Oracle 1z0-997-22 today updated questions - Verified by Oracle Experts

Oracle Cloud Infrastructure 2022 Architect Professional Questions and Answers

Question 1

A retail company has several on-premise data centers which span multiple geographical locations. They plan to move many of their business critical applications to Oracle Cloud Infrastructure (OCI). These applications require highly available network connections between on-premises and OCI.

Which option provides the highest level of redundancy?

Options:

Set up both Site-to-Site VPN and Fast Connect connections from OCI to separate edge devices on-premises.

Set up Site-to-Site VPN connection with two redundant tunnels from the on-premises edge device to OCI.

Use either a Site-to-Site VPN or FastConnect connection to connect to an on-premises edge device, since OCI provides network redundancy by default.

Set up Fast Connect with the colocation with Oracle option, and a compatible edge device on- premises.

Use transit routing by deploying a hub Virtual Cloud Network (VCN) in OCI peered with application VCNs as spokes, and with an on-premises edge device with two redundant tunnels in Site-to-Site VPN.

Question 2

You work for a German company as the Lead Oracle Cloud Infrastructure architect. You have designed a highly scalable architecture for your company's business critical application which uses the Load Balancer service auto which uses the Load Balancer service, autoscaling configuration for the application servers and a 2 Node VM Oracle RAC database. During the peak utilization period of the- application yon notice that the application is running slow and customers are complaining. This is resulting in support tickets being created for API timeouts and negative sentiment from the customer base.

What are two possible reasons for this application slowness?

Options:

Autoscaling configuration for the application servers didn't happen due to IAM policy that's blocking access to the application server compartment

The Load Balancer configuration is not sending traffic to the listener of the application servers.

Autoscaling configuration for the application servers didn't happen due to compartment quota breach of the VM shapes used by the application servers.

Autoscaling configuration for the application servers didn't happen due to service limit breach of the VM shapes used by the application servers

The Load Balancer doesn't have a Network Security Group to allow traffic to the application servers.

Question 3

You are working as a security consultant with a global insurance organization which is using Microsoft Azure Active Directory as an identity provider to manage user login/passwords. When a user logs in to Oracle Cloud Infrastructure (OCI) console, it should get authenticated by Azure AD.

Which set of steps are required to be configured in OCI to meet this requirement?

Options:

Setup Azure AD as an Identity Provider, import users and groups from Azure AD to OCI, set up IAM policies to govern access to Azure AD groups.

Setup Azure AD as an Enterprise Application, configure OCI for single sign-on, map Azure AD groups to OCI groups, set up the IAM policies to govern access to Azure AD groups.

Setup Azure AD as an Enterprise Application, map Azure AD users, groups and policies to OCI groups and users.

Setup Azure AD as an Identity Provider, map Azure AD groups to OCI groups, set up the IAM policies to govern access to Azure AD groups.

Question 4

Your organization needs to migrate legacy monolithic applications into cloud-native containerized RESTful microservices. The development team is testing the use of packaged procedures with containers in a fully serverless environment. Before migrating the existing code to production, the team decides to perform a lift and shift of the monolithic application and code the new features that are essential for serverless microservices.

You want to carry out a steady migration to the Oracle Cloud Infrastructure (OCI) platform, making the new microservice functionalities available while maintaining the monolithic application for all the other activities. You also want to integrate the legacy monolithic application with the new microservices to have a single interface with simplified management for auditing and monitoring while meeting operational and compliance requirements.

How can you meet this requirement?

Options:

Push the container image to OCIR, build a serverless function using the OCI Functions serviceBYOD (Bring-Your-Own-Dockerfile) feature, build an API deployment specification with serverless functions as the back-end, and use an OCI API gateway to provide front-end access to that function.

Push the container image to the OCI code repository, create an instance template with a Docker container running the image, and create an instance pool with autoscaling configuration. Use the OCI load balancer to provide an API endpoint to connect with the microservice.

Push the container image to the OCI code repository, build a serverless function using the OCI Functions service BYOD feature, build an API deployment specification with serverless functions as the back-end, and use an OCI API gateway to provide front-end access to that function.

