Which feature allows you to group and logically isolate your Oracle Cloud Infrastructure (OCI) resources?
A. Tenancy
B. Identity and Access Management Groups
C. Availability Domains
D. Compartments
Correct Answer: D
It is collection of related resources. Compartments are a fundamental component of Oracle Cloud Infrastructure for organizing and isolating your cloud resources. You use them to clearly separate resources for the purposes of measuring usage and billing, access (through the use of IAM Service policies), and isolation (separating the resources for one project or business unit from another). A common approach is to create a compartment for each major part of your organization. For more information, see Overview of the IAM Service and also Setting Up Your Tenancy. To place a resource in a compartment, simply specify the compartment ID in the "Create" request object when initially creating the resource. For example, to launch an instance into a particular compartment, specify that compartment's OCID in the LaunchInstance request. You can't move an existing resource from one compartment to another. To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized, talk to an administrator. If you're an administrator who needs to write policies to give users access, see Getting Started with Policies. Reference: https://docs.cloud.oracle.com/en-us/iaas/tools/ocicli/2.9.9/oci_cli_docs/cmdref/iam/compartment.html
Question 2:
What is Oracle's responsibility according to the Oracle Cloud Infrastructure (OCI) shared-security model?
A. Configuring OCI services securely
B. Data classification and compliance
C. Securing application workloads
D. Security of data center facilities
Correct Answer: D
Oracle's mission is to build cloud infrastructure and platform services for your business to have effective and manageable security to run your mission-critical workloads and store your data with confidence. Oracle Cloud Infrastructure offers best-in-class security technology and operational processes to secure its enterprise cloud services. However, for you to securely run your workloads in Oracle Cloud Infrastructure, you must be aware of your security and compliance responsibilities. By design, Oracle provides security of cloud infrastructure and operations (cloud operator access controls, infrastructure security patching, and so on), and you are responsible for securely configuring your cloud resources. Security in the cloud is a shared responsibility between you and Oracle. In a shared, multi-tenant compute environment, Oracle is responsible for the security of the underlying cloud infrastructure (such as data-center facilities, and hardware and software systems) and you are responsible for securing your workloads and configuring your services (such as compute, network, storage, and database) securely. In a fully isolated, single-tenant, bare metal server with no Oracle software on it, your responsibility increases as you bring the entire software stack (operating systems and above) on which you deploy your applications. In this environment, you are responsible for securing your workloads, and configuring your services (compute, network, storage, database) securely, and ensuring that the software components that you run on the bare metal servers are configured, deployed, and managed securely. More specifically, your and Oracle's responsibilities can be divided into the following areas:
You have an application that requires a shared file system. Which of the following services would you use?
A. File Storage
B. Archive Storage
C. Object Storage
D. Block Volume
Correct Answer: A
Oracle Cloud Infrastructure File Storage service provides a durable, scalable, secure, enterprise-grade network file system. You can connect to a File Storage service file system from any bare metal, virtual machine, or container instance in your Virtual Cloud Network (VCN). You can also access a file system from outside the VCN using Oracle Cloud Infrastructure FastConnect and Internet Protocol security (IPSec) virtual private network (VPN). Large Compute clusters of thousands of instances can use the File Storage service for high-performance shared storage. Storage provisioning is fully managed and automatic as your use scales from a single byte to exabytes without upfront provisioning. The File Storage service supports the Network File System version 3.0 (NFSv3) protocol. The service supports the Network Lock Manager (NLM) protocol for file locking functionality. Oracle Cloud Infrastructure File Storage employs 5way replicated storage, located in different fault domains, to provide redundancy for resilient data protection. Data is protected with erasure encoding. The File Storage service uses the "eventual overwrite" method of data eradication. Files are created in the file system with a unique encryption key. When you delete a single file, its associated encryption key is eradicated, making the file inaccessible. When you delete an entire file system, the file system is marked as inaccessible. The service systematically traverses deleted files and file systems, frees all the used space, and eradicates all residual files. Use the File Storage service when your application or workload includes big data and analytics, media processing, or content management, and you require Portable Operating System Interface (POSIX)-compliant file system access semantics and concurrently accessible storage. The File Storage service is designed to meet the needs of applications and users that need an enterprise file system across a wide range of use cases, including the following:
Which of the following services can you control access to via IAM?
A. Networking components
B. Compute Instances
C. All services including IAM
D. DB systems
Correct Answer: C
Oracle Cloud Infrastructure Identity and Access Management (IAM) lets you control who has access to your cloud resources. You can control what type of access a group of users have and to which specific resources. This section gives you an overview of IAM components and an example scenario to help you understand how they work together.
Which OCI storage service does not provide encryption for data at rest?
