OCI CERTIFICATION Exam Study Questions 2022 – Complete Solution

OCI CERTIFICATION Exam Study Questions 2022 – Complete Solution Which statements are true for Instance Principals? (Choose Three) A. Customers perform credential management B. Policy is set at the Dynamic Group Level ...

OCI CERTIFICATION Exam Study Questions 2022 – Complete Solution Which statements are true for Instance Principals? (Choose Three) A. Customers perform credential management B. Policy is set at the Dynamic Group Level C. Authorization is via Dynamic Groups D. Dynamic Groups are defined by the properties of cloud services E. Authentication is at the instance level - ✔✔B. Policy is set at the Dynamic Group Level C. Authorization is via Dynamic Groups E. Authentication is at the instance level You are required to automate the creation and configuring the development environments. Which tool will you need to you? - ✔✔Vagrant Which are Server templating tools? (Choose two) A. Terraform B. Docker C. Puppet D. Chef E. Vagrant - ✔✔Docker, Vagrant Which is the command line tool in the Chef Development Kit?A. Chef Server B. Knife C. Inspec D. Habitat - ✔✔Knife When using the Oracle Cloud Infrastructure command line interface, which feature allows input of a JMESPath query to refine the command output? A. --generate-full-command-json-input B. --from-json C. --query D. --output [json - ✔✔--query 1.Which three statements are true about boot volumes? a. They help in troubleshooting or repairing boot disks. b. All boot volumes are encrypted at rest like block volumes. c. They help in instance scaling. d. They are not replicated across an AD automatically. e. They cannot preserve the boot disk content when a compute instance is terminated. - ✔✔a. They help in troubleshooting or repairing boot disks. b. All boot volumes are encrypted at rest like block volumes. c. They help in instance scaling. Which three are Object Storage Resources? a. Tableb. Bucket c. Compartment d. Tablespace e. Namespace f. Volumes - ✔✔b. Bucket c. Compartment e. Namespace Which is the first step to be performed to create and launch a compute instance? - ✔✔Choose a compartment Which three statements are true about Block Volume Service? a. It can create, attach, connect, and move volumes. b. All volumes are not replicated automatically. c. It can encrypt only data in volumes and not the backups. d. It dynamically provisions and manages block storage volumes. e. Block storage volumes need to be provisioned manually. f. It allows to store data on block volumes. - ✔✔a. It can create, attach, connect, and move volumes. d. It dynamically provisions and manages block storage volumes. f. It allows to store data on block volumes. Which three statements are true about namespaces? a. Bucket names within a namespace has to be unique. b. A namespace is a logical container for storing objects. c. A namespace is a logical entity that gets created with a tenant.d. Bucket names within a namespace can be duplicate. e. A namespace spans across all compartments in a tenant. - ✔✔a. Bucket names within a namespace has to be unique. c. A namespace is a logical entity that gets created with a tenant. e. A namespace spans across all compartments in a tenant. Which virtualization technology is used to virtualize the underlying bare metal server into smaller VMs? - ✔✔Hypervisor How is authorization done in an IAM service? - ✔✔By defining specific privileges in policies and associating them with principals Which IAM entity can make API calls against other OCI services without storing credentials in a configuration file? - ✔✔Instance Principals What provides a single point of entry for remote network paths coming into a VCN? - ✔✔A dynamic routing gateway What does off-box virtualization imply? - ✔✔Virtualization including storage and network IO virtualization is put out into the network. Which two are true about compartments? a. Compartments can be renamed. b. Each compartment contains all the OCI resources of a customer. c. Compartments are global and logical. d. Compartments can be moved across Availability Domains. e. Resources are shared within a compartment belonging to a customer. - ✔✔a. Compartments can be renamed.c. Compartments are global and logical. Which two are true about the Oracle Cloud Infrastructure? a. It enables zero-data-loss architectures and high availability scale-out architectures. b. It has the same set of APIs for VMs and bare metal servers. c. Customers do not have direct connections into its network. d. Customers cannot run its services behind a corporate firewall. e. It can run only Oracle database and applications. - ✔✔a. It enables zero-data-loss architectures and high availability scale-out architectures. b. It has the same set of APIs for VMs and bare metal servers. Which three are true about OCI DNS? - An OCI DNS can function either as a primary or secondary DNS service - Users can create Zones using the OCI Console under the "Networking" tab - Zones you are adding should be owned or controlled by you or the name should be unregistered - Zones can be created only from a zone file - DDoS protection needs to be externally configured for an OCI DNS - ✔✔- An OCI DNS can function either as a primary or secondary DNS service - Users can create Zones using the OCI Console under the "Networking" tab - Zones you are adding should be owned or controlled by you or the name should be unregistered Which three are true about Oracle Database Service?