responsible for securing your workloads, and configuring your services (compute, network, storage,
database) securely, and ensuring that the software components that you run on the bare
metal servers are configured, deployed, and managed securely.
The responsibilities can be divided as:
Question # 13
You are setting up a proof of concept (POC) and need to quickly establish a secure
between an on-premises data center andOracle Cloud Infrastructure (OCI).
Which OCI service should you implement?
A. VCN Peering B. FastConnect C. Internet Gateway D. IPSec VPN
Answer: D Explanation: You can set up a single IPSec VPN with a simple layout that you might use for a proof of concept (POC). erence: https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Tasks/settingupIPsec.htm
It is possible to set up a site-to-site Virtual Private Network(VPN) Connection between your
on-premises network (a data center or corporate LAN) and your Oracle virtual cloud
network (VCN) over a secure encrypted VPN. The VPN connection uses industry-standard
IPSec protocols. The Oracle service that provides site-to-site connectivity is named VPN
Connect (also referred to as an IPSec VPN).
Reference: https://docs.cloud.oracle.com/enus/iaas/Content/Network/Tasks/managingIPsec.htm
Question # 14
Which feature is not component of Oracle cloud Infrastructure identity and Access
management service?
A. federation B. User Credential C. Network SecurityGroup D. Policies
Answer: C Explanation: Components of IAM RESOURCE The cloud objects that your company's employees create and use when interacting with Oracle Cloud Infrastructure. For example: compute instances, block storage volumes virtual cloud networks (VCNs),subnets, route tables, etc.
USER
An individual employee or system that needs to manage or use your company's Oracle
Cloud Infrastructure resources. Users might need to launch instances, manage remote
disks, work with your virtual cloud network, etc. Endusers of your application are not
typically IAM users. Users have one or more IAM credentials (see User Credentials).
GROUP
A collection of users who all need the same type of access to a particular set of resources
or compartment.
DYNAMIC GROUP
A special type of group that contains resources (such as compute instances) that match
rules that you define (thus the membership can change dynamically as matching resources
are created or deleted). These instances act as "principal" actors and can make API calls
to services according to policies that you write for the dynamic group.
NETWORK SOURCE
A group of IP addresses that are allowed to access resources in your tenancy. The IP
addresses can be public IP addresses or IP addresses from a VCN within your tenancy.
After you create the network source, you use policy to restrict access to only requests that
originate from the IPs in the network source.
COMPARTMENT
Acollection of related resources. Compartments are a fundamental component of Oracle
Cloud Infrastructure for organizing and isolating your cloud resources. You use them to
clearly separate resources for the purposes of measuring usage and billing,
access(through the use of policies), and isolation (separating the resources for one project
or business unit from another). A common approach is to create a compartment for each
major part of your organization. For more information, see Setting Up Your Tenancy.
TENANCY
The root compartment that contains all of your organization's Oracle Cloud Infrastructure
resources. Oracle automatically creates your company's tenancy for you. Directly within the
tenancy are your IAM entities (users, groups, compartments, and some policies; you can
also put policies into compartments inside the tenancy). You place the other types of cloud
resources (e.g., instances, virtual networks, block storage volumes, etc.) inside the
compartments that you create.
POLICY
A document that specifies who can access which resources, and how. Access is granted at
the group and compartment level, which means you can write a policy that gives a groupa
specific type of access within a specific compartment, or to the tenancy itself. If you give a
group access to the tenancy, the group automatically gets the same type of access to all
the compartments inside the tenancy. For more information, see Example
Scenario and How Policies Work. The word "policy" isused by people in different ways: to mean an individual statement written in the policy language; to mean a collection of
statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID)
assigned to it); and to mean the overall body ofpolicies your organization uses to control
access to resources.
HOME REGION
The region where your IAM resources reside. All IAM resources are global and available
across all regions, but the master set of definitions reside in a single region, the home
region. You must make changes to your IAM resources in your home region. The changes
will be automatically propagated to all regions. For more information, see Managing
Regions.