Push the container image to OCIR, create an instance template with a Docker container running the image, and create an instance pool with autoscaling configuration. Use the OCI load balancer to provide an API endpoint to connect with the microservice.

Question 5

You are a DevOps engineer working for a high tech company, and are using Terraform to maintain your Oracle Cloud Infrastructure (OCI) resources. You have created a Terraform script that would create the infrastructure for deploying a web service. But want to tune in some settings within the OCI Instances using a shell script.

How should you write your Terraform script to run the shell script on OCI instance?

Options:

Use provisioner "remote-exec" in your code to run the shell script.

Use provisioner "local-exec" in your code to run the shell script.

Use resource "oci_core_instance" to create the instance and run the shell script.

Use provisioner "oci-remote-exec" in your code to run the shell script.

Question 6

You are a cloud architect at a financial organization. The development team is tasked with creating a cloud native application to be hosted on Oracle Cloud Infrastructure (OCI). The development team has followed a microservices-based approach and created containerized images of the cloud-native application and pushed them to OCI Registry (OCIR).

How can you deploy a load balanced application to your OCI Container Engine for Kubernetes (OKE) cluster using these images?

Options:

Create a load balancer using the OCI load balancer service, add the load balancer service IP in the manifest file, add the location of the docker image to the manifest file, and deploy the manifest file.

Create a named secret, add the secret to the manifest file, add the location of the docker image to the manifest file, add the service of type LoadBalancer in the manifest file, and deploy the manifest file.

Create an auth token, add the auth token to the manifest file, add the location of the docker image to the manifest file, add the service of type LoadBalancer in the manifest file, and deploy the manifest file.

Add the location of the docker image to the manifest file, deploy the manifest file. All applications are load-balanced by default in OKE

Question 7

You work for a bank as the lead Oracle Cloud Infrastructure architect. You designed a highly scalable solution for your company's banking application. The architecture includes a load balancer, application servers with autoscaling configuration based on CPU utilization, and an Autonomous Database with Transaction

Processing workload type running in a Virtual Cloud Network (VCN).

During the peak utilization period, the application users complain that the application runs slow.

What are two possible reasons for the application running slow at times? (Choose two.)

Options:

The VCN does not have a Network Security Group configured to allow traffic from the load balancer to all the application servers in the backend set.

Instance pool in autoscaling configuration for the application servers did not scale out due to compartment quota breach of the VM shapes used by the application servers.

The load balancer is not configured correctly to send traffic to all the listeners of the application servers in the backend set.

Instance pool in autoscaling configuration for the Autonomous Database did not scale out due to misconfigured scaling policy.

Instance pool in autoscaling configuration for the application servers did not scale out due to service limit breach of the VM shapes used by the application servers.

Question 8

You are creating an Oracle Cloud Infrastructure Dynamic Group. To determine the members of this group you are defining a set of matching rules.

Which of the following are the supported variables to define conditions in the matching rules? (Choose Two)

Options:

instance.compartment.id -the OCID of the compartment where the instance resides.

instance.tenancy.id -the OCID of the tenancy where the instance resides.

tag...value -the tag namespace and tag key.

iam.policy.id - the OCID of the IAM policy to apply to the group.

Question 9

Your company has recently deployed a new web application that uses Oracle functions Your manager Instructed you to Implement major manage your systems more effectively. You know that Oracle functions automatically monitors functions on your behalf reports metrics through Service Metrics.

Which two metrics are collected and made available by this feature?

Options:

length of time a function runs

number of times a function is removed

number of times a function is invoked

amount of CPU used by a function

number of concurrent connections

Question 10

An organization has its IT infrastructure in a hybrid setup with an on-premises environment and an Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) in the us-phonix-1 region. The on-premise applications communications with compute instances inside the VPN over a hardware VPN connection. They are looking to implement an Intrusion detected and Prevention (IDS/IPS) system for their OCI environment. This platform should have the ability to scale to thousands of compute of instances running inside the VCN.

How should they architect their solution on OCI to achieve this goal?

