Oracle 1Z0-997 Online Practice
Questions and Exam Preparation
1Z0-997 Exam Details
Exam Code
:1Z0-997
Exam Name
:Oracle Cloud Infrastructure 2019 Architect Professional
Certification
:Oracle Certifications
Vendor
:Oracle
Total Questions
:76 Q&As
Last Updated
:Jul 08, 2026
Oracle 1Z0-997 Online Questions &
Answers
Question 31:
A retailer bank is currently hosting their mission critical customer application on-premises. The application has a standard 3 tier architecture -4 application servers process the incoming traffic and store application data in an Oracle Exadata
Database Server. The bank has recently has service disruption to other inter applications to they are looking to avoid this issue for their mission critical Customer Application.
Which Oracle Cloud Infrastructure services should you recommend as part of the DR solution?
A. OCI DNS Service' Public Load Balancer, Oracle Database Cloud Backup Service, Object Storage Service, Oracle Bare Metal Cloud Service, Oracle Bare Metal Cloud Service with GoldenGate, OCI Container Engines for Kubernetes, Oracle IPSec VPN B. OCI Traffic Management, Private Load Balancer, Compute instances distributed across multiple Availability Domains and/or Fault Domains, Exadata Cloud Service with Data Guard, Oracle FastConnect, Object Storage, Database Cloud backup module C. OCI Traffic Management, Public toad Balancer, Compute Instances distributed across multiple D. OCI DNS Service, Load Balancer as a service using Public Load Balancer distributing traffic Compute Instance across multiple regions, Oracle RAC Database using Virtual Machines, Remote Peering connecting two VCNs in different regions. Exadata Cloud Service with GoldenGate FastConnect, Object Storage, Database Cloud backup module.
C. OCI Traffic Management, Public toad Balancer, Compute Instances distributed across multiple
OCI Traffic Management Steering Policies can account for health of answers to provide failover capabilities, provide the ability to load balance traffic across multiple resources, and account for the location where the query was initiated to provide a simple, flexible and powerful mechanism to efficiently steer DNS traffic. Public Load Balancer Accepts traffic from the internet using a public IP address that serves as the entry point for incoming traffic. Load balancing service creates a primary load balancer and a standby load balancer, each in a different availability domain
Question 32:
A manufacturing company is planning to migrate their on-premises database to OCI and has hired you for the migration. Customer has provided following information regarding their existing onpremises database:
Database version, host operating system and version, database character set, storage for data staging, acceptable length of system outage.
What additional information do you need from customer in order to recommend a suitable migration method? Choose two
A. Elapsed time since database was last patched B. On-premises host operating system and version C. Number of active connections D. Data types used in the on-premises database E. Top 5 longest running queries
B. On-premises host operating system and version D. Data types used in the on-premises database
Not all migration methods apply to all migration scenarios. Many of the migration methods apply only if specific characteristics of the source and destination databases match or are compatible. Moreover, additional factors can affect which method you choose for your migration from among the methods that are technically applicable to your migration scenario. Some of the characteristics and factors to consider when choosing a migration method are: On-premises database version Database service database version On-premises host operating system and version On-premises database character set Quantity of data, including indexes Data types used in the on-premises database Storage for data staging Acceptable length of system outage Network bandwidth
Question 33:
You have designed and deployed your Autonomous Data Warehouse (ADW) such that it is accessible from your on-premises data center and servers running on both private and public networks in Oracle Cloud Infrastructure (OCI).
As you are testing the connectivity to your ADW database from the different access paths, you notice that the sewer lunninq on the private network is unable to connect to ADW. Which two steps do you need to take to enable connectivity from the server on the private network to ADW?
A. Add an entry in the Security List of the ADW allowing ingress traffic for C10R block 10.2.2.0/24 B. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/; target type of NAT Gateway, add a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0./0 and for all IP protocols. C. Add an entry in the access table list of ASW for CIDR block 10.2.2.0/24. D. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0./0; target type of internet Gateway, add a stateful egress in the security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols. E. Add an entry in the access control list of ADW for IP address 129.146.160.11
B. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/; target type of NAT Gateway, add a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0./0 and for all IP protocols. E. Add an entry in the access control list of ADW for IP address 129.146.160.11
There are 3 connections to ADW 1- Connecting to (ADW) from Public Internet 2- Connecting to ADW (via NAT or Service Gateway) from a server running on a private subnet in OCI (in the same tenancy) 3- Connecting to ADW (via internet Gateway) from a server running on a public subnet in OCI (in the same tenancy
Question 34:
Your organization is planning on using Oracle Cloud Infrastructure (OCI) File Storage Service (FSS). You will be deploying multiple compute instance in Oracle Cloud Infrastructure (OCI) and mounting the file system to these compute
instances. The file system will hold payment data processed by a Database instance and utilized by compute instances to create a overall inventory report. You need to restrict access to this data for specific compute instances and must be
allowed/blocked per compute instance's CIDR block.