FEDERATION
A relationship that an administrator configures between an identity provider and a service
provider. When you federate Oracle Cloud Infrastructure with an identity provider, you
manage users and groups in the identityprovider. You manage authorization in Oracle
Cloud Infrastructure's IAM service. Oracle Cloud Infrastructure tenancies are federated with
Oracle Identity Cloud Service by default.
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm
Question # 15
A company has developed an eCommerce web application In Oracle CloudInfrastructure.
What should they do to ensure that the application has the highest level of resilience?
A. Deploy the application across multiple Regions and Availability Domains. B. Deploy the application across multiple Availability Domains and subnet. C. Deploy the application across multiple Virtual Cloud Networks. D. Deploy the application across multiple Availability Domains and Fault Domains.
Answer: A Explanation: For highest level of resilience you can deploy the application between regions and distribute onavailability domain and fault domains. Reference: https://www.oracle.com/cloud/iaas/faq.html
Question # 16
Which OCI service is the most cost-effective?
A. File Storage B. Object Storage (standard) C. Block Volume D. Archive Storage
Answer: B
Question # 17
Which OCI Identity and access management capability helps you to organize multiple
users into teams?
A. Policies B. Groups C. Dynamic Groups D. Users
Answer: B Explanation: IAM Group is A collection of users who all need the same type of access to a particular set of resources or compartment. IAM DYNAMIC GROUP is A special type of group that contains resources (suchas compute instances) that match rules that you define (thus the membership can change dynamically as matching resources are created or deleted). These instances act as "principal" actors and can make API calls to services according to policies that you write for the dynamic group. Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm GROUP: A collection of users who all need the same type of access to a particular set of resources or compartment. Reference: https://docs.cloud.oracle.com/enus/iaas/Content/Identity/Tasks/managinggroups.htm
Question # 18
Which Oracle Cloud Infrastructure (OCI) service can be used to protect sensitive and
regulated data in OCI database services?
A. Oracle Data Guard B. OCI Audit C. Oracle Data Safe D. OCI OS management
Answer: C Explanation: Oracle Data Safe is a unified control center for your Oracle databases which helps you understand the sensitivity of your data, evaluate risks to data, mask sensitive data, implement andmonitor security controls, assess user security, monitor user activity, and address data security compliance requirements. Whether you’re using an Autonomous Database or an Oracle DB system, Oracle Data Safe delivers essential data security capabilities asa service on Oracle Cloud Infrastructure. Features of Oracle Data Safe: Oracle Data Safe provides the following set of features for protecting sensitive and
regulated data in Oracle Cloud databases, all in a single, easy-to-use management
console:
1) Security Assessment helps you assess the security of your cloud database
configurations. It analyzes database configurations, user accounts, and security controls,
and then reports the findings with recommendations for remediation activities that follow
best practices to reduce or mitigate risk.
2) User Assessment helps you assess the security of your database users and identify high
risk users. It reviews information about your users in the data dictionary on your target
databases, and calculates a risk score for each user. For example, it evaluates the user
types, how users are authenticated, the password policies assigned to each user, and how
long it has been since each user has changed their password. It also provides a direct link
to audit records related to each user. With this information, you can then deploy
appropriate security controls and policies.
3) Data Discovery helps you find sensitive data in your cloud databases. You tell Data
Discovery what kind of sensitive data to search for, and it inspects the actual data in your
database and its data dictionary, and then returns to you a list of sensitive columns. By
default, Data Discovery can search for a wide variety of sensitive data pertaining to
identification, biographic, IT, financial, healthcare, employment, and academic information.
4) Data Masking provides a way for you to mask sensitive data so that the data is safe for
non-production purposes. For example, organizations often need to create copies of their
production data to support development and test activities. Simply copying the production
data exposes sensitive data to new users. To avoid a security risk, you can use Data
Masking to replace the sensitive data with realistic, but fictitious data.
5) Activity Auditing lets you audit user activity on your databases so you can monitor
database usage and be alerted of unusual database activities.
Reference: https://docs.cloud.oracle.com/en-us/iaas/data-safe/doc/oracle-data-safeoverview.html
Question # 19
Which is a key benefit of using oracle cloud infrastructure autonomous data warehouse?