Options:

Set up an OCI Private Load Balance! and configure IDS/IPS related health checks at TCP and/or HTTP level to inspect traffic

Configure each host with an agent that collects all network traffic and sends that traffic to the IDS/IPS platform to inspection

There Is no need to implement an IPS/IDS system as traffic coming over IPSec VPN tunnels Is already encrypt

Configure autoscaling on a compute Instance pool and set vNIC to promiscuous mode to called traffic across the vcn and send it IDS/IPS platform for inspection.

Question 11

An eCommerce company is running on Oracle Cloud Infrastructure (OCI) and many compute instances remain unused for the most part of the year except during Black Friday and Christmas. You suggest them to use OCI's

Autoscaling feature and present them a slide to showcase the features of Autoscaling.

Which option below is inaccurate in your presentation to the customer?

Options:

A cooldown period between Autoscaling events lets the system stabilize at the updated level.

When an instance pool scales in, instances are terminated in this order: the number of instances is balanced across Availability Domains, and then balanced across Fault Domains. Finally, within a Fault Domain, the newest instance is terminated first.

Autoscaling relies on performance metrics such as CPU utilization that are collected by OCI Monitoring service to trigger an Autoscaling event.

Autoscaling requires an instance pool as a pre-requisite so that it can automatically adjust the number of compute instances in an instance pool.

Question 12

You are working as a solution architect for an online retail store to create a portal to allow the users to pay for their groceries using credit cards. Since the application is not fully compliant with the Payment Card Industry Data Security Standard (PCI DSS), your company is looking to use a third party payment service to process credit card payments.

The third party service allows a maximum of Spelunk IP addresses 5 public IP addresses at a time However, your website is using Oracle Cloud Infrastructure (OCI) Instance Pool Auto Scaling policy to create up to create up to 15 Instances during peak traffic demand, which are launched In VCN private in VCN private subnets and attached to an OCI public Load Balancer. Upon user payment, the portal connects to the payment service over the Interne! to complete the transaction

What solution can you implement to make sure that all compute Instances can connect to the third party system to process the payments aw peak traffic demand?

Options:

Route credit card payment request from the compute instances through the NAT Gateway. On the third-party services, whitelist the public IP associated with the NAT Gateway.

Create an OCI Command Line Interface (CLI) script to automatically reserve public IP address for the compute instances. On the third-party services, whitelist the Reserved public IP.

Whitelist the Internet Gateway Public IP on the third party service and route all payment requests through the Internet Gateway.

Route payment request from the compute instances through the OCI Load Balancer, which will then be routed to the third party service.

Question 13

You are trying to delete a compartment. The delete operation is falling and you need to troubleshoot the problem.

Which step should NOT be considered when troubleshooting this issue?

Options:

Verify that there are no policies In the root compartment that reference the compartment you are trying to delete.

Verify that you have removed all resources from the compartment.

Make sure you have at least one more compartment in your tenancy other than the root compartment.

Search for resources in the compartment for each region that your tenancy is subscribed to.

Question 14

An OCI Architect is working on a solution consisting of analysis of data from clinical trials of a pharmaceutical company. The data is being stored in OCI Autonomous Data Warehouse (ADW) having 8 CPU Cores and 70 TB of storage. The architect is planning to setup autoscaling to respond to dynamic changes in the workload.

Which of the following needs to be considered while configuring auto scaling? Choose two

Options:

Enabling auto scaling does not change the concurrency and parallelism settings

Auto scaling also scales IO throughput linearly along with CPU

The database memory SGA and PGA will not get affected by the changes in the number of CPUs during auto scaling

The maximum CPU cores that will be automatically allocated for this database is 16 CPUs

Question 15

You work for a retail company and they developed a Microservices based shopping application that needs to access Oracle Autonomous Database from the application. As an Architect, you have been tasked to treat all of the application components as Kubernetes native objects, such as the microservices, Oracle

Autonomous database, Kubernetes services, etc.

What should you do to make sure that you can use Kubernetes constructs to manage the life cycle of the application components, including Oracle Autonomous

Database? (Choose the best answer.)

Options:

Create an Oracle Cloud Infrastructure (OCI) Service Gateway and connect to the Oracle Autonomous Database using the private IP address from the microservice.

Provision an Oracle Autonomous Database and then use OCI Service Broker to access the database as a native component to your Kubernetes cluster.

