A Review Of Verified 1z0-1072-20 Brain Dumps

NEW QUESTION 1

You are designing a networking infrastructure in multiple Oracle Cloud Infrastructure regions and require connectivity between workloads in each region. You have created a dynamic routing gateway (DRG) and a remote peering connection. However, your workloads are unable to communicate with each other.
What are two reasons for this? (Choose two.)

• A. The security lists associated with subnets in each virtual cloud network (VCN) do not have the appropriate ingress rules
• B. Identity and Access Management (IAM) policies have not been defined to allow connectivity across the two VCNs in different regions
• C. A local peering gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the local peering gateway
• D. An Internet gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the Internet Gateway
• E. The route table associated with subnets in each VCN do not have a route rule defined to forward the traffic to their respective DRGs

Answer: AE

Explanation:
Setting Up a Remote Peering
Create the RPCs: Each VCN administrator creates an RPC for their own VCN's DRG. Share information: The administrators share the basic required information.
Set up the required IAM policies for the connection: The administrators set up IAM policies to enable the connection to be established.
Establish the connection: The requestor connects the two RPCs (see Important Remote Peering Concepts the definition of the requestor and acceptor).
Update route tables: Each administrator updates their VCN's route tables to enable traffic between the peered VCNs as desired.
Update security rules: Each administrator updates their VCN's security rules to enable traffic between the peered VCNs as desired.

NEW QUESTION 2

You created a public subnet and an internet gateway in your virtual cloud network (VCN) of Oracle Cloud Infrastructure. The public subnet has an associated route table and security list. However, after creating several compute instances in the public subnet, none can reach the Internet.
Which two are possible reasons for the connectivity issue? (Choose two.)

• A. The route table has no default route for routing traffic to the internet gateway.
• B. There is no stateful egress rule in the security list associated with the public subnet.
• C. There is no dynamic routing gateway (DRG) associated with the VCN.
• D. There is no stateful ingress rule in the security list associated with the public subnet.
• E. A NAT gateway is needed to enable the communication flow to internet.

Answer: AB

Explanation:
An internet gateway as an optional virtual router that connects the edge of the VCN with the internet. To use the gateway, the hosts on both ends of the connection must have public IP addresses for routing. Connections that originate in your VCN and are destined for a public IP address (either inside or outside the VCN) go through the internet gateway. Connections that originate outside the VCN and are destined for a public IP address inside the VCN go through the internet gateway.
Working with Internet Gateways
You create an internet gateway in the context of a specific VCN. In other words, the internet gateway is automatically attached to a VCN. However, you can disable and re-enable the internet gateway at any time.
Compare this with a dynamic routing gateway (DRG), which you create as a standalone object that you
then attach to a particular VCN. DRGs use a different model because they're intended to be modular building blocks for privately connecting VCNs to your on-premises network.
For traffic to flow between a subnet and an internet gateway, you must create a route rule accordingly in the subnet's route table (for example, destination CIDR = 0.0.0.0/0 and target = internet gateway). If the internet gateway is disabled, that means no traffic will flow to or from the internet even if there's a route rule that enables that traffic. For more information, see Route Tables.
For the purposes of access control, you must specify the compartment where you want the internet gateway to reside. If you're not sure which compartment to use, put the internet gateway in the same compartment as the cloud network. For more information, see Access Control.
You may optionally assign a friendly name to the internet gateway. It doesn't have to be unique, and you can change it later. Oracle automatically assigns the internet gateway a unique identifier called an Oracle Cloud ID (OCID). For more information, see Resource Identifiers.
To delete an internet gateway, it does not have to be disabled, but there must not be a route table that lists it as a target.
AS per compute instances can connect to the Internet so you use egress no ingress

NEW QUESTION 3

You provisioned an Oracle Autonomous Data Warehouse (ADW) on Oracle Cloud Infrastructure (OCI) and imported data into ADW.
You want to give your business analyst the ability to connect to the ADW database and run queries. Which two actions can help you meet this requirement? (Choose two.)

• A. Create a database user account for the business analyst.
• B. Grant the predefined database role DWROLE to the database user.
• C. Grant unlimited tablespace privilege to the database user.
• D. Grant the predefined database role DWADW to the database user.
• E. Grant the predefined database role DWUSER to the database user.

Answer: BC

Explanation:
Reference:
https://oracle.github.io/learning-library/oci-library/L100-LAB/Autonomous_Data_Warehouse/ADW_HOL.html

NEW QUESTION 4

Which statement is NOT true about the Oracle Cloud Infrastructure Object Storage service?

• A. Object storage resources can be shared across tenancies.
• B. Immutable option for data stored in the Object Storage can be set via retention rules.
• C. Object versioning is enabled at namespace level.
• D. Object lifecycle rules can be used to either archive or delete objects.