A. No username and password required B. Scale both CPU and Storage without downtime C. Apply databasepatches as they become available D. Maintain root level acress to the underlying operating system
Answer: B
Explanation: Oracle Autonomous Data Warehouse is a cloud data warehouse service
that eliminates virtually all the complexities of operating a data warehouse andsecuring
data. It automates provisioning, configuring, securing, tuning, scaling, patching, backing up,
and repairing of the data warehouse. Unlike other “fully managed” cloud data warehouse
solutions that only patch and update the service, it also features elastic, automated scaling,
performance tuning, security, and a broad set of built-in capabilities that enable machine
learning analysis, simple data loading, and data visualizations.
Data Warehouse uses continuous query optimization, table indexing,data summaries, and
auto-tuning to ensure consistent high performance even as data volume and number of
users grows. Autonomous scaling can temporarily increase compute and I/O by a factor of
three to maintain performance. Unlike other cloud services whichrequire downtime to scale,
Autonomous Data Warehouse scales while the service continues to run.
Reference: https://www.oracle.com/autonomous-database/autonomous-data-warehouse/
Question # 20
What two statements regarding the Virtual Cloud Network(VCN) are true?
A. A single VCN can contain both private and public Subnets. B. VCN is a regional resource that span across all the Availability Domains in a Region. C. You can only create one VCN per region. D. The VCN is the IPSec-based connection witha remote on premises location. E. VCN is a global resource that span across all the Regions
Answer: A,B Explanation: When you work with Oracle Cloud Infrastructure, one of the first steps is to set up a virtual
cloud network (VCN) for your cloud resources.
VIRTUAL CLOUD NETWORK (VCN) :
A virtual, private network that you set up in Oracle data centers. It closely resembles a
traditional network, with firewall rules and specific types of communication gateways that
you can choose to use. A VCN resides in a singleOracle Cloud Infrastructure region and
covers a single, contiguous IPv4 CIDR block of your choice. See Allowed VCN Size and
Address Ranges. The terms virtual cloud network, VCN, and cloud network are used
interchangeably in this documentation. For more information, see VCNs and Subnets.
SUBNETS :
Subdivisions you define in a VCN (for example, 10.0.0.0/24 and 10.0.1.0/24). Subnets
contain virtual network interface cards (VNICs), which attach to instances. Each subnet
consists of a contiguous range of IP addresses that do not overlap withother subnets in the
VCN. You can designate a subnet to exist either in a single availability domainavailability
domain
or across an entire region (regional subnets are recommended). Subnets act as a unit of
configuration within the VCN: All VNICs in a given subnet use the same route table,
security lists, and DHCP options (see the definitions that follow). You can designate a
subnet as either public or private when you create it. Private means VNICs in the subnet
can't have public IP addresses. Public means VNICs in the subnet can have public IP
addresses at your discretion. See Access to the Internet.
Reference: https://docs.cloud.oracle.com/enus/iaas/Content/Network/Concepts/overview.htm
Question # 21
What does Oracle's Payment Card Industry Data Security Standard (PCI DSS) attestation
of compliance provide to customers?
A. Customers can use these services for workloads that provides validation of card holder transaction but only as 3rd party B. Customers can use these services for workloads that process, or transmit cardholder data but not store it. C. Customers can use these services for workloads to process applications for credit card approval securely. D. Customers can use these services for workloads that store, process, or transmit cardholder data.
Answer: D Explanation: The Payment Card Industry Data Security Standard (PCI DSS) isa global set of security standard designed to encourage and enhance cardholder data security and promote the adoption of consistent data security measures around the technical and operational components related to cardholder data. Oracle has successfully completed a Payment Card Industry Data Security Standard (PCI DSS) audit and received an Attestation of Compliance (AoC) covering several Oracle Cloud Infrastructure services and the Oracle RightNow Service Cloud Service. As a PCI Level 1 Service Provider, customers can now use these services for workloads that store, process or transmit cardholder data. Reference: https://www.oracle.com/cloud/cloud-infrastructure-compliance/
Question # 22
Which gateway can be used to provide internet access to an Oracle Cloud Infrastructure
compute instance in a private subnet?
