• Home
  • Articles
  • [Q71-Q91] Pass Your Oracle Cloud Solutions Infrastructure 1z0-1072-22 Exam Easily with Accurate PDF Questions [Nov 12, 2023]

[Q71-Q91] Pass Your Oracle Cloud Solutions Infrastructure 1z0-1072-22 Exam Easily with Accurate PDF Questions [Nov 12, 2023]

Share

Pass Your Oracle Cloud Solutions Infrastructure 1z0-1072-22 Exam Easily with Accurate PDF Questions [Nov 12, 2023]

1z0-1072-22 Certification Exam Dumps Questions in here


Oracle 1z0-1072-22 (Oracle Cloud Infrastructure 2022 Architect Associate) Exam is a certification exam designed for IT professionals who want to validate their skills in designing, implementing, and managing cloud infrastructure solutions using Oracle Cloud Infrastructure (OCI) services. 1z0-1072-22 exam covers various topics related to OCI, including compute, storage, network, database, security, and management services. Passing the exam demonstrates that the candidate has the knowledge and skills required to architect OCI solutions that meet business requirements and industry best practices.


Oracle 1z0-1072-22 exam is a computer-based exam that consists of multiple-choice questions. 1z0-1072-22 exam is administered by Pearson VUE, a leading provider of computer-based testing services. 1z0-1072-22 exam is available in several languages, including English, Japanese, Korean, and Simplified Chinese, among others. 1z0-1072-22 exam is designed to be taken by IT professionals who have experience in cloud computing and have already completed the Oracle Cloud Infrastructure Foundations 2022 Associate certification.

 

NEW QUESTION # 71
Which two tagging related items are valid attributes that may be included in payload of an audit log event?
(Choose two.)

  • A. Free-form tags
  • B. Cost-tracking tags
  • C. Defined tags
  • D. Default tags
    D18912E1457D5D1DDCBD40AB3BF70D5D
  • E. Tag variables
  • F. Predefined values

Answer: A,C

Explanation:
Reference:https://docs.cloud.oracle.com/en-us/iaas/Content/Audit/Reference/logeventreference.htm#payload


NEW QUESTION # 72
You deployed a web server in Oracle Cloud Infrastructure using an ephemeral public IP. After a few changes in your web server configuration, you rebooted the server and a new public IP was associated to your instance.
What should you do to prevent this from happening again?

  • A. Create a reserved public IP and associate it with the hosts file of your web server
  • B. Create a reserved public IP and associate it with the security list that your complete instance is using
  • C. Create a reserved public IP and associate it with the VNIC of your compute instance
  • D. Create a reserved public IP and associate it with the subnet of your compute instance

Answer: C

Explanation:
A public IP address is an IPv4 address that is reachable from the internet. If a resource in your tenancy needs to be directly reachable from the internet, it must have a public IP address. Depending on the type of resource, there might be other requirements.
There are two types of public IPs:
Ephemeral: Think of it as temporary and existing for the lifetime of the instance.
Reserved: Think of it as persistent and existing beyond the lifetime of the instance it's assigned to. You can unassign it and then reassign it to another instance whenever you like. Exception: reserved public IPs on public load balancers.
To create a new reserved public IP in your pool
Confirm you're viewing the region and compartment where you want to create the reserved public IP.
Open the navigation menu. Under Core Infrastructure, go to Networking and click Public IPs.
Click Create Reserved Public IP.
Enter the following:
Name: An optional friendly name for the reserved public IP. The name doesn't have to be unique, and you can change it later. Avoid entering confidential information.
Compartment: Leave as is.
Tags:Optionally, you can apply tags. If you have permissions to create a resource, you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you are not sure if you should apply tags, skip this option (you can apply tags later) or ask your administrator.
Click Create Reserved Public IP.
To assign a reserved public IP to a private IP
Prerequisite: The private IP must not have an ephemeral or reserved public IP already assigned to it. If it does, first delete the ephemeral public IP, or unassign the reserved public IP.
Confirm you're viewing the compartment that contains the instance with the private IP you're interested in.
Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
Click the instance to view its details.
Under Resources, click Attached VNICs.
The primary VNIC and any secondary VNICs attached to the instance are displayed.
Click the VNIC you're interested in.
Under Resources, click IP Addresses.
The VNIC's primary private IP and any secondary private IPs are displayed.
For the private IP you're interested in, click the Actions icon (three dots), and then click Edit.
In the Public IP Address section, for Public IP Type, select the radio button for Reserved Public IP.
Enter the following:
Compartment: The compartment that contains the reserved public IP you want to assign.
Reserved Public IP: The reserved public IP you want to assign. You have three choices:
Create a new reserved public IP. You may optionally provide a friendly name for it. The name doesn't have to be unique, and you can change it later. Avoid entering confidential information.
Assign a reserved public IP that is currently unassigned.
Move a reserved public IP from another private IP.
Click Update.