Answer: B

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Tasks/usingversioning.htm

NEW QUESTION 5

You are responsible for creating and maintaining an enterprise application that consists of multiple storage
volumes across multiple compute instances in Oracle Cloud Infrastructure (OCI).
The storage volumes include boot volumes and block volumes for your data storage. You need to create backups of these storage volumes in the most time-efficient manner.
How can you meet this requirement?

• A. Create clones of all boot volumes and block volumes one at a time.
• B. Create on-demand full backups of boot volumes, and copy data in block volumes to Object Storage using OCI CLI.
• C. Create on-demand full backups of block volumes, and create custom images from the boot volumes.
• D. Group together multiple storage volumes in a volume group and create volume group backups.

Answer: D

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Concepts/volumegroups.htm

NEW QUESTION 6

When terminating a compute instance, which statement is true?

• A. The instance needs to be stopped first, and then terminated.
• B. The boot volume is always deleted.
• C. All block volumes attached to the instance are terminated.
• D. Users can preserve the boot volume associated with the instance.

Answer: D

Explanation:
You can permanently terminate (delete) instances that you no longer need. Any attached VNICs and volumes are automatically detached when the instance terminates. Eventually, the instance's public and private IP addresses are released and become available for other instances. By default, the instance's boot volume is deleted when you terminate the instance, however you can preserve the boot volume associated with the instance, so that you can attach it to a different instance as a data volume, or use it to launch a new instance.

NEW QUESTION 7

Which storage service is used on OCI for a Data Transfer Service job?

• A. An instance with enough storage to accommodate the job
• B. An object bucket
• C. A File System service instance
• D. Block Volume

Answer: B

Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/DataTransfer/Concepts/overview.htm

NEW QUESTION 8

Your customer is using an Oracle Cloud Infrastructure (OCI) compartment named Production that hosts several resources such as compute instances, DB Systems and File Systems. Each resource in the Production compartment is tagged.
The customer's security team wants to restrict access to DB Systems to only the authorized group of DBAs. Which OCI Tagging capability can be used to meet this requirement?

• A. Tags Defaults with predefined values
• B. Tag Defaults
• C. Cost-Tracking Tags
• D. Tag-based Access Control

Answer: D

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Tagging/Tasks/managingaccesswithtags.htm#about

NEW QUESTION 9

When you try to create an instance on Oracle Cloud Infrastructure (OCI), what are three valid sources to choose the image from?

• A. Dedicated VM Host
• B. Object Storage
• C. Bare Metal Instance
• D. Platform Images
• E. Custom Image
• F. Partner Images
• G. Instance Pools

Answer: DEF

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Compute/Tasks/launchinginstance.htm

NEW QUESTION 10

Your company decided to move a few applications to Oracle Cloud Infrastructure (OCI) in the US West (us-phoenix-1) region.
You need to design a cloud-based disaster recovery (DR) solution with a requirement to deploy the DR resources in the US East (us-ashburn-1) region to minimize network latency.
What is the recommended deployment?

• A. Deploy production and DR applications in two separate virtual cloud networks (VCNs), each in different regions, and then use VCN local peering gateways for connectivity.
• B. Deploy production and DR applications in two separate VCNs, each in different region
• C. Connect them using a VCN remote peering connection.
• D. Deploy production and DR applications in the same VC
• E. Create production subnets in one AD, and DR subnets in another AD (assume a multi-AD region).
• F. Deploy production and DR applications in two separate VCNs in different availability domains (ADs) within the primary region, and then use a VCN remote peering connection for connectivity.

Answer: A

Explanation:
Remote VCN peering is the process of connecting two VCNs in different regions
The peering allows the VCNs' resources to communicate using private IP addresses without routing the traffic over the internet or through your on-premises network.

NEW QUESTION 11

Which two statements are true about Oracle Cloud Infrastructure storage services?

• A. You can move Object Storage buckets, Block Volumes and File Storage mount targets between compartments.
• B. File storage mount target does not provide a private IP address, while the Object Storage bucket provides one.
• C. File Storage uses the network file system (NFS) protocol, whereas Block Volume uses ISCSI.
• D. Block Volume service scales to Exabytes per Instance, while File Storage service offers unlimited scalability.
• E. You can take Incremental snapshots of Block Volumes, File Storage file systems and Object Storage buckets.

Answer: AC

NEW QUESTION 12

Which two statements are true when Oracle Data Guard is configured (using the Console) between two Virtual Machine DB Systems deployed in Oracle Cloud Infrastructure? (Choose two.)

