100% Pass Top-selling 1z0-997-22 Exams - New 2023 Oracle Pratice Exam
Oracle Cloud Solutions Infrastructure Dumps 1z0-997-22 Exam for Full Questions - Exam Study Guide
NEW QUESTION 34
A developer is using Oracle Functions to deploy her code as part of an event-driven solution in Oracle Cloud Infrastructure (OCI). When she invokes her function, Oracle Functions returns a FunctionlnvokelmageNotAvailable message and a 502 error:
Which of the following options is NOT a plausible reason for this error?
- A. The function does not exist in the specified location in OCI Registry.
- B. The VCN being used does not have an internet gateway or a service gateway configured for Oracle Functions to be able to access OCI Registry.
- C. Missing or invalid IAM policy to give Oracle Functions read access to images stored for functions in repositories in OCI Registry.
- D. OCI Events service rule is not configured with the correct location of the function in OCI Registry.
Answer: D
NEW QUESTION 35
You are part of a project team working in the development environment created in OCI. You have realized that the CIDR block specified for one of the subnet in a VCN is not correct and want to delete the subnet. While deleting you are getting an error indicating that there are still resources that you must delete first. The error includes the OCID of the VNIC that is in the subnet.
Which of the following action you will take to troubleshoot this issue?
- A. Use OCI CLI to delete the VNIC first and then delete the subnet
- B. Copy and Paste OCID of the VNIC in the search box of the OCI Console to find out the parent resource of the VNIC
- C. Use OCI CLI to delete the subnet using --force option
- D. Use OCI CLI to call "GetVnic" operation to find out the parent resource of the VNIC
Answer: D
Explanation:
VCN, it must first be empty and have no related resources or attached gateways To delete a VCN's subnets, they must first be empty.
Note: When you create one of the preceding resources, you specify a VCN and subnet for it. The relevant service creates at least one VNIC in the subnet and attaches the VNIC to the resource. The service manages the VNICs on your behalf, so they are not readily apparent to you in the Console. The VNIC enables the resource to communicate with other resources over the network. Although this documentation commonly talks about the resource itself being in the subnet, it's actually the resource's attached VNIC.
If the subnet is not empty, you instead get an error indicating that there are still resources that you must delete first. The error includes the OCID of a VNIC that is in the subnet (there could be more, but the error returns only a single VNIC's OCID).
You can use the Oracle Cloud Infrastructure command line interface (CLI) or another SDK or client to call the GetVnic operation with the VNIC OCID. The response includes the VNIC's display name. Depending on the type of parent resource, the display name can indicate which parent resource the VNIC belongs to. You can then delete that parent resource, or you can contact your administrator to determine who owns the resource. When the VNIC's parent resource is deleted, the attached VNIC is also deleted from the subnet. If there are remaining VNICs in the subnet, repeat the process of determining and deleting each parent resource until the subnet is empty. Then you can delete the subnet.
For example, if you're using the CLI, use this command to get information about the VNIC.
oci network vnic get --vnic-id <VNIC_OCID
NEW QUESTION 36
You work for a retail company and they developed a Microservices based shopping application that needs to access Oracle Autonomous Database from the application. As an Architect, you have been tasked to treat all of the application components as Kubernetes native objects, such as the microservices, Oracle Autonomous database, Kubernetes services, etc.
What should you do to make sure that you can use Kubernetes constructs to manage the life cycle of the application components, including Oracle Autonomous Database? (Choose the best answer.)
- A. Provision an Oracle Autonomous Database and then use OCI Service Broker to access the database as a native component to your Kubernetes cluster.
- B. Create an Oracle Cloud Infrastructure (OCI) Service Gateway and connect to the Oracle Autonomous Database using the private IP address from the microservice.
- C. Install and secure the OCI Service Broker for Kubernetes. Then provision and bind to the required Oracle Cloud Infrastructure services.
- D. Create a service from the Kubernetes cluster and point to the Oracle Autonomous Database using its FQDN.
