Oracle 1Z0-997-20 Online Practice Questions and Exam Preparation

Oracle 1Z0-997-20 Online Questions & Answers

• Question 131:

  You are building a demo for a customer that showcases Oracle Cloud Infrastructure (OCI) Events service and Oracle Functions. You plan to create an event every time an image is uploaded to an OCI Object Storage bucket. You have also created a function that is listening to the event and processes the image for face recognition.

  Choose the two actions from below that are NOT required to run the demo successfully.

  A. You must specify an action type while creating an Event service and specify the function you want to trigger.
  B. Creating an event rule is not permitted for OCI Object storage.
  C. The function must be deployed only to Oracle Kubernetes Engine (OKE).
  D. You have to enable Object Storage buckets to emit events for state changes.
  E. You must deploy the function that does facial recognition for the demo to work.
  B. Creating an event rule is not permitted for OCI Object storage.
  C. The function must be deployed only to Oracle Kubernetes Engine (OKE).

• Question 132:

  You developed a microservices-based application that runs on Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE). It has multiple endpoints that needs to be exposed to the public internet.

  What is the most cost-effective way to expose multiple application endpoints without adding complexity to the application?

  A. Use NodePort service type in Kubernetes for each of your service endpoint and use node's public IP address to access the applications.
  B. Use separate load balancer instance for each service, but use the 100 Mbps load balancer option.
  C. Deploy an Ingress Controller and use it to expose each endpoint with its own routing endpoint.
  D. Use ClusterIP service type in Kubernetes for each of your service endpoint and use a load balancer to expose the endpoints.
  C. Deploy an Ingress Controller and use it to expose each endpoint with its own routing endpoint.

• Question 133:

  You are working with a social media company as a solution architect. The media company wants to collect and analyze large amounts of data being generated from their websites and social media feeds to gain insights and continuously improve the user experience. In order to meet this requirement, you have developed a microservices application hosted on Oracle Container Engine for Kubernetes. The application will process the data and store the result to an Autonomous Data Warehouse (ADW) instance.

  Which Oracle Cloud Infrastructure (OCI) service can you use to collect and process a large volume of unstructured data in real time?

  A. OCI Events
  B. OCI Streaming
  C. OCI Resource Manager
  D. OCI Notifications
  B. OCI Streaming

• Question 134:

  You are currently working for a public health care company based in the United Stats. Their existing patient records runs in an on-premises data center and the customer is sending tape backups offsite as part of their recovery planning.

  You have developed an alternative archival solution using Oracle Cloud Infrastructure (OCI) that will save the company a significant amount of mom on a yearly basis. The solution involves storing data in an OCI Object Storage bucket After reviewing your solution with the customer global Compliance (GRC) team they have highlighted the following security requirements:

  All data less than 1 year old must be accessible within 2 hour. All data must be retained for at least 10 years and be accessible within 48 hours AH data must be encrypted at rest No data may be transmitted across the public Internet

  Which two options meet the requirements outlined by the customer GRC team?

  A. Provision a FastConnect link to the closest OCI region and configure a private peering virtual circuit.
  B. Create an OCI Object Storage Standard tier bucket Configure a lifecycle policy to archive any object that Is older than 365 days
  C. Create a VPN connection between your on premises data center and OCI. Create a Virtual Cloud Network (VCN) along with an OCI Service Gateway for OCI Object Storage.
  D. Provision a FastConnect link to the closest OCI region and configure a public peering virtual circuit
  E. Create an OCI Object Storage Standard tier bucket. Configure a lifecycle policy to delete any object that is older than 7 years
  B. Create an OCI Object Storage Standard tier bucket Configure a lifecycle policy to archive any object that Is older than 365 days
  D. Provision a FastConnect link to the closest OCI region and configure a public peering virtual circuit

  ---

  Explanation/Reference:

  The Oracle Services Network is a conceptual network in Oracle Cloud Infrastructure that is reserved for Oracle services. These services have public IP addresses that you typically reach over the internet. However, you can access the Oracle

  Services Network without the traffic going over the internet. There are different ways, depending on which of your hosts need the access:

  Hosts in your on-premises network:

  -

  Private access through a VCN with FastConnect private peering or VPN Connect: The on- premises hosts use private IP addresses and reach the Oracle Services Network by way of the VCN and the VCN's service gateway.