Create a service from the Kubernetes cluster and point to the Oracle Autonomous Database using its FQDN.

Install and secure the OCI Service Broker for Kubernetes. Then provision and bind to the required Oracle Cloud Infrastructure services.

Question 16

A manufacturing company is planning to migrate their on-premises database to Oracle Cloud Infrastructure and has hired you for the migration. Customer has provided following information regarding their existing on-premises database:

Database version, database character set, storage for data staging, acceptable length of system outage.

What additional information do you need from customer in order to recommend a suitable migration method? (Choose Two)

Options:

On-Premises host operating system and version.

Number of active connections.

Data types used in the on-premises database.

Elapsed time since database was last patched.

Top 5 longest running queries.

Question 17

You are working with a customer who needs to attach an Oracle Cloud Infrastructure (OCI) block volume to a VM instance with read/write access type. The customer wants to know if the number of IOPS and throughput performance differs between the following two choices:

• Option A: attach a single 1 TB block volume to the VM instance

• Option B: attach two separate 500 GB block volumes In a RAID 0 array configuration to the VM instance

You can assume that the customer is using iSCSI attachment type to attach the volumes to the instance. In addition, you can assume 1 MB block size for throughput and 4 KB block size for IOPS consideration.

How should you respond to the customer?

Options:

Option B provides higher level of throughput, but lower level of IOPS performance.

Both options provide the same number of IOPS and throughput performance.

Option A provides better IOPS, but lower throughput performance.

Option B provides better IOPS and throughput performance.

Question 18

An organization has its mission critical application consisting of multiple application servers and databases running inside Virtual Cloud Network (VCN) in uk-london-1 region. Their solution architect wants to further strengthen their architecture by planning for Disaster Recovery (DR) in eu-frankfurt-1 region.

Which two solutions should their architect keep in mind while designing for DR?

Options:

A remote VCN peering connection is required to establish secure and reliable connectivity between different VCNs created in uk-london-1 and eu-frankfurt-1 region.

rsync utility can be used to asynchronously copy file systems or snapshot data to another region.

Load balancer will automatically distribute traffic between both the regions.

The RTO is the acceptable timeframe of lost data that application can tolerate.

It is not possible to use Active Data Guard to synchronize a database in uk-london-1 region to equivalent database in eu-frankfurt-1 region.

Question 19

An insurance company is storing critical financial data in the OCI block volume. This volume is currently encrypted using oracle managed keys. Due to regulatory compliance, the customer wants to encrypt the data using the keys that they can control and not the keys which are controlled by Oracle.

What of the following series of tasks are required to encrypt the block volume using customer managed keys?

Options:

Create a vault, import your master encryption key into the vault, generate data encryption key, assign data encryption key to the block volume

Create a master encryption key, create a data encryption key, decrypt the block volume using existing oracle managed keys, encrypt the block volume using the data encryption key

Create a vault, create a master encryption key in the vault, assign this master encryption key to the block volume D. Create a master encryption key, create a new version of the encryption key, decrypt the block volume using existing oracle managed keys and encrypt using new version of the encryption key

Question 20

You are part of a project team working in the development environment created in OCI. You have realized that the CIDR block specified for one of the subnet in a VCN is not correct and want to delete the subnet. While deleting you are getting an error indicating that there are still resources that you must delete first. The error includes the OCID of the VNIC that is in the subnet.

Which of the following action you will take to troubleshoot this issue?

Options:

Use OCI CLI to call "GetVnic" operation to find out the parent resource of the VNIC

Copy and Paste OCID of the VNIC in the search box of the OCI Console to find out the parent resource of the VNIC

Use OCI CLI to delete the VNIC first and then delete the subnet

Use OCI CLI to delete the subnet using --force option

Question 21

You are building a highly available and fault tolerant web application deployment for your company. Similar application delayed by competitors experienced web site attack including DDoS which resulted in web server failing.

You have decided to use Oracle Web Application Firewall (WAF) to implement an architecture which will provide protection against such attacks and ensure additional configuration will you need to implement to make sure WAF is protecting my web application 24×7.

Which additional configuration will you need to Implement to make sure WAF Is protecting my web application 24×7?

