Oracle 1Z0-997-20 Online Practice Questions and Exam Preparation

Oracle 1Z0-997-20 Online Questions & Answers

• Question 71:

  Your organization is planning on using Oracle Cloud Infrastructure (OCI) File Storage Service (FSS). You will be deploying multiple compute instance in Oracle Cloud Infrastructure(OCI) and mounting the file system to these compute instances.

  The file system will hold payment data processed by a Database instance and utilized by compute instances to create a overall inventory report. You need to restrict access to this data for specific compute instances and must be allowed/ blocked per compute instance's CIDR block.

  Which option can you use to secure access?

  A. Create a new VCN security list, choose SOURCE TYPE as Service and SOURCE SERVICE as FSS. Add stateless ingress and egress rules for specific IP address and CIDR blocks.
  B. Use 'Export option' feature of FSS to restrict access to the mounted file systems.
  C. Create and configure OCI Web Application Firewall service with built in DNS based intelligent routing.
  D. Use stateless Security List rule to restrict access from known IP addresses only.
  B. Use 'Export option' feature of FSS to restrict access to the mounted file systems.

• Question 72:

  As part of planning the network design on Oracle Cloud Infrastructure, you have been asked to create an Oracle Cloud Infrastructure Virtual Cloud Network (VCN) with 3 subnets, one in each Availability Domain. Each subnet needs to have a minimum of 64 usable IP addresses.

  What is the smallest subnet and VCN size you should use to implement this design?

  A. 122 for the VCN; 124 for the subnets
  B. /23 for the VCN; /25 for the subnets
  C. /24 for the VCN; /24 for the subnets
  D. /22 for the VCN; /25 for the subnets
  B. /23 for the VCN; /25 for the subnets

  ---

  Explanation/Reference:

• Question 73:

  Which three options are available to migrate an Oracle database 12.x from an on-premises environment to Oracle Cloud Infrastructure (OCI)?

  A. Leverage OCI Storage Gateway asynchronous database migration option.
  B. Use Oracle Data Pump Export/Import to migrate the database.
  C. Configure RMAN cross-platform transportable tablespace backup sets.
  D. Setup OCI schema and data transfer tool with Bare Metal DB Systems as the target.
  E. Create a backup of your on-premises database In OCI DB Systems.
  B. Use Oracle Data Pump Export/Import to migrate the database.
  C. Configure RMAN cross-platform transportable tablespace backup sets.
  E. Create a backup of your on-premises database In OCI DB Systems.

  ---

  Explanation/Reference:

  https://docs.cloud.oracle.com/en-us/iaas/Content/Database/Tasks/mig- onprembackup.htm

• Question 74:

  You work for a large bank where your main application is a payment processing gateway API. You deployed the application on Oracle Container Engine for Kubernetes (OKE) and used API Gateway with several policies to control the access of the API endpoint.

  However, your customers are complaining about the unavailability of the API endpoint. Upon checking, you noticed that the Gateway URL is throwing Service Unavailable error. You need to check the backend latency and backend responses when this error started last night.

  What should you do to get this data? (Choose the best answer.)

  A. Check with the application owner and search the log file for the container to get the metrics from the log file.
  B. Go to Governance Menu and click on Audit to see the Audit log for the API Gateway. Filter it using Start and End date with a 503 response status.
  C. Go to Developer Services and click on API Gateway. Go to the detail page of the gateway and select Metrics. Change the Start and End time to filter the metrics.
  D. Go to Monitoring and click on Service Metrics. Choose the Metric Namespace as oci_apigateway. Change the Start and End time accordingly. Add a Dimension and select httpStatusCode: 503. Check the backend latency and backend responses metric.
  D. Go to Monitoring and click on Service Metrics. Choose the Metric Namespace as oci_apigateway. Change the Start and End time accordingly. Add a Dimension and select httpStatusCode: 503. Check the backend latency and backend responses metric.

  ---

  Explanation/Reference:

  https://medium.com/oracledevs/using-oci-monitoring-healthchecks-to- schedule-execution-of-serverless-functions-on-oracle-cloud-ef233f887a5

• Question 75:

  A small business specializing in video processing wants to leverage cloud storage in order to lower its costs. They are looking to backup all video data generated, from an existing on- premises file server to Oracle Cloud Infrastructure (OCI). The requirement is to setup continuous data sync as changes are made to on-premises file server. What is the most cost effective solution for this scenario?