Answer: C
Explanation:
OCI Service Broker for Kubernetes is an implementation of the Open Service Broker API. OCI Service Broker for Kubernetes is specifically for interacting with Oracle Cloud Infrastructure services from Kubernetes clusters. It includes three service broker adapters to bind to the following Oracle Cloud Infrastructure services: Object Storage Autonomous Transaction Processing Autonomous Data Warehouse
NEW QUESTION 37
As part of planning the network design on Oracle Cloud Infrastructure, you have been asked to create an Oracle Cloud Infrastructure Virtual Cloud Network (VCN) with 3 subnets, one in each Availability Domain. Each subnet needs to have a minimum of 64 usable IP addresses.
What is the smallest subnet and VCN size you should use to implement this design? The requirements are static, so no growth is expected.
- A. 122 for the VCN; 124 for the subnets
- B. /24 for the VCN; /24 for the subnets
- C. /22 for the VCN; /25 for the subnets
- D. /23 for the VCN; /25 for the subnets
Answer: D
NEW QUESTION 38
A telecom company has an application running in Oracle Cloud Infrastructure (OCI) Germany Central (eu-frankfurt-1) region. They want to configure Disaster Recovery (DR) site in the OCI UK South (uk-london-1) region. Which is the most cost effective option to help set up application and persistence layers in the DR site?
- A. Application layer: configure events service rule in eu-frankfurt-1 region to filter Health Checks event failure and route traffic to uk-london-1 region in the event of a disaster.
Persistence layer: set up policy to schedule cross-region automated backups of block volumes between eu-frankfurt-1 and uk-london-1 regions. - B. Application layer: configure Traffic Management steering policy with Failover policy between servers in eu-frankfurt-1 and uk-london-1 regions.
Persistence layer: set up policy to schedule cross-region automated backups of file systems in File Storage service between eu-frankfurt-1 and uk-london-1 regions. - C. Application layer: configure Traffic Management steering policy with Load Balancing policy between servers in eu-frankfurt-1 and uk-london-1 regions.
Persistence layer: set up policy to schedule cross-region automated backups of block volumes between eu-frankfurt-1 and uk-london-1 regions. - D. Application layer: Set us a public laod balancerin the eu-frankfurt-1 region. Create a backend set with instances running in bothuk-frankfurt-1 and uk-london-1 regions.
Persistence layer: Set up OCI Object Storage replication from eu-frankfurt-1 region to uk-london-1 region.
Answer: C
NEW QUESTION 39
You have deployed a multi-tier application with multiple compute instances in Oracle Cloud Infrastructure. You want to back up these volumes and have decided to use Volume Group's feature. The Block volume and Compute instances exist in different compartments within your tenancy.
Periodically. a few child compartments are moved under different parent compartments, and you notice that sometimes volume group backup fails.
What could be the cause?
- A. You are exceeding your volume group backup quota configured.
- B. The Identity and Access Management policy allowing backup failed to move when the compartment was moved.
- C. You have the same block volume attached to multiple compute instances; if these compute instances are in different compartments then all concerned compartments must be moved at the same time.
- D. Compute instance with multiple block volumes attached cannot move when a compartment is moved.
Answer: B
Explanation:
You can move a compartment to a different parent compartment within the same tenancy. When you move a compartment, all its contents (subcompartments and resources) are moved with it. Moving a compartment has implications for the contents.
After you move a compartment to a new parent compartment, the access policies of the new parent take effect and the policies of the previous parent no longer apply. Before you move a compartment, ensure that:
You are aware of the policies that govern access to the compartment in its current position.
You are aware of the polices in the new parent compartment that will take effect when you move the compartment.
In some cases, when moving nested compartments with policies that specify the hierarchy, the polices are automatically updated to ensure consistency.
NEW QUESTION 40
An Oracle Cloud Infrastructure (OCI) Public Load Balancer's SSL certificate is expiring soon. You noticed the Load Balancer is configured with SSL Termination only. When the certificate expires, data traffic can be interrupted and security compromised.