  -

  Public access with FastConnect public peering: The on-premises hosts use public IP addresses. regarding which Fastconnect Public peering: To access public services in Oracle Cloud Infrastructure without using the internet. For example, Object Storage, the Oracle Cloud Infrastructure Console and APIs, or public load balancers in your VCN. Communication across the connection is with IPv4 public IP addresses. Without FastConnect, the traffic destined for public IP addresses would be routed over the internet. With FastConnect, that traffic goes over your private physical connection. so Answer 4 will be the best answer that meets the customer requirement A service gateway lets your virtual cloud network (VCN) privately access specific Oracle services without exposing the data to the public internet. No internet gateway or NAT is required to reach those specific services. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet. Object Lifecycle Management lets you automatically manage the archiving and deletion of objects. By using Object Lifecycle Management to manage your Object Storage and Archive Storage data, you can reduce your storage costs and the amount of time you spend managing data.

• Question 135:

  A hospital in Austin has hosted its web based medical records portal entirely In Oracle cloud Infrastructure (OCI) using Compute Instances for its web-tier and DB system database for its data tier. To validate compliance with Health Insurance Portability and Accountability (HIPAA), the security professional to check their systems it was found that there are a lot of unauthorized coming requests coming from a set of IP addresses originating from a country in Southeast Asia.

  Which option can mitigate this type of attack?

  A. Block the attacking IP address by creating by Network Security Group rule to deny access to the compute Instance where the web server Is running
  B. Block the attacking IP address by implementing a OCI Web Application Firewall policy using Access Control Rules
  C. Mitigate the attack by changing the Route fable to redirect the unauthorized traffic to a dummy Compute instance
  D. Block the attacking IP address by creating a Security List rule to deny access to the subnet where the web server Is running
  B. Block the attacking IP address by implementing a OCI Web Application Firewall policy using Access Control Rules

  ---

  Explanation/Reference:

  WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications. WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request. As a WAF administrator you can define explicit actions for requests that meet various conditions. Conditions use various operations and regular expressions. A rule action can be set to log and allow, detect, or block requests

• Question 136:

  You have an Oracle database system in a virtual cloud network (VCN) that needs to be accessible on port 1521 from your on-premises network CIDR 172.17.0.0/24.

  You have the following configuration currently.

  Virtual cloud network (VCD) is associated with a Dynamic Routing Gateway (DRG), and DRG has an active IPSec connection with your on-premises data center.

  Oracle database system is hosted in a private subnet

  The private subnet route table has the following configuration

  The private subnet route table has following configuration.

  

  However, you are still unable to connect to the Oracle Database system. Which action will resolve this issue?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  C. Option C

  ---

  Explanation/Reference:

• Question 137:

  You work for a retail company and they developed a Microservices based shopping application that needs to access Oracle Autonomous Database from the application. As an Architect, you have been tasked to treat all of the application

  components as Kubernetes native objects, such as the microservices, Oracle

  Autonomous database, Kubernetes services, etc.

  What should you do to make sure that you can use Kubernetes constructs to manage the life cycle of the application components, including Oracle Autonomous Database? (Choose the best answer.)

  A. Create an Oracle Cloud Infrastructure (OCI) Service Gateway and connect to the Oracle Autonomous Database using the private IP address from the microservice.
  B. Provision an Oracle Autonomous Database and then use OCI Service Broker to access the database as a native component to your Kubernetes cluster.
  C. Create a service from the Kubernetes cluster and point to the Oracle Autonomous Database using its FQDN.
  D. Install and secure the OCI Service Broker for Kubernetes. Then provision and bind to the required Oracle Cloud Infrastructure services.
  D. Install and secure the OCI Service Broker for Kubernetes. Then provision and bind to the required Oracle Cloud Infrastructure services.