A. File Storage
B. Block Volume
C. Local NVMe
D. Object Storage
Correct Answer: C
NVMe stands for non-volatile memory express. It is a storage protocol created to fasten the transfer of data between enterprise and client systems and solid-state drives (SSDs) over a computer's high-speed Peripheral Component Interconnect Express bus. The characteristics are: 1) Local NVMe is NVMe SSD-based temporary storage. 2) It is the locally-attached NVMe devices to the OCI compute instance 3) It is used very high storage performance requirements, lots of throughput, lots of IOPS, local storage and when you don't want to go out on network 4) Oracle does not protect in any way through RAID, or snapshots, or backup out of the box and data is not encrypted at rest.
Which option provides the best performance for running OLTP workloads in Oracle Cloud Infrastructure?
A. OCI Exadata DB Systems
B. OCI Autonomous Data Warehouse
C. OCI Virtual Machine Instance
D. OCI Dedicated Virtual Host
Correct Answer: A
On an Exadata DB system, all databases share dedicated storage servers which include flash storage. By default, the databases are given equal priority with respect to these resources. The Exadata storage management software uses a first come, first served approach for query processing. If a database executes a major query that overloads I/O resources, overall system performance can be slowed down. The I/O Resource Management (IORM) allows you to assign priorities to your databases to ensure critical queries are processed first when workloads exceed their resource allocations. You assign priorities by creating directives that specify the number of shares for each database. The number of shares corresponds to a percentage of resources given to that database when I/O resources are stressed. Directives work together with an overall optimization objective you set for managing the resources. The following objectives are available: 1) Auto - Recommended. IORM determines the optimization objective and continuously and dynamically determines the optimal settings, based on the workloads observed, and resource plans enabled. 2) Balanced - For critical OLTP and DSS workloads. This setting balances low disk latency and high throughput. This setting limits disk utilization of large I/Os to a lesser extent than low latency to achieve a balance between good latency and good throughput. 3) High throughput - For critical DSS workloads that require high throughput. 4) Low latency - For critical OLTP workloads. This setting provides the lowest possible latency by significantly limiting disk utilization. Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Database/Tasks/examanagingiorm.htm
Question 9:
Which statement about the Oracle Cloud Infrastructure (OCI) shared-security model is true?
A. You are responsible for securing all data that you place in OCI
B. You are not responsible for any aspect of security in OCI
C. You are responsible for securing the hypervisor within OCI compute service
D. You are responsible for managing security controls within the physical OCI network
Correct Answer: A
Oracle Cloud Infrastructure offers best-in-class security technology and operational processes to secure its enterprise cloud services. However, for you to securely run your workloads in Oracle Cloud Infrastructure, you must be aware of your security and compliance responsibilities. By design, Oracle provides security of cloud infrastructure and operations (cloud operator access controls, infrastructure security patching, and so on), and you are responsible for securely configuring your cloud resources. Security in the cloud is a shared responsibility between you and Oracle. In a shared, multi-tenant compute environment, Oracle is responsible for the security of the underlying cloud infrastructure (such as data-center facilities, and hardware and software systems) and you are responsible for securing your workloads and configuring your services (such as compute, network, storage, and database) securely. In a fully isolated, single-tenant, bare metal server with no Oracle software on it, your responsibility increases as you bring the entire software stack (operating systems and above) on which you deploy your applications. In this environment, you are responsible for securing your workloads, and configuring your services (compute, network, storage, database) securely, and ensuring that the software components that you run on the bare metal servers are configured, deployed, and managed securely. The responsibilities can be divided as: Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htm
Question 10:
You run 5 Oracle Cloud Infrastructure (OCI) Virtual Machine instances on an OCI dedicated virtual host. How will this deployment be billed?
A. Only the dedicated virtual machine host will be billed
B. The dedicated virtual machine host and the boot volumes of each instance will be billed
C. The dedicated virtual machine host all 5 instances, and the boot volume of each instance will be billed
D. All 5 instances will be billed on the basis of the number of OCPUs
Correct Answer: B
You must create a dedicated virtual machine host before you can place any instances on it. When creating the dedicated virtual machine host, you select an availability domain and fault domain to launch it in. All the VM instances that you place on the host will subsequently be created in this availability domain and fault domain. You also select a compartment when you create the dedicated virtual machine host, but you can move the host to a new compartment later without impacting any of the instances placed on it. You can also create the instances in a different compartment than the dedicated virtual machine host, or move them to difference compartments after they have been launched. You are billed for the dedicated virtual machine host as soon as you create it, but you are not billed for any of the individual VM instances you place on it. You will still be billed for image licensing costs if they apply to the image you are using for the VM instances.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Oracle exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 1Z0-1085-22 exam preparations and Oracle certification application, do not hesitate to visit our Vcedump.com to find your solutions here.