- They use a single interface for database client and RAC interconnect - Database Systems are protected by 2 or 3-way mirroring - Automated Data Guard is A available only within the same Availability domain - All of the Database Systems in OCI can be managed by tools such as Enterprise Manager, SQL Developer, etc. - At the database level encryption is enabled by default - ✔✔- Database Systems are protected by 2 or 3- way mirroring - All of the Database Systems in OCI can be managed by tools such as Enterprise Manager, SQL Developer, etc. - At the database level encryption is enabled by default Which Database Edition supports Exadata? - ✔✔Extreme Performance Which three are true about TCP Load Balancers? - They deal with delivery of messages only with no regard to the content of the messages - They support (Weighted) Round-Robin traffic shaping policy - They support Health Check for the server - They support the X-forwarded-for header - They support WebSocket for incoming HTTP traffic - ✔✔- They deal with delivery of messages only with no regard to the content of the messages - They support (Weighted) Round-Robin traffic shaping policy - They support Health Check for the server How many Compute Nodes are supported in a Full Rack Exadata DB System? - ✔✔8 Which two are true about Load Balancers (LB)?- For public Load Balancers you can specify a primary LB and a secondary LB - There is a single load balancer for TCP and HTTP protocols - Private Load Balancers require two subnets in separate Availability Domains (AD) - High Availability is provided for both public LB and private LB - They support HTTP/2 protocol - ✔✔-There is a single load balancer for TCP and HTTP protocols - They support HTTP/2 protocol If you are required to migrate your database to Oracle Cloud Infrastructure Database Service regardless of the endian format and DB character set of the on-premises database, which method will you use? - ✔✔Data Pump Conventional Export/Import Which statements are true about Oracle Cloud Infrastructure Database Service? (Pick 2) a. Automatic backups to object storage are set up for users when the database is started. b. Only Exadata shapes are supported. c. Operators have to go through the process of searching and manually installing relevant patches on their OCI DB host. d. TDE encryption is the default for at rest data. e. Exadata shapes cannot be scaled up. - ✔✔a. Automatic backups to object storage are set up for users when the database is started. d. TDE encryption is the default for at rest data. What are the components of IPSec VPN? (Choose three) a. CPE Object b. IPSec Connection c. VCN d. Dynamic Routing Gateway e. DNS - ✔✔a. CPE Objectb. IPSec Connection d. Dynamic Routing Gateway Which statements are true about the features of VCN? (Choose three) a. You can set up VCN Peering. b. You can have only one vNIC set up on Bare Metal Instances. c. You can set up secondary IP addresses on vNICs. d. You can have multiple vNICs set up on Virtual Instances. - ✔✔a. You can set up VCN Peering. c. You can set up secondary IP addresses on vNICs. d. You can have multiple vNICs set up on Virtual Instances. Which method can be used to privately connect the Oracle Cloud network to a customer's existing onpremises network? - ✔✔IPSec VPN OCI is ideal for... - ✔✔infrastructure heavy workloads that demand ability to scale and high performance Regions and availability domains can be connected via: - ✔✔VPN - Data travels across the public internet using IPSec tunnels FastConnect - Dedicated, physical connections between ADs/Regions/On-prem Multiple fault-decorrelated, independent datacenters - ✔✔Availability Domains Oracle-assigned unique ID to every resource - ✔✔OCID software-defined version of a traditional physical network including subnets, route tables and gateways on which your instances run - ✔✔VCNwhere does a VCN exist? - ✔✔within a single region, but across multiple availability domains T/F : each subnet is contained within a single AD - ✔✔True Provides a path for network traffic between your VCN and the public internet - ✔✔Internet Gateway A virtual router that provides a single point of entry for remote network paths coming into your VCN - ✔✔Dynamic Routing Gateway A common set of firewall rules associated with a subnet and applied to all instances launched inside the subnet - ✔✔Security List A set of route rules that provide mapping for the traffic from subnets via gateways to destinations outside the