Which option can you use to secure access?
A. Use stateless Security List rule to restrict access from known IP addresses only. B. Create a new VCN security list, choose SOURCE TYPE as Service and SOURCE SERVICE as FSS. Add stateless ingress and egress rules for specific P address and CIDR blocks. C. Use 'Export option' feature of FSS to restrict access to the mounted file systems. D. Create and configure OCI Web Application Firewall service with built in DNS based intelligent routing.
C. Use 'Export option' feature of FSS to restrict access to the mounted file systems.
NFS export options enable you to create more granular access control than is possible using just security list rules to limit VCN access. You can use NFS export options to specify access levels for IP addresses or CIDR blocks connecting to file systems through exports in a mount target. Access can be restricted so that each client's file system is inaccessible and invisible to the other, providing better security controls in multi-tenant environments. Using NFS export option access controls, you can limit clients' ability to connect to the file system and view or write data. For example, if you want to allow clients to consume but not update resources in your file system, you can set access to Read Only. You can also reduce client root access to your file systems and map specified User IDs (UIDs) and Group IDs (GIDs) to an anonymous UID/GID of your choice. For more information about how NFS export options work with other security layers
Question 35:
You are working as a solution architect for an online retail store to create a portal to allow the users to pay for their groceries using credit cards. Since the application is not fully compliant with the Payment Card Industry Data Security Standard (PCI DSS), your company is looking to use a third party payment service to process credit card payments. The third party service allows a maximum of Spelunk IP addresses 5 public IP addresses at a time However, your website is using Oracle Cloud Infrastructure (OCI) Instance Pool Auto Scaling policy to create up to create up to 15 Instances during peak traffic demand, which are launched In VCN private in VCN private subnets and attached to an OCI public Load Balancer. Upon user payment, the portal connects to the payment service over the Interne! to complete the transaction What solution can you implement to make sure that all compute Instances can connect to the third party system to process the payments aw peak traffic demand?
A. Route credit card payment request from the compute instances through the NAT Gateway. On the third-party services, whitest the public IP associated with the NAT Gateway. B. Whitelist the Internet Gateway Public IP on the third party service and route all payment requests through the Internet Gateway. C. Create an OCI Command Line Interface (CLI) script to automatically reserve public IP address for the compute instances. On the third services, whitelist the Reserved public IP. D. Route payment request from the compute instances through the OCI Load Balancer, which will then be routed to the third party service.
D. Route payment request from the compute instances through the OCI Load Balancer, which will then be routed to the third party service.
You can OCI Load Balancer for this solution which can you the Public IPs of Load balancer to Traffic to third party services which allows a maximum of Spelunk IP addresses 5 public IP addresses at a time However, your website is using Oracle Cloud Infrastructure (OCI) Instance Pool Auto Scaling policy to create up to 15 Instances during peak traffic demand
Question 36:
To serve web traffic for a popular product, your cloud engineer has provisioned four BM.Standard2.52 instances, event spread across two availability domains in the us-asburn-1 region:
LoadBalancer is used to deliver the traffic across instances. After several months, the product grows even more popular and you need additional compute capacity. As a result, an engineer provisioned two additional VM.Standard2.8
instances. You register the two VM. Standard2. 8 Instances with your load Balancer Backend sot and quickly find that the VM Standard2.8 Instances running at 100% of CPU utilization but the BM.Standard2 .52 instances have significant
CPU capacity that's unused. Which option is the most cost effective and uses instances capacity most effectively?
A. Configure your Load Balance, with weighted round robin policy to distribute traffic to the compute instances, with more weight assigned to bare metal instances. B. Configure Autoscaling instance pool with LoadBalancer to add up to 3 more BM.Standard2.52 Instances when triggered. Shut off VM.Standard2.8 instances. C. Route traffic to BM.Standard2.52 and VM Standard2.8 instances directly using DNS and Health Checks. Shut off the load Balances. D. Configure LoadBalancer with two VM Standard2.8 instances and use Autoscalling Instant pool to add up to two additional VM instances. Shut off BM.Standard2.52 instances.
A. Configure your Load Balance, with weighted round robin policy to distribute traffic to the compute instances, with more weight assigned to bare metal instances.
