NEW QUESTION 1

Which three are capabilities of the dbaascli utility? (Choose three.)

• A. Patching the primary database deployment
• B. Open port 1521 in the VCN to allow for traffic to the listener
• C. Start and open the database instance
• D. Switchover and failover in an Oracle Guard configuration
• E. Clone a DB

Answer: ACD

Explanation:
https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html Using the dbaascli utility, you can:
Change the password of a database user. Start and stop a database.
Start and stop the Oracle Net listener
Check the status of the Oracle Data Guard configuration.
Perform switchover and failover in an Oracle Data Guard configuration. Patch the database deployment.
Perform database recovery. Rotate the master encryption key.
https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html

NEW QUESTION 2

You created a public subnet and an internet gateway in your virtual cloud network (VCN) of Oracle Cloud Infrastructure. The public subnet has an associated route table and security list. However, after creating several compute instances in the public subnet, none can reach the Internet.
Which two are possible reasons for the connectivity issue? (Choose two.)

• A. The route table has no default route for routing traffic to the internet gateway.
• B. There is no stateful egress rule in the security list associated with the public subnet.
• C. There is no dynamic routing gateway (DRG) associated with the VCN.
• D. There is no stateful ingress rule in the security list associated with the public subnet.
• E. A NAT gateway is needed to enable the communication flow to internet.

Answer: AB

Explanation:
An internet gateway as an optional virtual router that connects the edge of the VCN with the internet. To use the gateway, the hosts on both ends of the connection must have public IP addresses for routing. Connections that originate in your VCN and are destined for a public IP address (either inside or outside the VCN) go through the internet gateway. Connections that originate outside the VCN and are destined for a public IP address inside the VCN go through the internet gateway.
Working with Internet Gateways
You create an internet gateway in the context of a specific VCN. In other words, the internet gateway is automatically attached to a VCN. However, you can disable and re-enable the internet gateway at any time.
Compare this with a dynamic routing gateway (DRG), which you create as a standalone object that you
then attach to a particular VCN. DRGs use a different model because they're intended to be modular building blocks for privately connecting VCNs to your on-premises network.
For traffic to flow between a subnet and an internet gateway, you must create a route rule accordingly in the subnet's route table (for example, destination CIDR = 0.0.0.0/0 and target = internet gateway). If the internet gateway is disabled, that means no traffic will flow to or from the internet even if there's a route rule that enables that traffic. For more information, see Route Tables.
For the purposes of access control, you must specify the compartment where you want the internet gateway to reside. If you're not sure which compartment to use, put the internet gateway in the same compartment as the cloud network. For more information, see Access Control.
You may optionally assign a friendly name to the internet gateway. It doesn't have to be unique, and you can change it later. Oracle automatically assigns the internet gateway a unique identifier called an Oracle Cloud ID (OCID). For more information, see Resource Identifiers.
To delete an internet gateway, it does not have to be disabled, but there must not be a route table that lists it as a target.
AS per compute instances can connect to the Internet so you use egress no ingress

NEW QUESTION 3

As a solution architect, you are showcasing the Oracle Cloud Infrastructure (OCI) Object Storage feature about Object Versioning to a customer.
Which statement is true in regards to OCI Object Storage Versioning?

• A. Object versioning does not provide data protection against accidental or malicious object update,overwrite, or deletion.
• B. By default, object versioning is disabled on a bucket.
• C. A bucket that is versioning-enabled can have only and always will have a latest version of the object in the bucket.
• D. Objects are physically deleted from a bucket when versioning is enabled.

Answer: A

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Tasks/usingversioning.htm

NEW QUESTION 4

You are designing a networking infrastructure in multiple Oracle Cloud Infrastructure regions and require connectivity between workloads in each region. You have created a dynamic routing gateway (DRG) and a remote peering connection. However, your workloads are unable to communicate with each other.
What are two reasons for this? (Choose two.)

• A. The security lists associated with subnets in each virtual cloud network (VCN) do not have the appropriate ingress rules
• B. Identity and Access Management (IAM) policies have not been defined to allow connectivity across the two VCNs in different regions
• C. A local peering gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the local peering gateway
• D. An Internet gateway needs to be created in each VCN with a default route rule added in the route table forwarding the traffic to the Internet Gateway
• E. The route table associated with subnets in each VCN do not have a route rule defined to forward the traffic to their respective DRGs

Answer: AE

Explanation:
Setting Up a Remote Peering
Create the RPCs: Each VCN administrator creates an RPC for their own VCN's DRG. Share information: The administrators share the basic required information.
Set up the required IAM policies for the connection: The administrators set up IAM policies to enable the connection to be established.
Establish the connection: The requestor connects the two RPCs (see Important Remote Peering Concepts the definition of the requestor and acceptor).
Update route tables: Each administrator updates their VCN's route tables to enable traffic between the peered VCNs as desired.
Update security rules: Each administrator updates their VCN's security rules to enable traffic between the peered VCNs as desired.