VCN - ✔✔Route Table collection of rules that allow inbound connections to reach the cluster services - ✔✔ingress rules a set of rules for processing a frame or packet that is sent out on a switch port. These rules ensure that the proper VLAN tagging standards are applied to the outbound data based on the actual port type defined. These rules apply only to outbound data on a switch port. - ✔✔egress rules When an instance receives traffic matching the stateful ingress rule, the response is tracked and automatically allowed regardless of any egress rules - ✔✔Connection Tracking The general concept of a connection between your existing network and your VCN over a private physical network instead of the internet - ✔✔FastConnect VCN automatically comes with these default components - ✔✔o Route table o Security List o Set of DHCP optionsenables lookup of other computers using host names - ✔✔DNS (Domain Naming System) You can choose the DNS for each subnet in the VCN. This is an Oracle-provided option that includes these two parts: - ✔✔Internet resolver, VCN resolver A VCN also provides ability to use a private IP as the target of a route rule in situations where you want to route a subnet's traffic to another instance. This can be used to: - ✔✔Implement NAT in VCN, Implement a virtual network function, manage an overlay network on the VCN What does an overlay network let you do? - ✔✔run container orchestration workloads Creating a network that is NAT enabled requires... - ✔✔creating a "front-end" public subnet and "backend" private subnet Process of connecting multiple VCNs - ✔✔VCN peering The two main compute services - ✔✔Bare Metal, Virtual Machine BILLING ______________ WHEN INSTANCES ARE STOPPED FOR HIGH IO AND DENSE IO COMPUTE SHAPES - ✔✔continues BILLING ________________ WHEN INSTANCES ARE IN A STOPPED STATE FOR STANDARD COMPUTE SHAPES - ✔✔pauses - A template of a virtual hard drive that determines the operating system and other software for an instance. - ✔✔Compute Image 4 Compute Images provided by OCI - ✔✔Oracle Linux, CentOS, Ubuntu, Windows Serverinternet-scale, high-performance storage platform. Ideal for storing an unlimited amount of unstructured data - ✔✔Object Storage Object Storage common use cases: - ✔✔primary data repository for big data Highly available and durable content depository for data, images, logs and video, etc. preserving data for longer periods of time Application log data for analysis and debugs/troubleshooting large data sets Object Storage Hierarchy - ✔✔Compartment --> Namespace --> Bucket --> Object Object Storage service features: - ✔✔Strong consistency, durability, performance, custom metadata, encryption Object Storage tiers - ✔✔Standard Archive Use case of Archive Storage - ✔✔for data to which you seldom or rarely access, but that must be retained and preserved for long periods of time. The cost efficiency of the Archive Storage offsets the long lead time required to access the data. Use case of Standard Storage - ✔✔for data to which you need fast, immediate, and frequent access. Data accessibility and performance justifies a higher price point to store data in the Object Storage Minimum retention requirement for Archive Storage - ✔✔90 days.T / F: Object Storage encryption can't be turned off - ✔✔true Provides a way to let users access a bucket or an object without having their own credentials - ✔✔PreAuthenticated Requests type of data storage that stores data in volumes, which act as individual hard disk drives (HDD). used to store data, software, code, dependencies, configurations and other files. - ✔✔Block Storage Block Storage use cases: - ✔✔o Expand an instance's storage o Persistent and durable storage o Instance scaling Elastic Block Storage configurable storage range - ✔✔50 GB to 16 TB components of block storage: - ✔✔An OCI compute host iSCSI Volume Boot Volume A TCP/IP-based standard used for communication between the instance and the attached volume - ✔✔iSCSI T / F: Block volumes are not specific to an AD - ✔✔False offline data transfer solution that lets you migrate large volumes of data to OCI - ✔✔Data Transfer Service Data Transfer Service use cases: - ✔✔Inadequate bandwidth or flaky internet connectionUploading large data sets to cloud over the wire is impractical Moving edge data periodically to cloud Transfer Device in Data Transfer Service - ✔✔Customer owned hard drive, prepared using DTS tooling Data is copied to the "Transfer Device" and shipped to Oracle Provides automated traffic distribution from one entry point to multiple servers in a VCN - ✔✔Load Balancing Service Load Balancing benefits - ✔✔Improves resource utilization, facilitates scaling and helps ensure high availability Load Balancing Service key differentiators - ✔✔Public or private load balancer and public or private IP address Provisioned bandwidth - 100 mbps, 400 mbps, 8 gbps Single LB for TCP and HTTP protocols how to connect SQL developer to ADW database (pick 3 of 5