[Jan 27, 2022] Pass Oracle 1Z0-1072-20 Exam Info and Free Practice Test [Q114-Q134]

[Jan 27, 2022] Pass Oracle 1Z0-1072-20 Exam Info and Free Practice Test

1Z0-1072-20 Exam Dumps PDF Updated Dump from RealValidExam Guaranteed Success

Oracle 1Z0-1072-20 Exam Syllabus Topics:

Topic	Details
Topic 1	Describe the components of Compute service, including shapes, images, and custom images Set up a Load Balancer
Topic 2	Architect High Availability and Disaster Recovery solutions Apply core Identity and Access Management components
Topic 3	Describe image options Architect HA and DR solutions Apply IAM, governance, and security best practices
Topic 4	Architect High Availability (HA) using Explain resource locations

 

NEW QUESTION 114
Which three are valid Terraform configuration components? (Choose three.)

• A. data source
• B. instance
• C. resource
• D. metadata
• E. region
• F. variable

Answer: A,C,F

 

NEW QUESTION 115
You are designing a networking infrastructure in multiple Oracle Cloud Infrastructure regions and require connectivity between workloads in each region. You have created a dynamic routing gateway (DRG) and a remote peering connection. However, your workloads are unable to communicate with each other.
What are two reasons for this? (Choose two.)

• A. A local peering gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the local peering gateway.
• B. An internet gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the internet gateway
• C. Identity and Access Management (IAM) policies have not been defined to allow connectivity across the two VCNs in different regions.
• D. The route table associated with subnets in each VCN do not have a route rule defined to forward the traffic to their respective DRGs.
• E. The security lists associated with subnets in each virtual cloud network (VCN) do not have the appropriate ingress rules.

Answer: D,E

 

NEW QUESTION 116
Which two statements about file storage service (FSS) are accurate? (Choose two.)

• A. FSS leverages UNIX user group and permission checking for file access security
• B. Identity and Access Management (IAM) controls which file systems are mountable by which instances
• C. Encryption of file system in FSS is optional
• D. Security lists can be used as a virtual firewall to prevent an instance from mounting an FSS mount target within the same subnet
• E. Data in transit to an FSS mount target is encrypted

Answer: A,E

Explanation:
All data is encrypted at rest. and In-transit encryption provides a way to secure your data between instances and mounted file systems using TLS v. 1.2 (Transport Layer Security) encryption.
File Storage service supports the AUTH_UNIX style of authentication and permission checking for remote NFS client requests.

 

NEW QUESTION 117
Which two statements define the types of DNS resolvers that exist? (Choose two.)

• A. A VCN resolver allows instances to use host names to communicate with instances on other VCNs in your tenancy.
• B. A VCN resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.
• C. A custom resolver allows instances to use the host names of the hosts in your on-prem network that are connected to your VCN by an IPSec VPN connection.
• D. An Internet resolver allows instances to use the host names that are published on the Internet.

Answer: C,D

Explanation:
Explanation
https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/dns.htm
This is an Oracle-provided option that includes two parts:Internet Resolver: Lets instances resolve hostnames that are publicly published on the internet. The instances do not need to have internet access by way of either an internet gateway or a connection to your on-premises network (such as an IPSec VPN connection through a DRG ).VCN Resolver: Lets instances resolve hostnames (which you can assign) of other instances in the same VCN. For more information, see About the DNS Domains and Hostnames.By default, new VCNs you create use the Internet and VCN Resolver. If you're using the Networking API, this choice refers to the VcnLocalPlusInternet enum in the DhcpDnsOption object.
The Internet and VCN Resolver does not let instances resolve the hostnames of hosts in your on-premises network connected to your VCN by IPSec VPN connection or FastConnect. Use your own custom DNS resolver to enable that.
https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/dns.htm?Highlight=DNS%20resolver#About

 

NEW QUESTION 118
As an Oracle Cloud Infrastructure tenancy administrator, you created predefined lists of values and associated them with tag key definitions.
One of the users in your tenancy complains that she cannot see these predefined values.
What is causing this issue?