  ---

  Explanation/Reference:

  OCI Service Broker for Kubernetes is an implementation of the Open Service Broker API. OCI Service Broker for Kubernetes is specifically for interacting with Oracle Cloud Infrastructure services from Kubernetes clusters. It includes three service broker adapters to bind to the following Oracle Cloud Infrastructure services: Object Storage Autonomous Transaction Processing Autonomous Data Warehouse

• Question 138:

  A telecom company has an application running in Oracle Cloud Infrastructure (OCI) Germany Central (eu-frankfurt-1) region. They want to configure Disaster Recovery (DR) site in the OCI UK South (uk-london-1) region. Which is the most cost effective option to help set up application and persistence layers in the DR site?

  A. Application layer: configure events service rule in eu-frankfurt-1 region to filter Health Checks event failure and route traffic to uk-london-1 region in the event of a disaster. Persistence layer: set up policy to schedule cross-region automated backups of block volumes between eu-frankfurt-1 and uk-london-1 regions.
  B. Application layer: configure Traffic Management steering policy with Load Balancing policy between servers in eu-frankfurt-1 and uk-london-1 regions. Persistence layer: set up policy to schedule cross-region automated backups of block volumes between eu-frankfurt-1 and uk-london-1 regions.
  C. Application layer: Set us a public laod balancerin the eu-frankfurt-1 region. Create a backend set with instances running in bothuk-frankfurt-1 and uk-london-1 regions. Persistence layer: Set up OCI Object Storage replication from eu-frankfurt-1 region to uk- london-1 region.
  D. Application layer: configure Traffic Management steering policy with Failover policy between servers in eu-frankfurt-1 and uk-london-1 regions. Persistence layer: set up policy to schedule cross-region automated backups of file systems in File Storage service between eu-frankfurt-1 and uk-london-1 regions.
  B. Application layer: configure Traffic Management steering policy with Load Balancing policy between servers in eu-frankfurt-1 and uk-london-1 regions. Persistence layer: set up policy to schedule cross-region automated backups of block volumes between eu-frankfurt-1 and uk-london-1 regions.

• Question 139:

  You are creating an Oracle Cloud Infrastructure Dynamic Group. To determine the members of this group you are defining a set of matching rules.

  Which of the following are the supported variables to define conditions in the matching rules? (Choose Two)

  A. iam.policy.id - the OCID of the IAM policy to apply to the group.
  B. instance.tenancy.id - the OCID of the tenancy where the instance resides.
  C. tag...value - the tag namespace and tag key.
  D. instance.compartment.id - the OCID of the compartment where the instance resides.
  C. tag...value - the tag namespace and tag key.
  D. instance.compartment.id - the OCID of the compartment where the instance resides.

  ---

  Explanation/Reference:

  You can define the members of the dynamic group based on the following:

  -compartment ID

  -instance ID

  -

  tag namespace and tag key

  -

  tag namespace, tag key, and tag value

  Supported variables are:

  instance.compartment.id - the OCID of the compartment where the instance resides instance.id - the OCID of the instance

  tag...value - the tag namespace and tag key. For example, tag.department.operations.value .

  tag...value='' - the tag namespace, tag key, and tag value. For

  example, tag.department.operations.value='45'

• Question 140:

  Which of the following is NOT a good use case for using the functionality available in the Oracle Cloud Infrastructure (OCI) Events service?

  A. Publish all events in a specific compartment to Oracle Streaming service for later analysis.
  B. Triggers Function using Oracle Functions when new files are uploaded in an OCI Object Storage bucket.
  C. Publish a notification when long lived tasks complete, such as OCI Autonomous Database backup completion.
  D. Capture Monitoring Alarms and invoke Autoscaling of compute instances.
  E. Trigger a notification when a function completes its execution.
  D. Capture Monitoring Alarms and invoke Autoscaling of compute instances.