What steps do you need to take to prevent this situation?
- A. Add the new SSL certificate to the Load Balancer, update listeners and backend sets so they can use the new certificate bundle.
- B. Add the new SSL certificate to the Load Balancer, update backend servers to work with a new certificate and edit listeners so they can use the new certificate bundle.
- C. Add the new SSL certificate to the Load Balancer and implement end to end SSL so it can encrypt the traffic from clients all the way to the backend servers.
- D. Add the new SSL certificate to the Load Balancer and update backend servers to use the new certificate bundle.
- E. Add the new SSL certificate to the Load Balancer and update listeners to use the new certificate bundle.
Answer: B
Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/Balance/Tasks/managingcertificates.htm
NEW QUESTION 41
Your security team has informed you that there are a number of malicious requests for your web application coming from a set of IP addresses originating from a country in Europe.
Which of the following methods can be used to mitigate these type of unauthorized requests?
- A. Web Application Firewall policy using access control rules
- B. Deny rules in Virtual Cloud Network Security Lists for the specific set of IP addresses.
- C. Deny rules in Virtual Cloud Network Security Group for the specific set of IP addresses.
- D. Delete Internet Gateway from Virtual Cloud Network.
Answer: A
NEW QUESTION 42
A cloud consultant is working on implementation project on OCI. As part of the compliance requirements, the objects placed in object storage should be automatically archived first and then deleted. He is testing a Lifecycle Policy on Object Storage and created a policy as below:
[ { "name": "Archive_doc", "action": "ARCHIVE", "objectNameFilter": { "inclusionPrefixes": "doc"] },
"timeAmount": 5, "timeunit": "DAYS", "isEnabled": true },
{ "name": "Delete_doc", "action": "DELETE", "objectNameFilter": "inclusionPrefixes": [ "doc"]
1."timeAmount": 5, "timeunit": "DAYS", "isEnabled": true }
What will happen after this policy is applied?
- A. All the objects having file extension ".doc" will be archived 5 days after object creation
- B. All objects with names starting with "doc" will be deleted after 5 days of object creation
- C. All the objects with names starting with "doc" will be archived 5 days after object creation and will be deleted 5 days after archival
- D. All the objects having file extension ".doc" will be archived for 5 days and will be deleted 10 days after object creation
Answer: B
Explanation:
Object Lifecycle Management works by defining rules that instruct Object Storage to archive or delete objects on your behalf within a given bucket. A bucket's lifecycle rules are collectively known as an object lifecycle policy.
You can use a rule to either archive or delete objects and specify the number of days until the specified action is taken.
A rule that deletes an object always takes priority over a rule that would archive that same object.
NEW QUESTION 43
You are tasked with building a highly available, fault tolerant web application for your current employer. The security team is concerned about an increase in malicious web-based attacks across the internet and asked what you can do to add a higher level of security to the website.
How should you architect the solution on Oracle Cloud Infrastructure (OCI) to meet all requirements defined by your organization? (Choose the best answer.)
- A. Deploy at least 3 web application servers, each in a different fault domain, using a regional private subnet. Place a public load balancer in a regional public subnet and create a backend set for all of the web application servers. Deploy a Web Application Firewall (WAF) and configure the load balancer public IP address as the origin.
- B. Deploy at least 3 web application servers, each in a different fault domain, using a regional private subnet. Place a public load balancer in a regional public subnet and create a backend set for all of the web application servers. Create a Geolocation steering policy in Traffic Management and add an answer pool that directs to the public IP address of the load balancer. Configure a global catch-all rule to use this answer pool.
- C. Deploy at least 3 web application servers, each in a different fault domain, using a regional public subnet. Ensure that each web application server is assigned a public IP address. Deploy a Web Application Firewall (WAF) and configure one Origin for each public IP address.