NEW QUESTION # 73
You currently manage an e-commerce application that utilizes 25 identical compute resources to handle customer traffic. The stakeholders have asked you to create another 25 identical compute resources in order to deploy and test a new version of the software?
What is the most efficient process to create 25 additional compute resources that are identical to the first 25?

  • A. Provision a new server and configure it to be identical to the first 25. Create a custom image from the new server, then use the custom image to provision 24 more servers
  • B. Create a custom image from 1 of the 25 servers. Use this custom image to provision 25 more servers
  • C. Clone the boot volume of 1 of the 25 servers. Use the boot volume clone to provision 25 more servers
  • D. Create a manual backup of each boot volume belonging to the 25 servers. Restore each backup to create 25 new boot volumes, from which you will provision 25 more servers

Answer: B


NEW QUESTION # 74
Your customer is using an Oracle Cloud Infrastructure (OCI) compartment named Production that hosts several resources such as compute instances, DB Systems and File Systems.Each resource in the Production compartment is tagged.
The customer's security team wants to restrict access to DB Systems to only the authorized group of DBAs.
Which OCI Tagging capability can be used to meet this requirement?

  • A. Cost-Tracking Tags
  • B. Tag-based Access Control
  • C. Tag Defaults
  • D. Tags Defaults with predefined values

Answer: B

Explanation:
Reference:https://docs.cloud.oracle.com/en-us/iaas/Content/Tagging/Tasks/ managingaccesswithtags.htm#about


NEW QUESTION # 75
Which two parameters are required in a back end set's HTTP health check? (Choose two.)

  • A. timeout
  • B. URL path
  • C. port
  • D. status code
  • E. response body

Answer: B,C

Explanation:
https://docs.cloud.oracle.com/iaas/Content/GSG/Tasks/loadbalancing.htm#Create Enter the Health Check details.
Load Balancing automatically checks the health of the instances for your load balancer. If it detects an unhealthy instance, it stops sending traffic to the instance and reroutes traffic to healthy instances. In this step, you provide the information required to check the health of servers in the backend set and ensure that they can receive data traffic.
Protocol: Select HTTP. Port: Enter 80 URL Path (URI): Enter / The rest of the fields are optional and can be left blank for this tutorial.
Click Create.


NEW QUESTION # 76
You are the Cloud Architect of a company, and are designing a solution on Oracle Cloud Infrastructure where you want to have all your compute instances resistant to hardware failure.
Which two are recommended best practices to achieve the requirement on Oracle Cloud Infrastructure? (Choose two.)

  • A. Design your system with redundant compute modes in different Availability Domains to support the failover capability.
  • B. Create a custom image of your system drive each time you change the image.
  • C. Attach block volumes from different Availability Domains to compute instances in different Availability Domains for high availability.
  • D. Create backups of your block volumes that are associated with compute instances in different regions.

Answer: A,B

Explanation:
Reference:
System Resilience Oracle Cloud Infrastructure runs on Oracle's high-quality Sun servers. However, any hardware can experience a failure. Follow industry-wide hardware failure best practices to ensure the resilience of your solution. Some best practices include:
Design your system with redundant compute nodes in different availability domains to support fail-over capability. Create a custom image of your system drive each time you change the image. Back up your data drives, or sync to spare drives, regularly. If you experience a hardware failure and have followed these practices, you can terminate the failed instance, launch your custom image to create a new instance, and then apply the backup data.


NEW QUESTION # 77
Which statement is true about cloning a volume?

  • A. You can create a clone for a volume across regions.
  • B. Youneed to detach a volume before cloning from it.
  • C. A cloned volume is the same as a snapshot that has a dependency on the source volume.
  • D. You can change the block volume size when cloning a volume.

Answer: D

Explanation:
Explanation
References:https://docs.cloud.oracle.com/iaas/Content/Block/Tasks/cloningavolume.htm?tocpath=Services%7CB


NEW QUESTION # 78
You are deploying a highly available web application in OracleCloud Infrastructure and have decided to use a public load balancer. The back-end web servers will be distributed across all three availability domains (ADs).
How many subnets should you create to deliver a secure highly available application?