  A. Set up a Fastconnect virtual Circuit and nightly back up all videos to OCI Archive Storage.
  B. Set up file storage service on OCI and mount the file system to an instance running on- premises. Move all the data to this on-premises instance and then sync the videos to the shared file system.
  C. Set up a VPN connect connection and back up all videos to Object storage standard bucket. Create a lifecycle policy to move files older than 30 days to Archive Storage.
  D. Setup an on-premises OCI Storage Gateway Cloud Sync to back up videos to OCI Object Storage Archive tier.
  D. Setup an on-premises OCI Storage Gateway Cloud Sync to back up videos to OCI Object Storage Archive tier.

  ---

  Explanation/Reference:

• Question 76:

  A FinTech startup is developing a new blockchain based application to provide Smart Contracts using micro-services architecture. The development team is planning to deploy the application using containers and looking for a reliable way to build, deploy and manage their cloud-native application.

  Additionally, they need an easy way to store, share and manage their application artifacts.

  Which option should you recommend for this application?

  A. Install and manage a Kubernetes cluster on OCI Compute Instances and use OCI Resource Manager for management of application artifacts
  B. Use and OCI Resource Manager to manage cloud-native application and make the application artifacts available using OCI Functions
  C. Use Oracle Container Engine for Kubernetes (OKE) to manage of cloud-native applications and OCI Registry for application artifacts
  D. Use Oracle Container Engine for Kubernetes (OKE) to manage the deployment environment and OCI Functions for application artifacts
  C. Use Oracle Container Engine for Kubernetes (OKE) to manage of cloud-native applications and OCI Registry for application artifacts

  ---

  Explanation/Reference:

  Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. Use Container Engine for Kubernetes (sometimes abbreviated to just OKE) when your development team wants to reliably build, deploy, and manage cloud-native applications. You specify the compute resources that your applications require, and Container Engine for Kubernetes provisions them on Oracle Cloud Infrastructure in an existing OCI tenancy.

  Oracle Cloud Infrastructure Registry is an Oracle-managed registry that enables you to simplify your development to production workflow. Oracle Cloud Infrastructure Registry makes it easy for you as a developer to store, share, and manage development artifacts like Docker images. And the highly available and scalable architecture of Oracle Cloud Infrastructure ensures you can reliably deploy your applications.

  So you don't have to worry about operational issues, or scaling the underlying infrastructure.

• Question 77:

  A cloud consultant is working on implementation project on OCI. As part of the compliance requirements, the objects placed in object storage should be automatically archived first and then deleted. He is testing a Lifecycle Policy on Object

  Storage and created a policy as below:

  [ { "name": "Archive_doc", "action": "ARCHIVE", "objectNameFilter": { "inclusionPrefixes":

  "doc"] },

  "timeAmount": 5, "timeunit": "DAYS", "isEnabled": true },

  { "name": "Delete_doc", "action": "DELETE", "objectNameFilter": "inclusionPrefixes": [ "doc"]

  1."timeAmount": 5, "timeunit": "DAYS", "isEnabled": true }

  What will happen after this policy is applied?

  A. All objects with names starting with "doc" will be deleted after 5 days of object creation
  B. All the objects having file extension ".doc" will be archived for 5 days and will be deleted 10 days after object creation
  C. All the objects having file extension ".doc" will be archived 5 days after object creation
  D. All the objects with names starting with "doc" will be archived 5 days after object creation and will be deleted 5 days after archival
  A. All objects with names starting with "doc" will be deleted after 5 days of object creation

  ---

  Explanation/Reference:

  Object Lifecycle Management works by defining rules that instruct Object Storage to archive or delete objects on your behalf within a given bucket. A bucket's lifecycle rules are collectively known as an object lifecycle policy. You can use a rule to either archive or delete objects and specify the number of days until the specified action is taken.

  A rule that deletes an object always takes priority over a rule that would archive that same object.

• Question 78:

  A retailer bank is currently hosting their mission critical customer application on-premises. The application has a standard 3 tier architecture -4 application servers process the incoming traffic and store application data in an Oracle Exadata Database Server. The bank has recently has service disruption to other inter applications to they are looking to avoid this issue for their mission critical Customer Application.

  Which Oracle Cloud Infrastructure services should you recommend as part of the DR solution?

  A. OCI DNS Service' Public Load Balancer, Oracle Database Cloud Backup Service, Object Storage Service, Oracle Bare Metal Cloud Service, Oracle Bare Metal Cloud Service with GoldenGate, OCI Container Engines for Kubernetes, Oracle IPSec VPN
  B. OCI Traffic Management, Private Load Balancer, Compute instances distributed across multiple Availability Domains and/or Fault Domains, Exadata Cloud Service with Data Guard, Oracle FastConnect, Object Storage, Database Cloud backup module
  C. OCI Traffic Management, Public toad Balancer, Compute Instances distributed across multiple Availability Domains and/or Vault domains. Exadata Cloud Service with Data Guard, Oracle FastConnect, Object Storage, Database cloud backup module
  D. OCI DNS Service, Load Balancer as a service using Public Load Balancer distributing traffic Compute Instance across multiple regions, Oracle RAC Database using Virtual Machines, Remote Peering connecting two VCNs in different regions. Exadata Cloud Service with GoldenGate FastConnect, Object Storage, Database Cloud backup module.
  C. OCI Traffic Management, Public toad Balancer, Compute Instances distributed across multiple Availability Domains and/or Vault domains. Exadata Cloud Service with Data Guard, Oracle FastConnect, Object Storage, Database cloud backup module