- D. Deploy at least 3 web application servers, each in a different fault domain, using a regional public subnet. Use the OCI Traffic Management service to create a load balancing policy that will resolve DNS evenly between all web servers.
Answer: A
NEW QUESTION 44
A customer is in a process of shifting their web based Sales application from their own data center located in US West to OCI India West (Mumbai) region. They want to do it in a controlled manner and initially only 1% of the traffic will be steered to the servers in OCI. After verification of everything is working as expected, the company is gradually planning to increase the ratio until they are comfortable with fully migrating all traffic to OCI.
Which of the following solution can be used in this situation?
- A. OCI DNS and OCI Load Balancer Service
- B. OCI DNS and Traffic Management with Geolocation Steering policy
- C. OCI DNS and Traffic Management with Load Balancer Steering policy
- D. OCI DNS and Traffic Management with Failover Steering policy
Answer: B
Explanation:
STEERING POLICIES is A framework to define the traffic management behavior for your zones. Steering policies contain rules that help to intelligently serve DNS answers.
FAILOVER
Failover policies allow you to prioritize the order in which you want answers served in a policy (for example, Primary and Secondary). Oracle Cloud Infrastructure Health Checks are leveraged to determine the health of answers in the policy. If the Primary Answer is determined to be unhealthy, DNS traffic will automatically be steered to the Secondary Answer.
LOAD_BALANCE
Load Balancer policies allow distribution of traffic across multiple endpoints. Endpoints can be assigned equal weights to distribute traffic evenly across the endpoints or custom weights may be assigned for ratio load balancing. Oracle Cloud Infrastructure Health Checks are leveraged to determine the health of the endpoint. DNS traffic will be automatically distributed to the other endpoints, if an endpoint is determined to be unhealthy.
ROUTE_BY_GEO
Geolocation-based steering policies distribute DNS traffic to different endpoints based on the location of the end user. Customers can define geographic regions composed of originating continent, countries or states/provinces (North America) and define a separate endpoint or set of endpoints for each region.
ROUTE_BY_ASN
ASN-based steering policies enable you to steer DNS traffic based on Autonomous System Numbers (ASN).
DNS queries originating from a specific ASN or set of ASNs can be steered to a specified endpoint.
ROUTE_BY_IP
IP Prefix-based steering policies enable customers to steer DNS traffic based on the IP Prefix of the originating query.
NEW QUESTION 45
There are two compartments: Networks and Devlnstances
There are two groups: NetworkAdmins with a user named Nick, and Devs with a user named Dave The following IAM policies are being used:
*Allow group NetworkAdmins to manage virtual-network-family in compartment Networks
*Allow group NetworkAdmins to manage instance-family in compartment Networks
*Allow group Devs to use virtual-network-family in compartment Networks
*Allow group Devs to manage all-resources in compartment Devlnstances
Nick creates a VCN in Networks compartment. Dave creates a VCN in Devlnstances compartment.
Which of the following statements is INCORRECT?
- A. Dave launches instances in Devlnstances using the VCN in Networks compartment
- B. Dave cannot launch new instances in Networks compartment
- C. Nick cannot launch new instances in Devlnstances compartment
- D. Nick launches instances in Networks using VCN in Devlnstances compartment
Answer: D
NEW QUESTION 46
A small business specializing in video processing wants to leverage cloud storage in order to lower its costs. They are looking to backup all video data generated, from an existing on-premises file server to Oracle Cloud Infrastructure (OCI). The requirement is to setup continuous data sync as changes are made to on- premises file server. What is the most cost effective solution for this scenario?
- A. Set up file storage service on OCI and mount the file system to an instance running on-premises. Move all the data to this on-premises instance and then sync the videos to the shared file system.
- B. Setup an on-premises OCI Storage Gateway Cloud Sync to back up videos to OCI Object Storage Archive tier.
- C. Set up a VPN connect connection and back up all videos to Object storage standard bucket. Create a lifecycle policy to move files older than 30 days to Archive Storage.