  • A. three subnets in total; one subnet in each AD
  • B. foursubnets in total; one subnet in each AD for the web servers and a single subnet in any one AD for the load balancer
  • C. five subnets in total; two subnets each in the first and second AD with a single subnet in the third AD
  • D. six subnets in total; two subnets in each AD; one for the load balancer and one for the web servers

Answer: D


NEW QUESTION # 79
Which two statements define the types of DNS resolvers that exist? (Choose two.)

  • A. An Internet resolver allows instances to use the host names that are published on the Internet.
  • B. A VCN resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.
  • C. A custom resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.
  • D. A VCN resolver allows instances to use host names to communicate with instances on other VCNs in your tenancy.

Answer: A,C

Explanation:
https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/dns.htm
This is an Oracle-provided option that includes two parts: Internet Resolver: Lets instances resolve hostnames that are publicly published on the internet. The instances do not need to have internet access by way of either an internet gateway or a connection to your on-premises network (such as an IPSec VPN connection through a DRG ). VCN Resolver: Lets instances resolve hostnames (which you can assign) of other instances in the same VCN. For more information, see About the DNS Domains and Hostnames. By default, new VCNs you create use the Internet and VCN Resolver. If you're using the Networking API, this choice refers to the VcnLocalPlusInternet enum in the DhcpDnsOption object.
The Internet and VCN Resolver does not let instances resolve the hostnames of hosts in your on-premises network connected to your VCN by IPSec VPN connection or FastConnect. Use your own custom DNS resolver to enable that.
https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/dns.htm?Highlight=DNS%20resolver#About


NEW QUESTION # 80
You have provisioned an Autonomous Data Warehouse (ADW) database with 16 enabled OCPUs and need to configure the consumer group for your application.
Which two are true when deciding the number of sessions for each application? (Choose two.)

  • A. The HIGH consumer group can run 3 concurrent SQL statements when MEDIUM consumer group has 0 SQL statements
  • B. The MEDIUM consumer group can run 20 concurrent SQL statements when HIGH consumer group has 0 SQL statements
  • C. The MEDIUM and LOW consumer group can run up to 16 concurrent SQL statements if HIGH consumer group has 0 SQL statements
  • D. The HIGH consumer group can run up to 16 concurrent SQL statements as long as MEDIUM and LOW consumer groups have 0 SQL statements
  • E. The HIGH consumer group can run up to 16 concurrent SQL statements in addition to 32 concurrent SQL statements in MEDIUM and LOW consumer group each

Answer: A,B


NEW QUESTION # 81
Your Operations team has recently created a new, standard image that will be used to launch all new application servers in the Finance compartment. The custom image currently exists inthe Operations compartment. You have access to manage all-resources in the Finance compartment and do not have access to the Operations compartment.
Which two methods would make the new image available for you to use when deploying new servers in the Finance compartment? (Choose two.)

  • A. Instruct the Administrators team to grant you accessto use instance-images in the Operations compartment. Use the Oracle Cloud Identifier (OCID) of the custom image when launching new compute resources in the Finance compartment.
  • B. Instruct the Operations team to reassign the custom image to the Finance compartment so you can select it from a drop-down list when launching new compute resources.
  • C. Instruct the Operations team to export the image toan object storage bucket, create a pre-authenticated request (PAR), and provide you with the URL. Download the custom image to your laptop and import it as a custom image in the Finance compartment.
  • D. Instruct the Operations team to export the image to an object storage bucket, create a PAR, and provide you with the URL. Use that URL as the source when importing a custom image. Import the custom image into the Finance compartment.
  • E. Instruct the Operations team to export the image to an object storage bucket. Instruct the Administrators team to grant you access to the object storage bucket where the custom image is stored. Use the download URL of the custom image as the image source when launching new compute resources in the Finance compartment.

Answer: A,E


NEW QUESTION # 82
For a compute instancethat is launched in a private subnet in a Virtual Cloud Network (VCN), which action needs to be performed to connect to the Internet, assuming that the required security list is properly set up?

  • A. Create a default route entry in the route table to forward all traffic to the Internet gateway.
  • B. There is no way for an instance in a private subnet to connect to the Internet.
  • C. Create and configure Network Address Translation (NAT) in a public subnet and route all traffic to it.
  • D. Assign a Public IP address to the compute instance.