NEW QUESTION 5

You are managing a tier-1 OLTP application on an Autonomous Transaction Processing (ATP) database. Your business needs to run hourly batch processes on this ATP database that may consume more CPUs than what is available on the server.
How can you limit these batch processes to not interfere with the OLTP transactions?

• A. Configure ATP resource management rules to change CPU/IO shares for the consumer group of batch processes.
• B. Copy OLTP data into new tables in a new table space and run batch processes against these new tables.
• C. Disable automated backup during the batch process operations.
• D. ATP is designed for OLTP workload only, you cannot run batch processes on ATP.

Answer: A

Explanation:
Autonomous Transaction Processing comes with predefined CPU/IO shares assigned to different consumer groups. You can modify these predefined CPU/IO shares if your workload requires different CPU/IO resource allocations.
By default, the CPU/IO shares assigned to the consumer groups TPURGENT, TP, HIGH, MEDIUM, and LOW are 12, 8, 4, 2, and 1, respectively. The shares determine how much CPU/IO resources a consumer
group can use with respect to the other consumer groups. With the default settings the consumer group TPURGENT will be able to use 12 times more CPU/IO resources compared to LOW, when needed. The consumer group TP will be able to use 4 times more CPU/IO resources compared to MEDIUM, when needed.

NEW QUESTION 6

Which three must be configured for a load balancer to accept incoming traffic? (Choose two.)

• A. a listener
• B. a back-end server
• C. a back end set
• D. a security list that is open on a listener port
• E. a certificate

Answer: ABC

Explanation:
https://docs.cloud.oracle.com/iaas/Content/Balance/Tasks/managingloadbalancer.htm?tocpath=Services%7CLoa The essential components for load balancing include:• A load balancer with pre-provisioned bandwidth.• A backend set with a health check policy. See Managing Backend Sets.• Backend servers for your backend set. See Managing Backend Servers.• One or more listeners . See Managing Load Balancer Listeners.• Load balancer subnet security rules to allow the intended traffic. To learn more about these rules, see Security Rules.• Optionally, you can associate your listeners with SSL server certificate bundles to manage how your system handles SSL traffic. See Managing SSL Certificates.

NEW QUESTION 7

You are working for a financial institution that is currently running two web applications in Oracle Cloud Infrastructure (OCI). All resources were created in the root compartment.
Your manager asked you to deploy new resources to support a proof-of-concept (PoC) for Oracle FlexCube. D18912E1457D5D1DDCBD40AB3BF70D5D
You must ensure that the FlexCube resources are secured and cannot be affected by the team that manages the two web applications.
Which two tasks should you complete to ensure the required security of your resources? (Choose two.)

• A. Create a new compartment for the two web applications and move the existing resources into thecompartmen
• B. Deploy the FlexCube application into the root compartmen
• C. Create a new policy in the rootcompartment that gives the FlexCube project team the ability to manage all resources in the tenancy.
• D. Create a new policy in the root compartment for the FlexCube project tea
• E. Assign a policy statement that grants the FlexCube project team the ability to manage all resources in the tenancy, where a specific tag key and tag value are present.
• F. Create a Tag Default within the root compartment with a default value of ${iam.principle.name} so that each new resource created is tagged with the name of the person who created i
• G. Create a new IAMpolicy that allows users to only modify resources they created.
• H. Create a new compartment for the two web applications and move the existing resources into this compartmen
• I. Modify the existing policy for the team that manages these applications so that the scopeof access is defined as this new compartment.
• J. Create a new compartment for the FlexCube application deploymen
• K. Create a policy in this compartment for the project team that gives them the ability to manage all resources within the scope of thiscompartment.

Answer: CD

NEW QUESTION 8

Why are two subnets required to create a public load balancer when additional subnets are often used for back-end servers? (Choose two.)

• A. Routing is simpler when the load balancer is not in the same subnet as the back-end server.
• B. Performance is higher when more subnets are used.
• C. Additional subnets for back-end servers allow for separate route tables for these servers.
• D. Additional subnets for back-end servers allow for separate security lists for these servers.

Answer: BD

Explanation:
References:
http://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/ocis/load-balancer/load-balancer.html

NEW QUESTION 9

Which two are true for achieving High Availability on Oracle Cloud Infrastructure? (Choose two.)

