Oracle 1Z0-997-22 Online Practice Questions and Exam Preparation

Oracle 1Z0-997-22 Online Questions & Answers

• Question 71:

  Your Oracle database is deployed on-premises and has produced 100 TB database backup locally. You have a disaster recovery plan that requires you to create redundant database backups in Oracle Cloud Infrastructure (OCI).

  Once the initial backup is completed, the backup must be available for retrieval in less than 30 minutes to support the Recovery Time Objective (RTO) of your solution.

  Which is the most cost effective option to meet these requirements?

  A. Setup an IPsec VPNConnect between on-premises data center and OCI. Then to use OCI CLI command to upload database backups to OCI Object Storage Archive tier as the final destination.
  B. Use OCI Storage Gateway to transfer the backup files to OCI Object Storage Archive tier as the final destination.
  C. Setup a FastConnect connection between on-premises data center and OCI. Then to use OCI CLI command to upload database backups to OCI Object Storage Standard tier as the final destination.
  D. Use OCI Storage Gateway to transfer the backup files to OCI Object Storage Standard tier as the final destination.
  D. Use OCI Storage Gateway to transfer the backup files to OCI Object Storage Standard tier as the final destination.

• Question 72:

  You are working as a cloud consultant for a major media company. In the US and your client requested to consolidate all of their log streams, access logs, application logs, and security logs into a single system.

  The client wants to analyze all of their logs In real-time based on heuristics and the result should be validated as well. This validation process requires going back to data samples extracted from the last 8 hours.

  What approach should you take for this scenario?

  A. Create an auto scaling pool of syslog-enabled servers using compute instances which will store the logs In Object storage, then use map reduce jobs to extract logs from Object storage, and apply heuristics on the logs.
  B. Create a bare-metal instance big enough to host a syslog enabled server to process the logs and store logs on the locally attached NVMe SSDs for rapid retrieval of logs when needed.
  C. Set up an OCI Audit service and ingest all the API arils from Audit service pragmatically to a client side application to apply heuristics and save the result in an OCI Object storage.
  D. Stream all the logs and cloud events of Events service to Oracle Streaming Service. Build a client process that will apply heuristics on the logs and store them in an Object Storage.
  D. Stream all the logs and cloud events of Events service to Oracle Streaming Service. Build a client process that will apply heuristics on the logs and store them in an Object Storage.

  ---

  Explanation/Reference:

  The Oracle Cloud Infrastructure Streaming service provides a fully managed, scalable, and durable storage solution for ingesting continuous, high-volume streams of data that you can consume and process in real time. Streaming can be used for messaging, ingesting high- volume data such as application logs, operational telemetry, web click-stream data, or other use cases in which data is produced and processed continually and sequentially in a publish-subscribe messaging model. Streaming Usage Scenarios Here are some of the many possible uses for Streaming: Metric and log ingestion: Use the Streaming service as an alternative for traditional file- scraping approaches to help make critical operational data more quickly available for indexing, analysis, and visualization. Messaging: Use Streaming to decouple components of large systems. Streaming provides a pull/bufferbased communication model with sufficient capacity to flatten load spikes and the ability to feed multiple consumers with the same data independently. Key-scoped ordering and guaranteed durability provide reliable primitives to implement various messaging patterns, while high throughput potential allows for such a system to scale well. Web/Mobile activity data ingestion: Use Streaming for capturing activity from websites or mobile apps (such as page views, searches, or other actions users may take). This information can be used for realtime monitoring and analytics, as well as in data warehousing systems for offline processing and reporting. Infrastructure and apps event processing: Use Streaming as a unified entry point for cloud components to report their life cycle events for audit, accounting, and related activities.

• Question 73:

  A hospital in Austin has hosted its web based medical records portal entirely In Oracle cloud Infrastructure (OCI) using Compute Instances for its web-tier and DB system database for its data tier. To validate compliance with Health Insurance Portability and Accountability (HIPAA), the security professional to check their systems it was found that there are a lot of unauthorized coming requests coming from a set of IP addresses originating from a country in Southeast Asia.

  Which option can mitigate this type of attack?

  A. Block the attacking IP address by creating by Network Security Group rule to deny access to the compute Instance where the web server Is running
  B. Block the attacking IP address by implementing a OCI Web Application Firewall policy using Access Control Rules
  C. Mitigate the attack by changing the Route fable to redirect the unauthorized traffic to a dummy Compute instance
  D. Block the attacking IP address by creating a Security List rule to deny access to the subnet where the web server Is running
  B. Block the attacking IP address by implementing a OCI Web Application Firewall policy using Access Control Rules

  ---

  Explanation/Reference:

  WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications. WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request. As a WAF administrator you can define explicit actions for requests that meet various conditions. Conditions use various operations and regular expressions. A rule action can be set to log and allow, detect, or block requests

• Question 74:

  A large financial services company has used 2 types of Oracle DB Systems. In Oracle Cloud Infrastructure (OCI) to store user data. One is running on a VM.Standard2.8 shape and the other on a VM.Standard 2.4 shape.