Answer: A


NEW QUESTION # 83
You are tasked with creating a highly available clustered application on Oracle Cloud Infrastructure consisting ofthree nodes. The round-trip latency between nodes must be less than 500 us (micro-seconds) and your cluster should be resilient to hardware failure.
What is the recommended deployment strategy?

  • A. Deploy the cluster nodes in two separate regions and take advantage of multiple availability domains (ADs) in each region.
  • B. Deploy the cluster nodes in a single region and deploy each node into a different AD.
  • C. Deploy the cluster nodes in a single region and deploy each node in different fault domains within a single AD.
  • D. Deploy the cluster nodes in a single region and deploy each node into a different AD. Select the same fault domain in each AD to ensure consistency.

Answer: C


NEW QUESTION # 84
Which two statements are true about Oracle Cloud Infrastructure IPSec VPN Connect?

  • A. OCI IPSec VPN can be configured in tunnel mode only
  • B. OCI IPSec VPN tunnel supports only static routes to route traffic
  • C. Each OCI IPSec VPN consists of multiple redundant IPSec tunnels
  • D. OCI IPSec VPN can be configured in trans port mode only

Answer: A,C

Explanation:
VPN Connect provides a site-to-site IPSec VPN between your on-premises network and your virtual cloud network (VCN). The IPSec protocol suite encrypts IP traffic before the packets are transferred from the source to the destination and decrypts the traffic when it arrives.
On general, IPSec can be configured in the following modes:
Transport mode: IPSec encrypts and authenticates only the actual payload of the packet, and the header information stays intact.
Tunnel mode (supported by Oracle): IPSec encrypts and authenticates the entire packet. After encryption, the packet is then encapsulated to form a new IP packet that has different header information.
Oracle Cloud Infrastructure supports only the tunnel mode for IPSec VPNs.
Each Oracle IPSec VPN consists of multiple redundant IPSec tunnels. For a given tunnel, you can use either Border Gateway Protocol (BGP) dynamic routing or static routing to route that tunnel's traffic. More details about routing follow.
IPSec VPN site-to-site tunnels offer the following advantages:
Public internet lines are used to transmit data, so dedicated, expensive lease lines from one site to another aren't necessary.
The internal IP addresses of the participating networks and nodes are hidden from external users.
The entire communication between the source and destination sites is encrypted, significantly lowering the chances of information theft.


NEW QUESTION # 85
You have the following compartment structure in your tenancy. Root compartment->Training->Training-subl ->Training-sub2 You create a policy in the root compartment to allow the default admin for the account (Administrators) to manage block volumes in compartment Training-sub2. What policy would you write to meet this requirement?

  • A. Allow group Administrators to manage volume-family in compartment Training-sub2
  • B. Allow group Administrators to manage volume-family in compartment Training-sub1 :Training-sub2
  • C. Allow group Administrators to manage volume-family in root compartment
  • D. Allow group Administrators to manage volume-family in compartment Training: Training-sub 1 :Training-sub2

Answer: D

Explanation:
a policy statement must specify the compartment for which access is being granted (or the tenancy). Where you create the policy determines who can update the policy. If you attach the policy to the compartment or its parent, you can simply specify the compartment name. If you attach the policy further up the hierarchy, you must specify the path. The format of the path is each compartment name (or OCID) in the path, separated by a colon:
<compartment_level_1>:<compartment_level_2>: . . . <compartment_level_n> For example, assume you have a three-level compartment hierarchy, shown here:

You want to create a policy to allow NetworkAdmins to manage VCNs in CompartmentC. If you want to attach this policy to CompartmentC or to its parent, CompartmentB, write this policy statement:
Allow group NewtworkAdmins to manage virtual-network-family in compartment CompartmentC However, if you want to attach this policy to CompartmentA (so that only administrators of CompartmentA can modify it), write this policy statement that specifies the path:
Allow group NewtworkAdmins to manage virtual-network-family in compartment CompartmentB:CompartmentC To attach this policy to the tenancy, write this policy statement that specifies the path from CompartmentA to CompartmentC:
Allow group NewtworkAdmins to manage virtual-network-family in compartment CompartmentA:CompartmentB:CompartmentC


NEW QUESTION # 86
Which statement is true about the Oracle Cloud Infrastructure File Storage Service Snapshots?