- D. Set up a Fastconnect virtual Circuit and nightly back up all videos to OCI Archive Storage.
Answer: B
NEW QUESTION 47
A new international hacktivist group, based in London, launched wide scale cyber attacks including SQL Injection and Cross-Site Scripting (XSS) across multiple websites which are hosted in Oracle Cloud Infrastructure (OCI). As an IT consultant, you must configure a Web Application Firewall (WAF) to protect these websites against the attacks.
How should you configure your WAF to protect the website against those attacks? (Choose the best answer.)
- A. Enable a Protection Rule to block requests that came from London.
- B. Enable an Access Rule that contains XSS Filters Categories and SQL Filters Categories.
- C. Enable a Protection Rule to block the attacks based on HTTP Headers that contain XSS and SQL strings.
- D. Enable an Access Rule to block the IP Address range from London.
- E. Enable a Protection Rule that contains XSS Filters Categories and SQL Filters Categories.
Answer: E
Explanation:
https://www.ateam-oracle.com/using-oci-waf-web-application-firewall-with-oracle-e-business-suite#:~:text=The%20protection%20rules%20can%20be,achieved%20by%20enabling%20corresponding%20rules.
NEW QUESTION 48
You are advising the database administrator responsible for managing non-production environment for Oracle Autonomous Database running on Oracle Cloud Infrastructure. You need to help the database administrator ensure that the non-production environments have a copy of the current data from the production environment in a manner that is most time-efficient.
Which method should you recommend? (Choose the best answer.)
- A. Create a full clone of the production Autonomous Database and create the non-production database from it.
- B. Create a metadata clone of the production Autonomous Database and create the non-production database from it.
- C. Take a full database backup of the production Autonomous database and create the non-production database from it.
- D. Take a Data Pump export of the production Autonomous database and import into the non-production database.
Answer: A
Explanation:
https://www.oracle.com/database/technologies/datawarehouse-bigdata/adb-faqs.html
NEW QUESTION 49
Which of the following is NOT a good use case for the volume backup feature of the Oracle Cloud Infrastructure Block Volume service?
- A. Meet compliance and regulatory requirements for data to remain unchanged over time, so that it can be retrieved for audit purposes.
- B. Support business continuity requirements of reducing the risk of outages or data mutation over time.
- C. Retain a copy of data in a volume, so that you can duplicate an environment later or preserve the data for future use.
- D. Rapidly duplicate an environment in seconds to test configuration changes without impacting your production environment.
Answer: D
NEW QUESTION 50
You are running a legacy application in a compute instance on Oracle Cloud Infrastructure (OCI). To provide enough space for it to store internal data, a block volume is attached to the instance in paravirtualized mode.
Your application is not resilient to crash-consistent backup.
What should you do to backup the block volume in a secure and cost effective way? (Choose the best answer.)
- A. Save your application data, detach the block volume and create a clone.
- B. Create a volume group, add the boot volume and then run the volume group backup.
- C. Create a backup, detach the block volume and save your application data.
- D. Save your application data, detach the block volume and create a backup.
Answer: D
NEW QUESTION 51
You are working as a cloud consultant for a major media company. In the US and your client requested to consolidate all of their log streams, access logs, application logs, and security logs into a single system.
The client wants to analyze all of their logs In real-time based on heuristics and the result should be validated as well. This validation process requires going back to data samples extracted from the last 8 hours.
What approach should you take for this scenario?
- A. Create a bare-metal instance big enough to host a syslog enabled server to process the logs and store logs on the locally attached NVMe SSDs for rapid retrieval of logs when needed.
- B. Set up an OCI Audit service and ingest all the API arils from Audit service pragmatically to a client side application to apply heuristics and save the result in an OCI Object storage.
- C. Create an auto scaling pool of syslog-enabled servers using compute instances which will store the logs In Object storage, then use map reduce jobs to extract logs from Object storage, and apply heuristics on the logs.