  As business grows, data is growing rapidly on both the databases and performance is also degrading. The company wants to address this problem with a viable and economical solution.

  As the solution architect for that company you have suggested that they move their databases to Autonomous Transaction Processing Serverless (ATP-S) database.

  Which two factors should you consider before you arrived at that recommendation?

  A. You verified that ATP S supports the database features and options currently being used by the 2 databases.
  B. Validate that ATP-S will support the storage and processing requirements for the 2 databases over the life cycle of the business applications.
  C. Confirm that ATP-S allows customers to compress tablespaces to reduce storage costs
  D. Upon provisioning, ATP-S automatically scales up CPU to meet the application's processing requirements.
  A. You verified that ATP S supports the database features and options currently being used by the 2 databases.
  B. Validate that ATP-S will support the storage and processing requirements for the 2 databases over the life cycle of the business applications.

  ---

  Explanation/Reference:

  Not all features present in Oracle Database Enterprise Edition are available in ATP, and some some Oracle Database features are restricted, for example, database features designed for administration are not available. so you need to validate it first, You can find a complete list of the features that are not supported, https://docs.oracle.com/en/cloud/paas/atp-cloud/atpug/experienced-database- users.html#GUID-58EE6599-6DB4-4F8E-816D-0422377857E5 Also, you must specify the initial storage required for your database but ADB is elastic, so it is possible to grow or shrink your database as needed.

• Question 75:

  You developed a microservices based application that runs on Oracle Cloud Infrastructure (OCI) Container Engine for

  Kubernetes (OKE). It has multiple endpoints that needs to be exposed to the public internet.

  What Is the most cost-effective way to expose multiple application endpoints without adding complexity to the application?

  A. Use clusterlP service type in Kubernetesfor each of yourservice endpointand use a load balancerto expose the endpoints.
  B. Use separate load balancerinstancefor each service but use the 100 Mbps loadbalanceroption.
  C. Deploy an Ingress controllerand use it to expose each endpointwith its own routing endpoint.
  D. Use NodePort service type in Kubernetesfor each of yourservice endpointand use node's public IP address to acccess the applications.
  C. Deploy an Ingress controllerand use it to expose each endpointwith its own routing endpoint.

• Question 76:

  A company has an urgent requirement to migrate 100 TB of data to Oracle Cloud Infrastructure (OCI) in two weeks. They have a 100 Mbps Internet line but the connection is intermittent due to problems with their internet provider. In this scenario, what is the most time-efficient mechanism to migrate data to OCI?

  A. Set up an IPSec VPN tunnel between your data center and OCI. Upload all data to OCI using OCI Storage Gateway.
  B. Set up an OCI Storage Gateway to connect your data center to your Virtual Cloud Network and upload data.
  C. Upload data using OCI Object Storage multipart upload capability.
  D. Set up hybrid network by launching a 1 Gbps FastConnect virtual circuit between your data center and OCI. Use OCI Object Storage multipart upload capability to automate the migration of your data to OCI.
  E. Use OCI File Storage Service to copy data from your data center to OCI.
  D. Set up hybrid network by launching a 1 Gbps FastConnect virtual circuit between your data center and OCI. Use OCI Object Storage multipart upload capability to automate the migration of your data to OCI.

• Question 77:

  You are helping a customer troubleshoot a problem. The customer has several Oracle Linux servers in a private subnet within a Virtual Cloud Network (VCN). The servers are configured to periodically communicate to the Internet to get security patches for applications Installed on them.

  The servers are unable to reach the Internet. An Internet Gateway has been deployed In the public subnet in the VCN and the appropriate routes are configured in the Route Table associated with the public subnet.

  Based on cost considerations, which option will fix this Issue?

  A. Create a Public Load Balancer In front of the servers and add the servers to the Backend Set of the Public Load Balancer.
  B. Create another Internet Gateway and configure it as route target for the private subnet.
  C. Implement a NAT instance In the public subnet of the VCN and configure the NAT instance as the route target for the private subnet.
  D. Create a NAT gateway in the VCN and configure the NAT gateway as the route target for the private subnet.
  D. Create a NAT gateway in the VCN and configure the NAT gateway as the route target for the private subnet.