• A. Some of the predefined values are null.
• B. The user has breached either the quota or service limit for using tags.
• C. The user is not part of an Identity and Access Management group that gives access to tagging.
• D. The user is trying to use free-form tags.

Answer: D

Explanation:
Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/Tagging/Tasks/usingpredefinedvalues.htm

 

NEW QUESTION 119
A customer has launched a compute Instance in the Virtual Cloud Network (VCN), which has an Internet gateway, a service gateway, a default security lists and a default route table. Customer has opened up Port 22 in the security lists attached to the compute instance subnet, however is still unable to connect to compute instances using ssh.
Which option would remedy this situation?

• A. Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table.
  Destination CIDR: 0.0.0.0/0
  Target: Service Gateway (SGW)
• B. Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table.
  Destination CIDR: 0.0.0.0/0
  Target: Dynamic Routing Gateway (DRG)
• C. Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table.
  Destination CIDR: 0.0.0.0/0
  Target: Internet Gateway (IGW)
• D. Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful egress rule to allow icmp traffic in addition to the port 22.

Answer: C

Explanation:
You create an internet gateway in the context of a specific VCN. In other words, the internet gateway is automatically attached to a VCN. However, you can disable and re-enable the internet gateway at any time.
For traffic to flow between a subnet and an internet gateway, you must create a route rule accordingly in the subnet's route table (for example, destination CIDR = 0.0.0.0/0 and target = internet gateway). If the internet gateway is disabled, that means no traffic will flow to or from the internet even if there's a route rule that enables that traffic.
For the purposes of access control, you must specify the compartment where you want the internet gateway to reside. If you're not sure which compartment to use, put the internet gateway in the same compartment as the cloud network.

 

NEW QUESTION 120
With regard to Oracle Cloud Infrastructure Load Balancing service, which two actions will occur when a backend server that is registered with a backend set is marked to drain connections? (Choose two.)

• A. All new connections to this backend server are disallowed.
• B. Connections to this backend server will remain open until all in-flight requests are completed.
• C. All connections to this backend server are forcibly closed after a timeout period.
• D. All existing connections to this backend sever will be immediately closed.
• E. Requests to this backend server are redirected to a user-defined error page.

Answer: A,B

Explanation:
Explanation
Explanation/Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Balance/Reference/sessionpersistence.htm

 

NEW QUESTION 121
You have provisioned an Autonomous Transaction Processing (ATP) database and logged into the ATP service console.
What are three abilities that can be performed from this service console? (Choose three.)

• A. set resource management rules
• B. create ATP database users
• C. reset the admin password
• D. scale up/down the CPUs
• E. monitor database activity and SQL queries

Answer: A,C,E

Explanation:
In ATP Service Console,
In the activity screen allows you to perform some basic monitor database activity and SQL queries

In the administration screen allows you to perform some basic administration of the service, like reset the admin password and set resource management rules

 

NEW QUESTION 122
Which two resources reside exclusively in a single Oracle Cloud Infrastructure Availability Domain? (Choose two.)

• A. Identity and Access Management Groups
• B. Object Storage
• C. Block volume
• D. Web Application Firewall policy
• E. Compute instance

Answer: C,E

Explanation:
Explanation/Reference:

 

NEW QUESTION 123
You have created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system so you have provisioned one using the file storage service (FSS). You also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that both application servers and the DB System can access the file system. The security team determines that the DB System should have read-only access to the file system.
What change would you make to satisfy this requirement?

• A. Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet.
• B. Create an instance principal for the DB System. Write an Identity and Access Management (IAM) policy that allows the instance principal read-only access to the file storage service.
• C. Connect via SSH to one of the application servers where the file system has been mounted. Use the Unix command chmod to change permissions on the file system directory, allowing the database user read only access.
• D. Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateless.