• A. Store your database across multiple regions so that half of the data resides in one region and the other half resides in another region.
• B. Attach your block volume form Availability Domain 1 to a compute instance in Availability Domain 2 (and vice versa) so that they are highly available.
• C. Configure your database to have Data Guard in another Availability Domain in Sync mode within a region.
• D. Store your database files on Object Storage so that they are available in all Availability Domains in all regions.
• E. Distribute your application servers across all Availability Domains within a region.

Answer: CE

NEW QUESTION 10

Which two statements are true about subnets within a VCN? (Choose two.)

• A. You can have multiple subnets in an Availability Domain for a given VCN.
• B. Private and Public subnets cannot reside in the same Availability Domain for a given VCN.
• C. Subnets can have their IP addresses overlap with other subnets in another network for a given VCN.
• D. Instances obtain their private IP and the associated security list from their subnets.

Answer: AD

Explanation:
References: https://cloud.oracle.com/en_US/bare-metal-network/vcn/faq

NEW QUESTION 11

Which two statements are true about an Oracle Cloud Infrastructure (OCI) virtual cloud network (VCN)? (Choose two.)

• A. To delete a VCN, its subnets must contain no resources.
• B. A VCN can have multiple CIDR blocks associated with it.
• C. In regions with multiple Availability Domains (AD), each AD should have their own VCN assigned to it.
• D. If you own a block of public IPs, you can assign it to one of your VCNs.
• E. A VCN covers a single, contiguous IPv4 CIDR block of your choice.

Answer: AE

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs.htm

NEW QUESTION 12

Which statement is true about interconnecting Virtual Cloud Network (VCN)?

• A. VCNs support transitive peering.
• B. Peering VCNs should not have overlapping CIDR blocks.
• C. VCNs must be in the same tenancy to be peered.
• D. The only way to interconnect VCNs is through peering.

Answer: B

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Tasks/remoteVCNpeering.htm (note)

NEW QUESTION 13

You are a network architect and have designed the network infrastructure of a three-tier application on Oracle Cloud Infrastructure (OCI). In the architecture, back-end DB servers are in a private subnet. One of your DB administrators requests to have access to OCI object storage service.
How can you meet this requirement?

• A. Add a new route rule to the private subnet route table to route default traffic to the internet gateway.
• B. Attach a public IP address to the instances in the private subnet, and then add a new route rule to the private subnet route table to route default traffic to the internet gateway.
• C. Create a dynamic routing gateway (DRG) and attach it to your virtual cloud network (VCN). Add a default route rule to the private subnets route table and set the target as DRG.
• D. Create a service gateway, add a new route rule to the private subnet route table that uses object storage as target type.

Answer: D

Explanation:
A service gateway lets resources in your VCN privately access specific Oracle services, without exposing the data to an internet gateway or NAT. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic from the VCN to the service of interest travels over the Oracle network fabric and never traverses the internet.
To give your VCN access to a given service CIDR label, you must enable that service CIDR label for the VCN's service gateway. You can do that when you create the service gateway, or later after it's created. You can also disable a service CIDR label for the service gateway at any time.
For traffic to be routed from a subnet in your VCN to a service gateway, you must add a rule accordingly to the subnet's route table. The rule must use the service gateway as the target.
Reference:
https://blogs.oracle.com/cloud-infrastructure/connect-private-instances-with-oracle-servicesthrough-an-oracle-cl

NEW QUESTION 14

You are deploying a highly available web application In Oracle Cloud Infrastructure and have decided to use a public load balancer. The back-end web servers will be distributed across all three availability domains (ADs).
How many subnets should you create to deliver a secure, highly available application?

• A. two subnets in total; one regional private subnet to host your back-end web servers and one regional public subnet to host your public load load balancer.
• B. two subnets in total; one regional public subnet to host your back-end web servers and one regional private subnet to host your public load load balancer.
• C. three subnets in total; one regional public subnet to host your back-end web servers and two AD specific private subnets to host your private load load balancer.
• D. one subnet in total; one regional private subnet to host your back-end web servers and your public load balancer.