- D. Stream all the logs and cloud events of Events service to Oracle Streaming Service. Build a client process that will apply heuristics on the logs and store them in an Object Storage.
Answer: D
Explanation:
The Oracle Cloud Infrastructure Streaming service provides a fully managed, scalable, and durable storage solution for ingesting continuous, high-volume streams of data that you can consume and process in real time. Streaming can be used for messaging, ingesting high-volume data such as application logs, operational telemetry, web click-stream data, or other use cases in which data is produced and processed continually and sequentially in a publish-subscribe messaging model.
Streaming Usage Scenarios
Here are some of the many possible uses for Streaming:
Metric and log ingestion: Use the Streaming service as an alternative for traditional file-scraping approaches to help make critical operational data more quickly available for indexing, analysis, and visualization.
Messaging: Use Streaming to decouple components of large systems. Streaming provides a pull/bufferbased communication model with sufficient capacity to flatten load spikes and the ability to feed multiple consumers with the same data independently. Key-scoped ordering and guaranteed durability provide reliable primitives to implement various messaging patterns, while high throughput potential allows for such a system to scale well.
Web/Mobile activity data ingestion: Use Streaming for capturing activity from websites or mobile apps (such as page views, searches, or other actions users may take). This information can be used for realtime monitoring and analytics, as well as in data warehousing systems for offline processing and reporting.
Infrastructure and apps event processing: Use Streaming as a unified entry point for cloud components to report their life cycle events for audit, accounting, and related activities.
NEW QUESTION 52
You want to automate the processing of new image files to generate thumbnails. The expected rate is 10 new files every hour.
Which of the following is the most cost effective option to meet this requirement in Oracle Cloud Infrastructure (OCI)?
- A. Upload files to an OCI Object storage bucket. Every time a file is uploaded, trigger an event with an action to provision a compute instance with a cloud-init script to access the file, process it and store it back in an Object storage bucket. Terminate the instance using Autoscaling policy after the processing is finished.
- B. Upload all files to an Oracle Streaming Service (OSS) stream. Setup a cron job to invoke a function in Oracle Functions to fetch data from the stream. Invoke another function to process the image files and generate thumbnails.
Store thumbnails in another OSS stream. - C. Build a web application to ingest the files and save them to a NoSQL Database. Configure OCI Events service to trigger a notification using Oracle Notification Service (ONS). ONS invokes a custom application to process the image files to generate thumbnails. Store thumbnails in a NoSQL Database table.
- D. Upload files to an OCI Object storage bucket. Every time a file is uploaded, an event is emitted. Write a rule to filter these events with an action to trigger a function in Oracle Functions. The function processes the image in the file and stores the thumbnails back in an Object storage bucket.
Answer: D
NEW QUESTION 53
You are the Solution Architect that designed this Oracle Cloud Infrastructure (OCI) compartment layout for your organization:
The development team has deployed quite a few instances under 'Compute' Compartment and the operations team needs to list the Instances under the same compartment for their testing. Both teams, development and operations are part of a group called 'Eng-group' You have been looking for an option to allow the operations team to list the instances without access any confidential information or metadata of resources.
Which IAM policy should you write based on these requirements?
- A. Allow group Eng-group to read instance-family in compartment Compute and attach the policy to 'Engineering' Compartment.
- B. Allow group Eng-group to read instance-family in compartment Dev-Team-.Compute and attach the policy to'Dev-Team'
- C. Allow group Eng-group to inspect instance-family in compartment Dev-Team:Compute and attach the policy to 'Engineering' Compartment
- D. Allow group Eng-group to inspect instance-family in compartment Dev-Team: Compute and attach the policy to 'SysTest Team' Compartment
Answer: C
Explanation:
Policy Attachment
When you create a policy you must attach it to a compartment (or the tenancy, which is the root compartment). Where you attach it controls who can then modify it or delete it. If you attach it to the tenancy (in other words, if the policy is in the root compartment), then anyone with access to manage policies in the tenancy can then change or delete it. Typically that's the Administrators group or any similar group you create and give broad access to. Anyone with access only to a child compartment cannot modify or delete that policy.