Answer: A

Explanation:
Explanation
NFS export options enable you to create more granular access control than is possible using just security list rules to limit VCN access. You can use NFS export options to specify access levels for IP addresses or CIDR blocks connecting to file systems through exports in a mount target.

 

NEW QUESTION 124
You are responsible for creating and maintaining an enterprise application that consists of multiple storage volumes across multiple compute instances in Oracle Cloud Infrastructure (OCI).
The storage volumes include boot volumes and block volumes for your data storage. You need to create backups of these storage volumes in the most time-efficient manner.
How can you meet this requirement?

• A. Create on-demand full backups of boot volumes, and copy data in block volumes to Object Storage using OCI CLI.
• B. Group together multiple storage volumes in a volume group and create volume group backups.
• C. Create clones of all boot volumes and block volumes one at a time.
• D. Create on-demand full backups of block volumes, and create custom images from the boot volumes.

Answer: B

Explanation:
Explanation/Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Concepts/volumegroups.htm

 

NEW QUESTION 125
An instance is launched with a primary VNIC that is created during instance launch.
Which two operations are true when you add secondary VNICs to an existing instance? (Choose two.)

• A. You can remove the primary VNIC after the secondary VNIC's attachment is complete.
• B. It is not possible to connect two VNICs to an instance.
• C. You can remove the secondary VNIC later if it is not needed.
• D. The primary and secondary VNIC association should be within the same Availability Domain.

Answer: C,D

Explanation:
Explanation
https://docs.cloud.oracle.com/iaas/Content/Network/Tasks/managingVNICs.htm

 

NEW QUESTION 126
Which statement is true about cloning a volume?

• A. You need to detach a volume before cloning from it.
• B. You can create a clone for a volume across regions.
• C. You can change the block volume size when cloning a volume.
• D. A cloned volume is the same as a snapshot that has a dependency on the source volume.

Answer: C

Explanation:
Explanation
References:
https://docs.cloud.oracle.com/iaas/Content/Block/Tasks/cloningavolume.htm?tocpath=Services%7CBlock%20V

 

NEW QUESTION 127
You have been notified of an application failure indicating that one or more of the Oracle Cloud Infrastructure (OCI) resources have become unavailable. After scanning the Compute and Database consoles, you notice that one of the DB Systems is missing.
What would you do to identify the reason for this missing resource?

• A. View the service limits associated with your account to ensure that you have not exceeded the allowable number of DB Systems in your tenancy.
• B. Navigate to the Audit console and search the previous 24 hours for all DELETE request actions to get a list of any resource that was deleted in the past 24 hours.
• C. Navigate to the Audit console and search the previous 24 hours for all the GET request actions to get a list of every event that occurred in the past 24 hours.
• D. Create a serial console connection to the DB System that does not appear in the management console. Connect to the serial console connection, and then review the system logs under /var/log/messages.

Answer: B

Explanation:
You can filter results by request actions to zero in on only the events with operations that interest you. For example, say that you only want to know about instances that were deleted during a specific time frame. Select a delete request action filter to see only the events with delete operations Reference:
https://docs.cloud.oracle.com/en-us/iaas/Content/GSG/Tasks/usingaudit.htm

 

NEW QUESTION 128
You have hired a new employee to run reports from the Autonomous Data Warehouse (ADW) and are not confident in their SQL writing ability.
Into which consumer group will you assign this individual to minimize the impact of their code?