• Question 78:

  A manufacturing company is planning to migrate their on-premises database to OCI and has hired you for the migration. Customer has provided following information regarding their existing onpremises database:

  Database version, host operating system and version, database character set, storage for data staging, acceptable length of system outage.

  What additional information do you need from customer in order to recommend a suitable migration method? Choose two

  A. Elapsed time since database was last patched
  B. On-premises host operating system and version
  C. Number of active connections
  D. Data types used in the on-premises database
  E. Top 5 longest running queries
  B. On-premises host operating system and version
  D. Data types used in the on-premises database

  ---

  Explanation/Reference:

  Not all migration methods apply to all migration scenarios. Many of the migration methods apply only if specific characteristics of the source and destination databases match or are compatible. Moreover, additional factors can affect which method you choose for your migration from among the methods that are technically applicable to your migration scenario. Some of the characteristics and factors to consider when choosing a migration method are: On-premises database version Database service database version On-premises host operating system and version On-premises database character set Quantity of data, including indexes Data types used in the on-premises database Storage for data staging Acceptable length of system outage Network bandwidth

• Question 79:

  Your company will soon start moving critical systems Into Oracle Cloud Infrastructure (OCI) platform. These systems will reside in the us-phoenix-1and us-ashburn 1 regions. As part of the migration planning, you are reviewing the company's existing security policies and written guidelines for the OCI platform usage within the company. you have to work with the company managed key.

  Which two options ensure compliance with this policy?

  A. When you create a new compute instance through OCI console, you use the default options for "configure boot volume" to speed up the process to create this compute instance.
  B. When you create a new block volume through OCI console, select Encrypt using Key Management checkbox and use encryption keys generated and stored in OCI Key Management Service.
  C. When you create a new compute instance through OCI console, you use the default shape to speed up the process to create this compute instance.
  D. When you create a new OCI Object Storage bucket through OCI console, you need to choose "ENCRYPT USING CUSTOMER-MANAGED KEYS" option.
  E. You do not need to perform any additional actions because the OCI Block Volume service always encrypts all block volumes, boot volumes, and volume backups at rest by using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption.
  B. When you create a new block volume through OCI console, select Encrypt using Key Management checkbox and use encryption keys generated and stored in OCI Key Management Service.
  D. When you create a new OCI Object Storage bucket through OCI console, you need to choose "ENCRYPT USING CUSTOMER-MANAGED KEYS" option.

  ---

  Explanation/Reference:

  Block Volume Encryption

  By default all volumes and their backups are encrypted using the Oracle-provided encryption keys. Each time a volume is cloned or restored from a backup the volume is assigned a new unique encryption key.

  You have the option to encrypt all of your volumes and their backups using the keys that you own and manage using the Vault service.If you do not configure a volume to use the Vault service or you later

  unassign a key from the volume, the Block Volume service uses the Oracle-provided encryption key instead.

  

  This applies to both encryption at-rest and in-transit encryption. Object Storage Encryption

  Object Storage employs 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on the server. Each object is encrypted with its own data encryption key. Data encryption keys are always encrypted with a master encryption key that is assigned to the bucket. Encryption is enabled by default and cannot be turned off. By default, Oracle manages the master encryption key. However, you can optionally configure a bucket so that it's assigned an Oracle Cloud Infrastructure Vault master encryption key that you control and rotate on your own schedule. Encryption: Buckets are encrypted with keys managed by Oracle by default, but you can optionally encrypt the data in this bucket using your own Vault encryption key. To use Vault for your encryption needs, select Encrypt Using Customer-Managed Keys. Then, select the Vault Compartment and Vault that contain the master encryption key you want to use. Also select the Master Encryption Key Compartment and Master Encryption Key.

  

• Question 80:

  You are responsible for a web application deployed on a set of compute VM instances in Oracle Cloud Infrastructure (OCI). Your application stores data on block volumes.

  In production, the business requirement is a Recovery Point Objective (RPO) of two hours and that data should be recoverable in case of a regional failure.

  How would you meet the RPO requirement in the event of a failure?

  A. Create a user-defined storage backup policy and attach a schedule of type "Hourly" and automatically copy to another region. Apply this policy to a volume group containing the block volumes.
  B. Store hourly block volume backups to an NVMe device attached to a compute instance in a different Availability Domain (AD).
  C. Configure your application to use synchronous primary-secondary data replication between ADs.
  D. Set up cross-region volume replication to replicate the block volumes to a different OCI region.
  C. Configure your application to use synchronous primary-secondary data replication between ADs.