  • A. Snapshots are created under the root folder of file system, in a hidden directory named .snapshot
  • B. Snapshots are not incremental
  • C. It Is not possible to create snapshots from OCI console, but just the CLI
  • D. You can restore the whole snapshot, but not the individual files

Answer: A

Explanation:
Explanation
The File Storage service supports snapshotsfor data protection of your file system. Snapshots are a consistent, point-in-time view of your file systems. Snapshots are copy-on-write, and scoped to the entire file system. The File Storage service encrypts all file system and snapshot data at rest. You can take as many snapshots as you need.
Data usage is metered against differentiated snapshot data. If nothing has changed within the file system since the last snapshot was taken, the new snapshot does not consume more storage Snapshots are accessibleunder the root directory of the file system at .snapshot/name. For data protection, you can use a tool that supports NFSv3 to copy your data to a different availability domain, region, file system, object storage, or remote location.


NEW QUESTION # 87
Which statement is true about restoring a block volume from a manual or policy-based block volume backup?

  • A. It can be restored as new volumes with different sizes from the backups.
  • B. It can be restored as new volumes to any Availability Domain within the same region.
  • C. It must be restored as new volumes to the same Availability Domain on which the original block volume backup resides.
  • D. It can be restored as new volumes to any Availability Domain across different regions.

Answer: B


NEW QUESTION # 88
Which statement is true about OracleCloud Infrastructure FastConnect?

  • A. The FastConnect provider network offers only 1 Gbps port connection speed increments
  • B. For private peering, FastConnect extends your existing infrastructure to allow you to consume object storage from your on-premises data center
  • C. For public peering, a dynamic routing gateway must be configured and attached to the virtual cloud network (VCN)
  • D. For private peering, FastConnect extends your existing infrastructure toa virtual cloud network

Answer: D

Explanation:
Explanation
With FastConnect, you can choose to use , or both.
Private peering: To extend your existing infrastructure into a virtual cloud network (VCN) in Oracle Cloud Infrastructure (for example, to implement a hybrid cloud, or a lift and shift scenario). Communication across the connection is with IPv4 private addresses (typically RFC 1918).
Public peering: To access public services in Oracle Cloud Infrastructure without using the internet. For example, Object Storage, the Oracle Cloud InfrastructureConsole and APIs, or public load balancers in your VCN. Communication across the connection is with IPv4 public IP addresses. Without FastConnect, the traffic destined for public IP addresses would be routed over the internet.


NEW QUESTION # 89
You are designing a networking infrastructure in multiple Oracle Cloud Infrastructure regionsand require connectivity between workloads in each region. You have created a dynamic routing gateway (DRG) and a remote peering connection. However, your workloads are unable to communicate with each other.
What are two reasons for this? (Choose two.)

  • A. The security lists associated with subnets in each virtual cloud network (VCN) do not have the appropriate ingress rules
  • B. A local peering gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the local peering gateway
  • C. Identity and Access Management (IAM) policies have not been defined to allow connectivity across the two VCNs in different regions
  • D. The route table associated with subnets in each VCN do not have a route rule defined to forward the traffic to their respective DRGs
  • E. An Internet gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the Internet Gateway

Answer: A,D

Explanation:
Explanation
Setting Up a Remote Peering
Create the RPCs: Each VCN administrator creates an RPC for their own VCN's DRG.
Share information: The administrators share the basic required information.
Set up the required IAM policies for the connection: The administrators set up IAM policies to enable the connectionto be established.
Establish the connection: The requestor connects the two RPCs (see Important Remote Peering Concepts for the definition of the requestor and acceptor).
Update route tables: Each administrator updates their VCN's route tables to enable traffic between the peered VCNs as desired.
Update security rules: Each administrator updates their VCN's security rules to enable traffic betweenthe peered VCNs as desired.


NEW QUESTION # 90
Which two statements about the Oracle File Storage Service (FSS) Security are accurate? (Choose two.)

  • A. Oracle IAM controls which filesystems are mountable by which instances.
  • B. FSS leverages UNIX user group and permission checkingfor file access security.
  • C. Data in transit to an FSS mount target is encrypted.
  • D. Security lists can be used asa virtual firewall to prevent an instance from mounting an FSS mount target within a subnet.
  • E. Encryption of file storage in FSS is optional.

Answer: B,C

Explanation:
Explanation
All data is encrypted at rest. and In-transit encryption provides a way to secure your data between instances and mounted file systems using TLS v. 1.2 (Transport Layer Security) encryption.
File Storage service supports the AUTH_UNIX style of authentication and permission checking for remote NFS client requests.


NEW QUESTION # 91
......

Updated 1z0-1072-22 Exam Practice Test Questions: https://lead2pass.real4prep.com/1z0-1072-22-exam.html

Related Articles

more
Oracle 1z0-1072-22 Certification Practice Exam