Options:

Configure auto scaling policy and it to WAF instance.

Configure Control Rules to send traffic to multiple web servers

Configure multiple origin servers

Configure new rules based on now vulnerabilities and mitigations

Question 22

A retail company has several on-premises data centers which span multiple geographical locations. They plan to move some of their applications from on-premises data centers to Oracle Cloud Infrastructure (OCI). For these applications running in OCI, they still need to interact with applications running on their on-premises data centers to Oracle Cloud Infrastructure (OCI). for these applications running in OCI. they still need to interact with applications running on their on-premises data centers. These applications require highly available, fault-tolerant network connections between on premises data centers and OCI.

Which option should you recommend to provide the highest level of redundancy?

Options:

Oracle cloud Infrastructure provides network redundancy by default so that no other operations are required

If your data centers span multiple, geographical locations, use only the specific IP address as a static route for the specific geographical location

Set up both IPSec VPN and FastConnect to connect your on premises data centers to Oracle Cloud Infrastructure.

Use FastConnect private peering only to ensure secure access from your data center to Oracle Cloud Infrastructure

Set up a single IPSec VPN connection (rom your data center to Oracle Cloud Infrastructure since It is cost effective

Question 23

You are currently working for a public health care company based in the United Stats. Their existing patient records runs in an on-premises data center and the customer is sending tape backups offsite as part of their recovery planning.

You have developed an alternative archival solution using Oracle Cloud Infrastructure (OCI) that will save the company a significant amount of mom on a yearly basis. The solution involves storing data in an OCI Object Storage bucket After reviewing your solution with the customer global Compliance (GRC) team they have highlighted the following security requirements:

• All data less than 1 year old must be accessible within 2 hour.

• All data must be retained for at least 10 years and be accessible within 48 hours

• AH data must be encrypted at rest

• No data may be transmitted across the public Internet

Which two options meet the requirements outlined by the customer GRC team?

Options:

Provision a FastConnect link to the closest OCI region and configure a private peering virtual circuit.

Create an OCI Object Storage Standard tier bucket Configure a lifecycle policy to archive any object that Is older than 365 days

Create a VPN connection between your on premises data center and OCI. Create a Virtual Cloud Network (VCN) along with an OCI Service Gateway for OCI Object Storage.

Provision a FastConnect link to the closest OCI region and configure a public peering virtual circuit

Create an OCI Object Storage Standard tier bucket. Configure a lifecycle policy to delete any object that is older than 7 years

Answer:

B, D

Explanation:

The Oracle Services Network is a conceptual network in Oracle Cloud Infrastructure that is reserved for Oracle services. These services have public IP addresses that you typically reach over the internet. However, you can access the Oracle Services Network without the traffic going over the internet. There are different

ways, depending on which of your hosts need the access:

Hosts in your on-premises network:

- Private access through a VCN with FastConnect private peering or VPN Connect: The on-premises hosts

use private IP addresses and reach the Oracle Services Network by way of the VCN and the VCN's service

gateway.

- Public access with FastConnect public peering: The on-premises hosts use public IP addresses.

regarding which Fastconnect Public peering: To access public services in Oracle Cloud

Infrastructure without using the internet. For example, Object Storage, the Oracle Cloud Infrastructure Console and APIs, or public load balancers in your VCN. Communication across the connection is with IPv4 public IP addresses. Without FastConnect, the traffic destined for public IP addresses would be routed over the internet. With FastConnect, that traffic goes over your private physical connection.

so Answer 4 will be the best answer that meets the customer requirement

A service gateway lets your virtual cloud network (VCN) privately access specific Oracle services without exposing the data to the public internet. No internet gateway or NAT is required to reach those specific services. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic

from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.

Object Lifecycle Management lets you automatically manage the archiving and deletion of objects. By using Object Lifecycle Management to manage your Object Storage and Archive Storage data, you can reduce your storage costs and the amount of time you spend managing data.

Load More 1z0-997-22 Questions

Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Oracle 1z0-997-22 Oracle Cloud Infrastructure 2022 Architect Professional Exam Practice Test

Oracle Cloud Infrastructure 2022 Architect Professional Questions and Answers

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation: