Oracle 1Z0-997-21 Online Practice Questions and Exam Preparation

Oracle 1Z0-997-21 Online Questions & Answers

• Question 111:

  You work for a large bank where security and compliance are critical. As part of the security overview meeting, your company decided to minimize the installation of local tools on your laptop. You have been running Ansible and kubectl to spin

  up Oracle Container Engine for Kubernetes (OKE) clusters and deployed your application.

  For authentication, you are using an Oracle Cloud Infrastructure (OCI) CLI config file that contains OCIDs, Fingerprint, and a locally stored PEM file. Your security team doesn't want you to store any local API key and certificate, or any other

  local tools. Which two actions should you perform to spin up the OKE cluster and interact with it? (Choose two.)

  A. Create a developer workstation on OCI. Install Ansible and kubectl on it. Use resource principal to authenticate against OCI API and create the OKE Cluster.
  B. Develop your own code using OCI SDK to deploy the OKE cluster.
  C. Work on OCI Cloud Shell to use built-in Ansible and kubectl to deploy the OKE cluster. Use OCI_CLI_AUTH=instance_obo_user environment variable to authenticate using built-in token.
  D. Work on OCI Cloud Shell to use built-in Ansible and kubectl to deploy the OKE cluster. Bring in your own config file and certificate to authenticate against OCI API.
  E. Create a developer workstation on OCI. Install Ansible and kubectl on it. Use instance principal to authenticate against OCI API and create the OKE Cluster.
  C. Work on OCI Cloud Shell to use built-in Ansible and kubectl to deploy the OKE cluster. Use OCI_CLI_AUTH=instance_obo_user environment variable to authenticate using built-in token.
  E. Create a developer workstation on OCI. Install Ansible and kubectl on it. Use instance principal to authenticate against OCI API and create the OKE Cluster.

  ---

  https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/2.12.4/oci_cli_docs/oci.html

• Question 112:

  You are creating an Oracle Cloud Infrastructure Dynamic Group. To determine the members of this group you are defining a set of matching rules. Which of the following are the supported variables to define conditions in the matching rules? (Choose Two)

  A. instance.compartment.id -the OCID of the compartment where the instance resides.
  B. instance.tenancy.id -the OCID of the tenancy where the instance resides.
  C. tag...value -the tag namespace and tag key.
  D. iam.policy.id - the OCID of the IAM policy to apply to the group.
  A. instance.compartment.id -the OCID of the compartment where the instance resides.
  C. tag...value -the tag namespace and tag key.

• Question 113:

  A company has an urgent requirement to migrate 300 TB of data to Oracle Cloud Infrastructure (OCI) In two weeks. Their data center has been recently struck by a massive hurricane and the building has been badly damaged, although still operational. They have a 100 Mbps Internet line but the connection is Intermittent due to the damages caused to the electrical grid in this scenario, what is the most effective service to use to migrate the data to OCI given the time constraints?

  A. Setup a OCI Storage Gateway to connect your data center and your VCN. Once the connection has been established, upload all data to OCI using OCI Storage Gateway Cloud Sync tool.
  B. Setup a hybrid network by launching aIGbpsFastConnect virtual circuit between your data center and OCI. Use OCI Object storage multipart upload tool to automate the migration of your data to OCI.
  C. Use multiple OCI Data Transfer Appliances to transfer data to OCI.
  D. Upload the data to OCI using OCI Object Storage multipart upload tool.
  E. Storage Gateway to connect your data center and your VCN. Once the connection has been established, upload all data to OCI.
  C. Use multiple OCI Data Transfer Appliances to transfer data to OCI.

  ---

  Due to the network speed is not good enough and the connection is Intermittent due to the damages caused to the electrical grid Oracle offers offline data transfer solutions that let you migrate data to Oracle Cloud Infrastructure. You have 2 Options of Data Transfer DISK-BASED DATA TRANSFER You send your data as files on encrypted commodity disk to an Oracle transfer site. Operators at the Oracle transfer site upload the files into your designated Object Storage bucket in your tenancy. APPLIANCE-BASED DATA TRANSFER you send your data as files on secure, high-capacity, Oracle-supplied storage appliances to an Oracle transfer site. Operators at the Oracle transfer site upload the data into your designated Object Storage bucket in your tenancy.

• Question 114:

  Your customer has gone through a recent departmental re structure. As part of this change, they are organizing their Oracle Cloud Infrastructure (OCI) compartment structure to align with the company's new organizational structure.

  They have made the following change:

  Compartment x Is moved, and its parent compartment is now compartment c.

  

  Policy defined in compartment A: Allow group networkadmins to manage subnets in compartment X Policy defined in root compartment: Allow group admins to read subnets in compartment Finance:A:X After you move the compartment, which two IAM policies would be required to ensure both groups retain the same permissions to compartment X that they had before? (Choose two.)

  A. Define a policy in the root compartment as follows: Allow group admins to manage subnets in compartment Finance:A:X
  B. Define a policy in compartment HR as follows: Allow group networkadmins to manage subnets in compartment C:X.
  C. Define a policy in the root compartment as follows: Allow group admins to read subnets in compartment HR:C:X
  D. Define a policy in compartment C as follows: Allow group networkadmins to read subnets in compartment X
  B. Define a policy in compartment HR as follows: Allow group networkadmins to manage subnets in compartment C:X.
  C. Define a policy in the root compartment as follows: Allow group admins to read subnets in compartment HR:C:X

• Question 115:

  Many development engineers are deploying new instances as part of their projects in Oracle Cloud Infrastructure tenancy, but majority of these instances have not been tagged. You as an administrator of this tenancy want to enforce tagging to identify owners who are launching these instances. Which option below should be used to implement this requirement?

  A. Create a predefined tag with tag variables to automatically tag a resource with usemame.
  B. Create a default tag for each compartment which ensure appropriate tags are allowed at resource creation.
  C. Create tag variables for each compartment to automatically tag a resource with user name.
  D. Create an IAM policy to automatically tag a resource with the usemame.
  A. Create a predefined tag with tag variables to automatically tag a resource with usemame.

• Question 116:

  You are working as a cloud consultant for a major media company. In the US and your client requested to consolidate all of their log streams, access logs, application logs, and security logs into a single system. The client wants to analyze all of their logs In real-time based on heuristics and the result should be validated as well. This validation process requires going back to data samples extracted from the last 8 hours. What approach should you take for this scenario?

  A. Create an auto scaling pool of syslog-enabled servers using compute instances which will store the logs In Object storage, then use map reduce jobs to extract logs from Object storage, and apply heuristics on the logs.
  B. Create a bare-metal instance big enough to host a syslog enabled server to process the logs and store logs on the locally attached NVMe SSDs for rapid retrieval of logs when needed.
  C. Set up an OCI Audit service and ingest all the API arils from Audit service pragmatically to a client side application to apply heuristics and save the result in an OCI Object storage.
  D. Stream all the logs and cloud events of Events service to Oracle Streaming Service. Build a client process that will apply heuristics on the logs and store them in an Object Storage.
  D. Stream all the logs and cloud events of Events service to Oracle Streaming Service. Build a client process that will apply heuristics on the logs and store them in an Object Storage.

  ---

  The Oracle Cloud Infrastructure Streaming service provides a fully managed, scalable, and durable storage solution for ingesting continuous, high-volume streams of data that you can consume and process in real time. Streaming can be used for messaging, ingesting high-volume data such as application logs, operational telemetry, web click-stream data, or other use cases in which data is produced and processed continually and sequentially in a publish-subscribe messaging model. Streaming Usage Scenarios Here are some of the many possible uses for Streaming: Metric and log ingestion: Use the Streaming service as an alternative for traditional file-scraping approaches to help make critical operational data more quickly available for indexing, analysis, and visualization. Messaging: Use Streaming to decouple components of large systems. Streaming provides a pull/bufferbased communication model with sufficient capacity to flatten load spikes and the ability to feed multiple consumers with the same data independently. Key-scoped ordering and guaranteed durability provide reliable primitives to implement various messaging patterns, while high throughput potential allows for such a system to scale well. Web/Mobile activity data ingestion: Use Streaming for capturing activity from websites or mobile apps (such as page views, searches, or other actions users may take). This information can be used for realtime monitoring and analytics, as well as in data warehousing systems for offline processing and reporting. Infrastructure and apps event processing: Use Streaming as a unified entry point for cloud components to report their life cycle events for audit, accounting, and related activities.

• Question 117:

  A new international hacktivist group, based in London, launched wide scale cyber attacks including SQL Injection and Cross-Site Scripting (XSS) across multiple websites which are hosted in Oracle Cloud Infrastructure (OCI). As an IT

  consultant, you must configure a Web Application Firewall (WAF) to protect these websites against the attacks.

  How should you configure your WAF to protect the website against those attacks? (Choose the best answer.)