• A. Medium
• B. High
• C. Lowest
• D. Low
• E. Highest

Answer: D

Explanation:
Explanation
in ADW, The tnsnames.ora file provided with the credentials zip file contains three database service names identifiable as high, medium, and low. The predefined service names provide different levels of performance and concurrency for Autonomous Data Warehouse.
high: The High database service provides the highest level of resources to each SQL statement resulting in the highest performance, but supports the fewest number of concurrent SQL statements. Any SQL statement in this service can use all the CPU and IO resources in your database. The number of concurrent SQL statements that can be run in this service is 3, this number is independent of the number of OCPUs in your database.
medium: The Medium database service provides a lower level of resources to each SQL statement potentially resulting a lower level of performance, but supports more concurrent SQL statements. Any SQL statement in this service can use multiple CPU and IO resources in your database. The number of concurrent SQL statements that can be run in this service depends on the number of OCPUs in your database.
low: The Low database service provides the least level of resources to each SQL statement, but supports the most number of concurrent SQL statements. Any SQL statement in this service can use a single CPU and multiple IO resources in your database. The number of concurrent SQL statements that can be run in this service can be up to 300 times the number of OCPUs.
The predefined service names provide different levels of performance and concurrency for Autonomous DB Choose whichever database service offers the best balance of performance and concurrency.
Use the low database service name. to minimize the impact of their SQLs to by low consumer group

 

NEW QUESTION 129
You have provisioned an Autonomous Data Warehouse (ADW) database with 16 enabled OCPUs and need to configure the consumer group for your application.
Which two are true when deciding the number of sessions for each application? (Choose two.)

• A. The MEDIUM and LOW consumer group can run up to 16 concurrent SQL statements if HIGH consumer group has 0 SQL statements
• B. The HIGH consumer group can run up to 16 concurrent SQL statements in addition to 32 concurrent SQL statements in MEDIUM and LOW consumer group each
• C. The HIGH consumer group can run up to 16 concurrent SQL statements as long as MEDIUM and LOW consumer groups have 0 SQL statements
• D. The HIGH consumer group can run 3 concurrent SQL statements when MEDIUM consumer group has
  0 SQL statements
• E. The MEDIUM consumer group can run 20 concurrent SQL statements when HIGH consumer group has
  0 SQL statements

Answer: D,E

Explanation:
Explanation
References:
https://docs.oracle.com/en/cloud/paas/autonomous-data-warehouse-cloud/user/connect-predefined.html#GUID-9

 

NEW QUESTION 130
Which two tools would you use to manage Database Cloud Service (DBCS)? (Choose two.)

• A. Oracle Enterprise Manager
• B. Oracle Swingbench
• C. SQL Developer
• D. psql

Answer: A,C

 

NEW QUESTION 131
Which two identity providers can your administrator federate with Oracle Cloud Infrastructure? (Choose two.)

• A. AWS Directory Services
• B. Oracle Identity Cloud Services
• C. Microsoft Active Directory
• D. Google Directory Federation Services

Answer: B,C

Explanation:
Explanation
References:
Oracle Cloud Infrastructure supports federation with Oracle Identity Cloud Service and Microsoft Active Directory (via Active Directory Federation Services (AD FS)), and any identity provider that supports the Security Assertion Markup Language (SAML) 2.0 protocol.

 

NEW QUESTION 132
Which three are capabilities of the dbaascli utility? (Choose three.)

• A. Open port 1521 in the VCN to allow for traffic to the listener
• B. Clone a DB
• C. Start and open the database instance
• D. Switchover and failover in an Oracle Guard configuration
• E. Patching the primary database deployment

Answer: C,D,E

Explanation:
Explanation
https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html Using the dbaascli utility, you can:
Change the password of a database user.
Start and stop a database.
Start and stop the Oracle Net listener
Check the status of the Oracle Data Guard configuration.
Perform switchover and failover in an Oracle Data Guard configuration.
Patch the database deployment.
Perform database recovery.
Rotate the master encryption key.
https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html

 

NEW QUESTION 133
What happens after you successfully run the following command on your Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) using the YAML file defined below?
kubectl create -f definition.yml
YAML file - definition.yml

• A. No Pod gets created.
• B. Two Pods with a container each are created.
• C. A single Pod with two containers is created.
• D. A single Pod with a single container is created.

Answer: C

 

NEW QUESTION 134
......

Pass Your Oracle Exam with 1Z0-1072-20 Exam Dumps: https://actualtests.realvalidexam.com/1Z0-1072-20-real-exam-dumps.html