Customer have 4 BM.Standard2.52 and After several months he need additional compute capacity customer find The VM Standard2.8 Instances running at 100% of CPU utilization but the BM.Standard2 .52 instances have significant CPU capacity that unused. so the customer need to check the Load balance policy to make sure the 4 BM and VM is utilize correctly
Question 37:
Multiple departments In your company use a shared Oracle Cloud Infrastructure (OCI) tenancy to Implement their projects. You are in charge of managing the cost of OCI resources in the tenancy and need to obtain better Insights Into department's usage. Which three options can you implement together to accomplish this?
A. Create a budget that matches your commitment amount and an alert at 100 percent of the forecast B. Set up a consolidated budget tracking lags to analyze costs in ,1 granular manner C. Set up different compartments for each department then track and analyze cost per compartment D. Use the billing cost tracking report to analyze costs E. Set up a tag default that automatically applies tags to all specified resources created In a compartment then use these tags for cost analysis.
A. Create a budget that matches your commitment amount and an alert at 100 percent of the forecast C. Set up different compartments for each department then track and analyze cost per compartment E. Set up a tag default that automatically applies tags to all specified resources created In a compartment then use these tags for cost analysis.
budgets You can use budgets to track costs in your tenancy. After creating a budget for a compartment, you can set up alerts that will notify you if a budget is forecast to be exceeded or if spending surpasses a certain amount. OCI Cost Analysis Visualization tools Help understand spending patterns at a glance Filter costs by Date, Tags and Compartments Frend lines show how spending patterns are changing To use Cost Analysis you must be a member of the Administrators group
Question 38:
An Oracle Cloud Infrastructure (OCI) Public Load Balancer's SSL certificate is expiring soon. You noticed the Load Balancer is configured with SSL Termination only. When the certificate expires, data traffic can be interrupted and security
compromised.
What steps do you need to take to prevent this situation?
A. Add the new SSL certificate to the Load Balancer, update backend servers to work with a new certificate and edit listeners so they can use the new certificate bundle. B. Add the new SSL certificate to the Load Balancer, update listeners and backend sets so they can use the new certificate bundle. C. Add the new SSL certificate to the Load Balancer and implement end to end SSL so it can encrypt the traffic from clients all the way to the backend servers. D. Add the new SSL certificate to the Load Balancer and update backend servers to use the new certificate bundle. E. Add the new SSL certificate to the Load Balancer and update listeners to use the new certificate bundle.
A. Add the new SSL certificate to the Load Balancer, update backend servers to work with a new certificate and edit listeners so they can use the new certificate bundle.
Question 39:
Your team is conducting a root analysis (RCA) following a recent, unplanned outage. One of the block volumes attached to your production WebLogic server was deleted and you have tasked with identifying the source of the action. You search the Audit logs and find several Delete actions that occurred in the previous 24 hours. Given the sample of this event.
Which item from the event log helps you identify the individual or service that initiated the DeleteVolume API call?
A. requestAgent B. eventource C. principalld D. requestOrigin E. eventId
C. principalld
The Oracle Cloud Infrastructure Audit service automatically records calls to all supported Oracle Cloud Infrastructure public application programming interface (API) endpoints as log events.
Currently, all services support logging by Audit.
Every audit log event includes two main parts:
Envelopes that act as a container for all event messages Payloads that contain data from the resource emitting the event message The identity object contains the following attributes. data.identity.authType The type of authentication used.
data.identity.principalId The OCID of the principal.
data.identity.principalName The name of the user or service. This value is the friendly name associated
with principalId .
Question 40:
A retail company runs their online shopping platform entirely on Oracle cloud Infrastructure (OCI). This is a 3-tier web application that Includes a Mbps Load Balancer. Virtual Machine Instances for web and an Oracle DB Systems Virtual
Machine Due to unprecedented growth, they noticed an Increase in the Incoming traffic to their website and all users start getting 503 (Service Unavailable) errors.
What is the potential problem in this scenario?
A. The Load Balancer health check status Indicates critical situation for half of the backend webservers B. All the web servers are too busy and not able to answer any request from users. C. The Database Is down hence users can not access the web site D. The Traffic Management Policy is not set to load Balancer the traffic to the web servers. E. You did not configure a Service Gateway to allow connection between web servers and load Balance
B. All the web servers are too busy and not able to answer any request from users.
A 503 Service Unavailable Error is an HTTP response status code indicating that a server is temporarily unable to handle the request. This may be due to the server being overloaded or down for maintenance.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Oracle exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your 1Z0-997 exam preparations
and Oracle certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.