A. NAT Gateway B. Service Gateway C. Dynamic Routing Gateway D. Internet Gateway
Answer: A Explanation: A NAT gateway gives cloud resources without public IP addresses access to the internet without exposingthose resources to incoming internet connections.
Question # 23
Which option provides the best performance for running OLTP workloads in Oracle Cloud
Infrastructure?
A. OCI Exadata DB Systems B. OCI Autonomous Data Warehouse C. OCI Virtual Machine Instance D. OCI Dedicated Virtual Host
Answer: A Explanation: ExplanationOn an Exadata DB system, alldatabases share dedicated storage servers which include flash storage. By default, the databases are given equal priority with respect to these resources. The Exadata storage management software uses a first come, first served approach for query processing. If a database executes a major query that overloads I/O resources, overall system performance can be slowed down. The I/O Resource Management (IORM) allows you to assign priorities to your databases to ensure critical queries are processed first when workloads exceed their resource allocations. You assign priorities by creating directives that specify the number of shares for each database. The number of shares corresponds to a percentage of resources given to that database when I/O resources are stressed. Directives work together with an overall optimization objective you set for managing the resources. The following objectives are available: 1) Auto - Recommended. IORM determines the optimization objective and continuously and dynamically determines the optimal settings, based on the workloads observed, and resource plans enabled. 2) Balanced - For critical OLTP and DSS workloads. This setting balances low disk latency and high throughput. This setting limits disk utilization of large I/Os to a lesserextent than low latency to achieve a balance between good latency and good throughput. 3) High throughput - For critical DSS workloads that require high throughput. 4) Low latency - For critical OLTP workloads. This setting provides the lowest possible latency by significantly limiting disk utilization. Reference: https://docs.cloud.oracle.com/enus/iaas/Content/Database/Tasks/examanagingiorm.htm
Question # 24
What do the terms OpEx and CapEx refer to?
A. OpEx refers to Operational Excellence and CapEx refers to Capital Excellence B. OpEx refers to Operational Expenditure and CapEx refers to Capital Expenditure C. OpEx refers to Operational Expansion and CapEx refers to Capital Expenses D. OpEx refers to Operational Example and CapEx refers to Capita Example
What does compute instance horizonal scaling mean?
A. stopping/starting the instance B. backing up data to object storage C. adding additional compute instances D. changing compute instance size
Answer: C Explanation: Cloud Horizontal Scaling refersto provisioning additional servers to meet your needs, often splitting workloads between servers to limit the number of requests any individual server is getting. In a cloud-based environment, this would mean adding additional instances instead of movingto a larger instance size. Cloud Vertical Scaling refers to adding more CPU or memory to an existing server, or replacing one server with a more powerful server. Reference: https://cloudcheckr.com/cloud-cost-management/cloud-vs-data-center-what-is-scalabilityin-cloud-comp... Horizontal scaling means that you scale by adding more machines into your pool of resources whereas Vertical scaling means that you scale by adding more power (CPU, RAM) to an existing machine. An easy way to remember this is to think of a machine on a server rack, we add more
machines across the horizontal direction and add more resources to a machine
inthe vertical direction.
With horizontal-scaling it is often easier to scale dynamically by adding more machines into
the existing pool — Vertical-scaling is often limited to the capacity of a single machine,
scaling beyond that capacity often involvesdowntime and comes with an upper limit.
Reference: https://medium.com/@abhinavkorpal/scaling-horizontally-and-vertically-fordatabases-a2aef778610c
Question # 26
Which statement is true for an oracle cloud Infrastructure (OCI) compute instance?
A. Compute instance always get a public IP address B. Compute instance does not use a boot volume C. Compute instance cannot leverage auto scaling feature D. Compute instance always get a private IP address
Answer: D Explanation: When you create an instance, the instance is automatically attached to a virtual network interface card (VNIC) in the cloud network's subnet and given a private IP address from the subnet's CIDR. You can let the IP address be automatically assigned, or you can specify a particular address of your choice. The private IP address lets instances within the cloud network communicate with each other. Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Compute/Tasks/launchinginstance.htm
Instances use IP addresses for communication. Each instance has at least one private IP
address and optionally one or more public IP addresses. A private IP address enables the
instance to communicate with other instances inside the VCN, or with hosts in your onpremises network (via an IPSec VPN or Oracle Cloud Infrastructure FastConnect). A public
IP address enables the instance to communicate with hosts on the internet.