• A. Primary is a 1-node RAC DB system and Standby is a 2-node RAC DB system.
• B. Primary is a 2-node RAC DB system and Standby is a 2-node RAC DB system.
• C. Primary is a 1-node RAC DB system and Standby is a 1-node RAC DB system.
• D. Primary is a 2-node RAC DB system and Standby is a 1-node RAC DB system.
• E. Primary is a Bare Metal DB system and Standby is a 1-node RAC DB system.

Answer: AC

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Database/Concepts/overview.htm

NEW QUESTION 13

Which DNS resource record type is used to point a host name to an IPv4 address?

• A. ALIAS
• B. A
• C. CNAME
• D. AAAA

Answer: B

Explanation:
References: https://docs.cloud.oracle.com/iaas/Content/DNS/Reference/supporteddnsresource.htm?tocpath=Services%7CDN

NEW QUESTION 14

Your company uses the Oracle Cloud Infrastructure (OCI) Object Storage service to share large data sets with its data science team. The data science team consists of 20 people who work from offices in Washington, D.C., and Tokyo. While working in these offices, employees are assigned an IP address from the public IP range 129.146.31.0/27
Which two steps should you take to ensure that the Object Storage bucket used in this scenario was only accessible from these office locations? (Choose two.)

• A. Write an IAM policy that includes the conditional statement where request.networkSource.name=CorpNet
• B. Set the bucket visibility to public and only share the URL with the data science team via email
• C. Create a pre-authenticated request for each data set and only share with the data science team via email
• D. Create a Network Source named CorpNetwork with a CIDR block of 129.146.31.0/27
• E. Create a Network Source named CorpNetwork with a CIDR block of 129.146.0.0/16
• F. Write an IAM policy that includes the conditional statement where request.region = 129.146.31.0/27

Answer: CE

NEW QUESTION 15

A financial firm is designing an application architecture for its online trading platform that must have high availability and fault tolerance.
Their solutions architect configured the application to use an Oracle Cloud Infrastructure Object Storage bucket located in the US West (us-phoenix-1) region to store large amounts of financial data. The stored financial data in the bucket must not be affected even if there is an outage in one of the Availability Domains or a complete region.
What should the architect do to avoid any costly service disruptions and ensure data durability?

• A. Create a new Object Storage bucket in another region and configure lifecycle policy to move data every 5 days.
• B. Create a lifecycle policy to regularly send data from Standard to Archive storage.
• C. Copy the Object Storage bucket to a block volume.
• D. Create a replication policy to send data to a different bucket in another OCI region.

Answer: A

NEW QUESTION 16

You are about to upload log file (5 TiB size) to Oracle Cloud Infrastructure object storage and have decided to use multipart upload capability for a more efficient and resilient upload.
Which two statements are true about multipart upload? (Choose two.)

• A. Individual object parts can be as small as 10 MiB or as large as 50 GiB
• B. While a multipart upload is still active, you cannot add parts even if the total number of parts is less than 10,000
• C. The maximum size for an uploaded object is 10 TiB
• D. You do not have to commit the upload after you have uploaded all the object parts

Answer: AC

Explanation:
With multipart upload, you split the object you want to upload into individual parts. Individual parts can be as large as 50 GiB or as small as 10 MiB. (Object Storage waives the minimum part size restriction for the last uploaded part.) Decide what part number you want to use for each part. Part numbers can range from 1 to 10,000. You do not need to assign contiguous numbers, but Object Storage constructs the object by ordering part numbers in ascending order.
The maximum size for an uploaded object is 10 TiB
While a multipart upload is still active, you can keep adding parts as long as the total number is less than 10,000.
https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Tasks/usingmultipartuploads.htm

NEW QUESTION 17

D18912E1457D5D1DDCBD40AB3BF70D5D
Which two methods are supported for migrating your on-premises Oracle database to an Oracle Autonomous Transaction Processing (ATP) database in Oracle Cloud Infrastructure? (Choose two.)

• A. Load text files into ATP using SQL Developer.
• B. Use RMAN duplicate.
• C. Use Oracle Data Pump.
• D. Transfer the physical database files and re-create the database.
• E. Use database backup and restore.

Answer: CD

Explanation:
Reference: https://docs.oracle.com/en/solutions/migrate-to-atp/index.html#GUID-28E5A683-6DC6-4A07- BB1C-55F020D4C1CD

NEW QUESTION 18

Which three must be configured for a load balancer to accept incoming traffic? (Choose two.)