  ---

  Explanation/Reference:

  OCI Traffic Management Steering Policies can account for health of answers to provide failover capabilities, provide the ability to load balance traffic across multiple resources, and account for the location where the query was initiated to provide a simple, flexible and powerful mechanism to efficiently steer DNS traffic. Public Load Balancer Accepts traffic from the internet using a public IP address that serves as the entry point for incoming traffic. Load balancing service creates a primary load balancer and a standby load balancer, each in a different availability domain

• Question 79:

  An organization has its IT infrastructure in a hybrid setup with an on-premises environment and an Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) in the us-phonix-1 region. The on-premise applications communications with compute instances inside the VPN over a hardware VPN connection. They are looking to implement an Intrusion detected and Prevention (IDS/IPS) system for their OCI environment. This platform should have the ability to scale to thousands of compute of instances running inside the VCN. How should they architect their solution on OCI to achieve this goal?

  A. Set up an OCI Private Load Balance! and configure IDS/IPS related health checks at TCP and/or HTTP level to inspect traffic
  B. Configure each host with an agent that collects all network traffic and sends that traffic to the IDS/IPS platform to inspection
  C. There Is no need to implement an IPS/IDS system as traffic coming over IPSec VPN tunnels Is already encrypt
  D. Configure autoscaling on a compute Instance pool and set vNIC to promiscuous mode to called traffic across the vcn and send it IDS/IPS platform for inspection.
  B. Configure each host with an agent that collects all network traffic and sends that traffic to the IDS/IPS platform to inspection

  ---

  Explanation/Reference:

  in Transit routing through a private IP in the VCN you set up an instance in the VCN to act as a firewall or intrusion detection system to filter or inspect the traffic between the on- premises network and Oracle Services Network.

  The Networking service lets you implement network security functions such as intrusion detection,

  application-level firewalls In fact, the IDS model can be host-based IDS (HIDS) or network- based IDS (NIDS). HIDS is installed at a host to periodically monitor specific system logs for patterns of intrusions. In contrast, an NIDS sniffs the

  traffic to analyze suspicious behaviors. A signature-based NIDS (SNIDS) examines the traffic for patterns of known intrusions. SNIDS can quickly and reliably diagnose the attacking techniques and security holes without generating an overwhelming number of false alarms because SNIDS relies on known signatures.

  However, anomaly-based NIDS (ANIDS) detects unusual behaviors based on statistical methods. ANIDS

  could detect symptoms of attacks without specific knowledge of details. However, if the training data of the

  normal traffic are inadequate, ANIDS may generate a large number of false alarms.

• Question 80:

  An E-Commerce company wants to deploy their web application for Oracle Database on Oracle Cloud Infrastructure (OCIJ DB Systems. In compliance with the business continuity program of the business, they need to provide a Recovery Point Objective (RPO) of 1 hour and a Recovery Time Objective (RTO) of 5 minutes. The web application should be highly available within the region and meet the RTO and RPO requirements in case of a region outage.

  Which approach is the most suitable and cost effective configuration for this scenario?

  A. Deploy a 1 node VM Oracle database in one region and replicate the database to a 1 node VM Oracle database in another region using a manual setup and configuration of Oracle Data Guard.
  B. Deploy a 2 node Virtual Machine (VM) Oracle RAC database in one region and replicate the database to a 2 node VM Oracle RAC database in another region using a manual setup and configuration of Oracle Data Guard.
  C. Deploy an Autonomous Transaction Processing (Serverless) database in one region and replicate it to an Autonomous Transaction Processing (Serverless) database in another region using Oracle GoldenGate.
  D. Deploy a 1 node VM Oracle database in one region. Manually Configure a Recovery Manager (RMAN) database backup schedule to take hourly database backups. Asynchronously copy the database backups to object storage in another OCI region. If the primary OCI region is unavailable, launch a new 1 node VM Database in the other OCI region and restore the production database from the backup.
  B. Deploy a 2 node Virtual Machine (VM) Oracle RAC database in one region and replicate the database to a 2 node VM Oracle RAC database in another region using a manual setup and configuration of Oracle Data Guard.