Reference: https://docs.cloud.oracle.com/enus/iaas/Content/Network/Tasks/managingIPaddresses.htm
Question # 27
Which service level agreement type is NOT offered by Oracle Cloud Infrastructure
Compute service?
A. Data Plane B. Performance C. Application Plane D. Control Plane
Answer: C Explanation: Oracle offers several different service level agreements as defined in this section (Service Level Agreements).Service level agreements range from least restrictive (data plane) to more restrictive (control plane) to most restrictive (performance). Reference: https://www.oracle.com/assets/paas-iaas-pub-cld-srvs-pillar-4021422.pdf
Question # 28
Which is NOT required to register and log support requests in My Oracle Support (MOS)?
A. Your Customer Support Identifier (CSl) B. Your account password C. Your tenancy OCID (Oracle Cloud Identifier) D. Your resource OCID (Oracle Cloud Identifier)
Answer: D Explanation: You can open a support service request with Oracle Support To create a service request: Go to My Oracle Support and sign in. If you are not signed into Oracle Cloud Support, click Switch to Cloud Support at the top of the page. Click Create Service Request. Select the following from the displayed menus: Service Type: Select Oracle Cloud Infrastructure from the list. Service Name: Select the appropriateoption for your organization. Problem Type: Select your problem type from the list. Enter your contact information. Enter a Description, and then enter the required fields specific to your issue. For most Oracle Cloud Infrastructure issues you need to include the OCID (Oracle Cloud Identifier) for each resource you need help with. See Locating Oracle Cloud Infrastructure IDs for instructions on locating these. Reference: https://www.zerowait-state.com/blog/create-sr/
Question # 29
Which two Oracle Cloud Infrastructure resources can be used to group/categorize
expenses?
A. Policies B. Tags C. Users D. Compartments E. Groups
Answer: B,D Explanation: You cando Costs Analysis in OCI and you can group and filter the cost by Tags or compartments To filter costs by dates To filter costs by tags To filter costs by compartments To remove a compartment or tag filter
Question # 30
Which two security capabilities are offered by Oracle Cloud Infrastructure?
A. Always on data encryption for data-at-rest. B. Certificate Management service C. Captcha D. Key Management service E. Managed Active Directory service
Answer: A,D Explanation: Oracle Cloud Infrastructure’s security approach is based on seven core pillars. Each pillar has multiple solutions designed to maximizethe security and compliance of the platform and to help customers to improve their security posture. High Availability: Offer fault-independent data centers that enable high-availability scale-out architectures and are resilient against network attacks,ensuring constant uptime in the face
of disaster and security attack.
Customer Isolation: Allow customers to deploy their application and data assets in an
environment that commits full isolation from other tenants and Oracle’s staff.
Data Encryption: Protect customer data at-rest and in-transit in a way that allows
customers to meet their security and compliance requirements with respect to
cryptographic algorithms and key management.
Security Controls: Offer customers effective and easy-to-use application, platform, and
network security solutions that allow them to protect their workloads, have a secure
application delivery using a global edge network, constrain access to their services, and
segregate operational responsibilities to reduce the risk associated with malicious and
accidental user actions.
Visibility: Offer customers comprehensive log data and security analytics that they can use
to audit and monitor actions on their resources, allowing them to meet their audit
requirements and reduce securityand operational risk.
Secure Hybrid Cloud: Enable customers to use their existing security assets, such as user
accounts and policies, as well as third-party security solutions, when accessing their cloud
resources and securing their data and application assets in the cloud.
Verifiably Secure Infrastructure: Follow rigorous processes and use effective security
controls in all phases of cloud service development and operation. Demonstrate adherence
to Oracle’s strict security standards through third-partyaudits, certifications, and
attestations. Help customers demonstrate compliance readiness to internal security and
compliance teams, their customers, auditors, and regulators.
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htm
Leave a comment
Your email address will not be published. Required fields are marked *