When you attach a policy to a compartment, you must be in that compartment and you must indicate directly in the statement which compartment it applies to. If you are not in the compartment, you'll get an error if you try to attach the policy to a different compartment. Notice that attachment occurs during policy creation, which means a policy can be attached to only one compartment.
Policies and Compartment Hierarchies
a policy statement must specify the compartment for which access is being granted (or the tenancy).
Where you create the policy determines who can update the policy. If you attach the policy to the compartment or its parent, you can simply specify the compartment name. If you attach the policy further up the hierarchy, you must specify the path. The format of the path is each compartment name (or OCID) in the path, separated by a colon:
<compartment_level_1>:<compartment_level_2>: . . . <compartment_level_n> to allow action to compartment Compute so you need to set the compartment PATH as per where you attach the policy as below examples if you attach it to Root compartment you need to specify the PATH as following Engineering:Dev-Team:Compute if you attach it to Engineering compartment you need to specify the PATH as following Dev-Team:Compute if you attach it to Dev-Team or Compute compartment you need to specify the PATH as following Compute Note : in the Policy inspect verb that give the Ability to list resources, without access to any confidential information or user-specified metadata that may be part of that resource.
NEW QUESTION 54
You have been asked to create a mobile application which will be used for submitting orders by users of a popular E-Commerce site. The application is built to work with Autonomous Transaction Processing - Serverless (ATP-S) database as the backend and HTML5 on Oracle Application Express as the front end. During the peak usage of the application you notice that the application response time is very slow. ATP-S database is deployed with 3 CPU cores and 1 TB of memory.
Which two options are expensive or impractical ways to improve the application response times?
- A. Enable auto scaling for CPU cores on ATP-S database.
- B. Use the Machine Learning (ML) feature of the ATP-S database iteratively to tune the SQL queries used by the application.
- C. Identify the maximum memory capacity needed for peak times and scale the memory for the ATP-S database to that number. ATP-S will scale the memory down when not needed.
- D. Identify the maximum CPU capacity needed for peak times and scale the CPU core count for the ATP-S database to that number. ATP-S will scale the CPU core count down when not needed.
- E. Scale up CPU core count and memory during peak times.
Answer: D,E
NEW QUESTION 55
An insurance company is storing critical financial data in the Oracle Cloud Infrastructure block volume. This volume is currently encrypted using oracle managed keys. Due to regulatory compliance, the customer wants to encrypt the data using the keys that they can control and not the keys which are controlled by Oracle.
What of the following series of tasks are required to encrypt the block volume using customer managed keys?
- A. Create a master encryption key, create a new version of the encryption key, decrypt the block volume using existing oracle managed keys and encrypt using new version of the encryption key.
- B. Create a vault, create a master encryption key in the vault, assign this master encryption key to the block volume.
- C. Create a master encryption key, create a data encryption key, decrypt the block volume using existing oracle managed keys, encrypt the block volume using the data encryption key.
- D. Create a vault import your master encryption key into the vault, generate data encryption key, assign data encryption key to the block volume.
Answer: B
NEW QUESTION 56
A civil engineering company is running an online portal In which engineers can upload there constructions photos, videos, and other digital files.
There is a new requirement for you to implement: the online portal must offload the digital content to an Object Storage bucket for a period of 72 hours. After the provided time limit has elapsed, the portal will hold all the digital content locally and wait for the next offload period.
Which option fulfills this requirement?
- A. Create a Dynamic Group with matching rule for the portal compute Instance and grant access to the Object Storage bucket for 72 hours.
- B. Create a pre authenticated URL for the entire Object Storage bucket to write content with an expiration of 72 hours.
- C. Create a pre authenticated URL lot each object that Is uploaded to the Object Storage bucket with an expiration of 72 hours.