  A. Enable an Access Rule that contains XSS Filters Categories and SQL Filters Categories.
  B. Enable a Protection Rule to block the attacks based on HTTP Headers that contain XSS and SQL strings.
  C. Enable a Protection Rule that contains XSS Filters Categories and SQL Filters Categories.
  D. Enable an Access Rule to block the IP Address range from London.
  E. Enable a Protection Rule to block requests that came from London.
  C. Enable a Protection Rule that contains XSS Filters Categories and SQL Filters Categories.

  ---

  https://www.ateam-oracle.com/using-oci-waf-web-application-firewall-with-oracle-e-business- suite#:~:text=The%20protection%20rules%20can%20be,achieved%20by%20enabling%20correspond ing%20rules.

• Question 118:

  Give this compartment structure:

  

  You want to move a compute instance that is in 'Compute' compartment to 'SysTes-Team'. You login to your Oracle Cloud Infrastructure (OCI)account and use the 'Move Resource' option. What will happen when you attempt moving the compute resource?

  A. The move will be successful though Compute Instance and its Public and Private IP address will stay the same. The Compute instance VNIC will need to be moved separately. The Compute instance will still be associated with the original VCN.
  B. The move will fail and you will be prompted to move the VCN first. Once VCN is moved to the target compartment, the Compute instance can be moved.
  C. The move will be successful though Compute Instance Public and Private IP address changed, and it will be associated to the VCN in target compartment.
  D. The move will be successful though Compute Instance and its Public and Private IP address will stay the same. The Compute instance VNIC will still be associated with the original VCN.
  D. The move will be successful though Compute Instance and its Public and Private IP address will stay the same. The Compute instance VNIC will still be associated with the original VCN.

  ---

  Moving Resources to a Different Compartment

  Most resources can be moved after they are created. There are a few resources that you can't move from one compartment to another. Some resources have attached resource dependencies and some don't.

  Not all attached dependencies behave the same way when the parent resource moves. For some resources, the attached dependencies move with the parent resource to the new compartment.

  The parent resource moves immediately, but in some cases attached dependencies move asynchronously and are not visible in the new compartment until the move is complete. For other resources, the attached resource dependencies do

  not move to the new compartment. You can move these attached resources independently.

  You can move Compute resources such as instances, instance pools, and custom images from one compartment to another. When you move a Compute resource to a new compartment, associated resources such as boot volumes and

  VNICs are not moved. You can move a VCN from one compartment to another. When you move a VCN, its associated VNICs, private IPs, and ephemeral IPs move with it to the new compartment.

• Question 119:

  You are building a demo for a customer that showcases Oracle Cloud Infrastructure (OCI) Events service and Oracle Functions. You plan to create an event every time an image is uploaded to an OCI Object Storage bucket. You have also

  created a function that is listening to the event and processes the image for face recognition.

  Choose the two actions from below that are NOT required to run the demo successfully.

  A. You must specify an action type while creating an Event service and specify the function you want to trigger.
  B. Creating an event rule is not permitted for OCI Object storage.
  C. The function must be deployed only to Oracle Kubernetes Engine (OKE).
  D. You have to enable Object Storage buckets to emit events for state changes.
  E. You must deploy the function that does facial recognition for the demo to work.
  B. Creating an event rule is not permitted for OCI Object storage.
  C. The function must be deployed only to Oracle Kubernetes Engine (OKE).

• Question 120:

  Your Oracle database is deployed on-premises and has produced 100 TB database backup locally. You have a disaster recovery plan that requires you to create redundant database backups in Oracle Cloud Infrastructure (OCI).

  Once the initial backup is completed, the backup must be available for retrieval in less than 30 minutes to support the Recovery Time Objective (RTO) of your solution. Which is the most cost effective option to meet these requirements?

  A. Setup an IPsec VPNConnect between on-premises data center and OCI. Then to use OCI CLI command to upload database backups to OCI Object Storage Archive tier as the final destination.
  B. Use OCI Storage Gateway to transfer the backup files to OCI Object Storage Archive tier as the final destination.
  C. Setup a FastConnect connection between on-premises data center and OCI. Then to use OCI CLI command to upload database backups to OCI Object Storage Standard tier as the final destination.
  D. Use OCI Storage Gateway to transfer the backup files to OCI Object Storage Standard tier as the final destination.
  D. Use OCI Storage Gateway to transfer the backup files to OCI Object Storage Standard tier as the final destination.