• A. a listener
• B. a back-end server
• C. a back end set
• D. a security list that is open on a listener port
• E. a certificate

Answer: ABC

Explanation:
https://docs.cloud.oracle.com/iaas/Content/Balance/Tasks/managingloadbalancer.htm?tocpath=Services%7CLoa The essential components for load balancing include:• A load balancer with pre-provisioned bandwidth.• A backend set with a health check policy. See Managing Backend Sets.• Backend servers for your backend set. See Managing Backend Servers.• One or more listeners . See Managing Load Balancer Listeners.• Load balancer subnet security rules to allow the intended traffic. To learn more about these rules, see Security Rules.• Optionally, you can associate your listeners with SSL server certificate bundles to manage how your system handles SSL traffic. See Managing SSL Certificates.

NEW QUESTION 19

You are responsible for setting up access for all the cloud users of a large enterprise. You log in to the Phoenix region and start creating users and policies. You then realize that some users might be creating resources in the Ashburn region.
Which step should you perform to enable those users?

• A. You can assign a region to each of the users at the time of creation.
• B. IAM users are global and non-admin users can add resources to any region by default.
• C. You need to log in to each region separately to create users for that particular region.
• D. IAM users are globa
• E. As an administrator, make sure that you subscribe to the Ashburn region.

Answer: D

NEW QUESTION 20

Which three are capabilities of the dbaascli utility? (Choose three.)

• A. Patching the primary database deployment
• B. Open port 1521 in the VCN to allow for traffic to the listener
• C. Start and open the database instance
• D. Switchover and failover in an Oracle Guard configuration
• E. Clone a DB

Answer: ACD

Explanation:
https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html Using the dbaascli utility, you can:
Change the password of a database user. Start and stop a database.
Start and stop the Oracle Net listener
Check the status of the Oracle Data Guard configuration.
Perform switchover and failover in an Oracle Data Guard configuration. Patch the database deployment.
Perform database recovery. Rotate the master encryption key.
https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html

NEW QUESTION 21

Your company is moving an Internet-facing, 2-tier web application into Oracle Cloud Infrastructure. The application must have a highly available architecture.
Which two design options would you consider? (Choose two.)

• A. Configure a Dynamic Route Gateway in your VCN and make it highly available.
• B. Configure a NAT instance in your Virtual Cloud Network (VCN). Create a route rule by using the private IP of the NAT instance as a route target for all the private subnets in your VCN.
• C. Create an Internet Gateway and attach it to your VC
• D. Deploy public load balancer nodes into two Available Domains.
• E. Place all web servers behind a public load balancer.

Answer: CD

NEW QUESTION 22

Which two features are offered natively on Oracle Cloud Infrastructure Database Cloud Service (DBCS)? (Choose two.)

• A. Data Guard in Async mode within a region
• B. GoldenGate replication between two regions
• C. Data Guard in Maximum Protection mode
• D. backup to Object Storage

Answer: AD

Explanation:
Data Guard in Maximum Performance protection mode is supported not simply Maximum Protection mode, however, you can configure additional protection modes and transport types by logging on to the DB system and accessing Data Guard command-line interface( DGMGRL).

NEW QUESTION 23

You are a network architect and have designed the network infrastructure of a three-tier application on Oracle Cloud Infrastructure (OCI). In the architecture, back-end DB servers are in a private subnet. One of your DB administrators requests to have access to OCI object storage service.
How can you meet this requirement?

• A. Add a new route rule to the private subnet route table to route default traffic to the internet gateway.
• B. Attach a public IP address to the instances in the private subnet, and then add a new route rule to the private subnet route table to route default traffic to the internet gateway.
• C. Create a dynamic routing gateway (DRG) and attach it to your virtual cloud network (VCN). Add a default route rule to the private subnets route table and set the target as DRG.
• D. Create a service gateway, add a new route rule to the private subnet route table that uses object storage as target type.

Answer: D

Explanation:
A service gateway lets resources in your VCN privately access specific Oracle services, without exposing the data to an internet gateway or NAT. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic from the VCN to the service of interest travels over the Oracle network fabric and never traverses the internet.
To give your VCN access to a given service CIDR label, you must enable that service CIDR label for the VCN's service gateway. You can do that when you create the service gateway, or later after it's created. You can also disable a service CIDR label for the service gateway at any time.
For traffic to be routed from a subnet in your VCN to a service gateway, you must add a rule accordingly to the subnet's route table. The rule must use the service gateway as the target.
Reference:
https://blogs.oracle.com/cloud-infrastructure/connect-private-instances-with-oracle-servicesthrough-an-oracle-cl

NEW QUESTION 24

Which three methods can you use to manage Oracle Cloud Infrastructure services? (Choose three.)

• A. Oracle Cloud Infrastructure Desktop Client
• B. Oracle Cloud Infrastructure Console
• C. SSH or RDP
• D. Command-line Interface
• E. REST API

Answer: BDE

Explanation:
https://docs.cloud.oracle.com/iaas/Content/GSG/Concepts/baremetalintro.htm

NEW QUESTION 25
......