- D. Create a pre-authenticated URL for the entire Object Storage bucket to read and list the content with an expiration of 72 hours.
Answer: B
Explanation:
Pre-authenticated requests provide a way to let users access a bucket or an object without having their own credentials, as long as the request creator has permission to access those objects.
For example, you can create a request that lets operations support user upload backups to a bucket without owning API keys. Or, you can create a request that lets a business partner update shared data in a bucket without owning API keys.
When creating a pre-authenticated request, you have the following options:
You can specify the name of a bucket that a pre-authenticated request user has write access to and can upload one or more objects to.
You can specify the name of an object that a pre-authenticated request user can read from, write to, or read from and write to.
Scope and Constraints
Understand the following scope and constraints regarding pre-authenticated requests:
Users can't list bucket contents.
You can create an unlimited number of pre-authenticated requests.
There is no time limit to the expiration date that you can set.
You can't edit a pre-authenticated request. If you want to change user access options in response to changing requirements, you must create a new pre-authenticated request.
The target and actions for a pre-authenticated request are based on the creator's permissions. The request is not, however, bound to the creator's account login credentials. If the creator's login credentials change, a pre-authenticated request is not affected.
You cannot delete a bucket that has a pre-authenticated request associated with that bucket or with an object in that bucket.
NEW QUESTION 57
You have been asked to implement a bespoke financial application in Oracle Cloud Infrastructure using virtual machine instances controlled by Autoscaling across multiple Availability Domains. The application stores transaction logs, intermediate transaction data, and audit data and needs to store this on a persistent, durable data store accessible from all of the application servers. The application requires the file system to be mounted in the /audit folder on the Linux file system. The system needs to tolerate the failure of two or more Fault Domains and still maintain data integrity. The solution should be as low maintenance as possible.
What storage architecture should you suggest?
- A. Use File Storage Service(FSS). Configure FSS to operate from all Availability Domains the application servers operate in and mount the file system in the /audit folder.
- B. Use locally attached NVMe instances and configure RAID 0 replication between servers.
- C. Store the data on Oracle Object Storage mounted at the /audit mount point on all the Linux instances using the default mount options.
- D. Implement a single instance and install an NFS server, configure and create an NFS share, and mount this as /audit on the application instances.
Answer: A
NEW QUESTION 58
You are designing the network infrastructure for an application consisting of a web server (server-1) and a Domain Name Server (server-2) running in two different subnets inside the same Virtual Cloud Network (VCN) in Oracle Cloud Infrastructure (OCI). You have a requirement where your end users will access server-1 from the internet and server-2 from your customer's on-premises network. The on-premises network is connected to your VCN over a FastConnect virtual circuit.
How should you design your routing configuration to meet these requirements?
- A. Configure two routing tables that have rules to route all traffic via a Dynamic Routing Gateway. Associate the two routing tables with all the VCN subnets.
- B. Configure a single routing table with two set of rules: one that has route to internet via an Internet Gateway and another that propagate specific routes to the on-premises network via a Dynamic Routing Gateway. Associate the routing table with all the VCN subnets.
- C. Configure two routing tables: first one with a route to internet via an Internet gateway; associate this route table to the subnet containing server-1 .Configure the second route table to propagate specific routes to the on-premises network via a Dynamic Routing Gateway; associate this route table to subnet containing server-2.
- D. Configure a single routing table with two set of rules: one that has route to internet via an Internet Gateway and another that propagates specific routes for the on-premises network via a Dynamic Routing Gateway. Don't associate this routing table with any of the subnets in the VCN.
Answer: C
NEW QUESTION 59
......
Oracle 1z0-997-22 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
Authentic Best resources for 1z0-997-22 Online Practice Exam: https://www.realexamfree.com/1z0-997-22-real-exam-dumps.html
1z0-997-22 Test Engine Practice Exam: https://drive.google.com/open?id=19EdEXbqLTJkFObIQWJ2rr4xErCqONJ6Q