Answer: A

Explanation:
To accept traffic from the internet, you create a public load balancer. The service assigns it a public IP address that serves as the entry point for incoming traffic. You can associate the public IP address with a friendly DNS name through any DNS vendor.
A public load balancer is regional in scope. If your region includes multiple availability domains, a public load balancer requires either a regional subnet (recommended) or two availability domain-specific
(AD-specific) subnets, each in a separate availability domain. With a regional subnet, the Load Balancing service creates a primary load balancer and a standby load balancer, each in a different availability
domain, to ensure accessibility even during an availability domain outage.
If you create a load balancer in
two AD-specific subnets, one subnet hosts the primary load balancer and the other hosts a standby load balancer. If the primary load balancer fails, the public IP address switches to the secondary load balancer. The service treats the two load balancers as equivalent and you cannot specify which one is "primary".
Whether you use regional or AD-specific subnets, each load balancer requires one private IP address from its host subnet. The Load Balancing service supplies a floating public IP address to the primary load balancer. The floating public IP address does not come from your backend subnets.
You cannot specify a private subnet for your public load balancer.
The backend servers (Compute instances) associated with a backend set can exist anywhere, as long as the associated network security groups (NSGs), security lists, and route tables allow the intended traffic flow. Oracle recommends that you create your load balancer in a regional subnet.
Oracle recommends that you distribute your backend servers across all availability domains within the region.

NEW QUESTION 15

Your company has been running several small applications in Oracle Cloud Infrastructure and is planning a proof-of-concept (POC) to deploy PeopleSoft.
If your existing resources are being maintained in the root compartment, what is the recommended approach for defining security for the upcoming POC?

• A. Create a new compartment for the POC and grant appropriate permissions to create and manage resources within the compartment.
• B. Provision all new resources into the root compartmen
• C. Grant permissions that only allow for creation and management of resources specific to the POC.
• D. Provision all new resources into the root compartmen
• E. Use defined tags to separate resources that belong to different applications.
• F. Create a new tenancy for the PO
• G. Provision all new resources into the root compartmen
• H. Grant appropriate permissions to create and manage resources within the root compartment.

Answer: A

Explanation:
If your organization is small, or if you are still in the proof-of-concept stage of evaluating OracleCloud Infrastructure, consider placing all of your resources in the root compartment (tenancy). This approach makes it easy for you to quickly view and manage all your resources. You can still write policies and create groups to restrict permissions on specific resources to only the users who need access.If you plan to maintain all your resources in the root compartment, we recommend setting up aseparate sandbox compartment to give users a dedicated space to try out features. In the sandbox compartment, you can grant users permissions to create and manage resources, whilemaintaining stricter permissions on the resources in your tenancy (root) compartment.
https://www.oracle.com/a/ocom/docs/best-practices-for-iam-on-oci.pdf

NEW QUESTION 16

You deployed a database on a Standard Compute instance in Oracle Cloud Infrastructure (OCI) due to cost concerns. The database requires additional storage with high I/O and you decided to use OCI Block Volume service for it.
With this requirement in mind, which elastic performance option should you choose for the Block Volume?

• A. Balanced Performance
• B. Higher performance
• C. Extreme performance
• D. Lower cost

Answer: B

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Concepts/blockvolumeperformance.htm

NEW QUESTION 17

You have a shared file system between two web servers using File Storage Service (FSS) and you were tasked to create a backup plan for this environment to protect the data placed into the shared file system.
What is the recommended approach to create this backup using FSS features?

• A. Implement a backup policy to execute a snapshot of the shared volume.
• B. Implement a backup policy to copy data from the shared volume to object storage.
• C. Compress the data that is in the shared volume and copy it into a different folder on the boot volume disk.
• D. Use the rsync tool to send data from the shared volume to a boot volume disk.
• E. Use the rsync tool to send data from the shared volume to a block volume.

Answer: A

NEW QUESTION 18

Which two components cannot be deleted in your Oracle Cloud Infrastructure Virtual Cloud Network?
(Choose two.)

• A. Service gateway
• B. Default security list
• C. Routing gateway
• D. Default route table
• E. Default subnet

Answer: BD

Explanation:
Reference: https://www.oracle.com/a/ocom/docs/vcn-deployment-guide.pdf (4)

NEW QUESTION 19

Which statement is true about Oracle Cloud Infrastructure Object Storage Service?

• A. An Archive Object Storage tier bucket can be upgraded to the Standard Object Storage tier.
• B. You cannot directly download an object from an Archive Object Storage bucket.
• C. An existing Standard Object Storage tier bucket can be downgraded to the Archive Object Storage tier.
• D. Data retrieval in Archive Object Storage is instantaneous.

Answer: B

NEW QUESTION 20

There are multiple options of migrating Oracle Databases from on-premises to Oracle Cloud Infrastructure.
Which two characteristics do you need to consider when choosing a migration method? (Choose two.)

• A. On-premises database character set and application version
• B. On-premises database version and quantity of data, including indexes
• C. On-premises host operating system platform and network bandwidth
• D. On-premises connectivity using remote and local VCN peering

Answer: BC

Explanation:
References: https://docs.cloud.oracle.com/iaas/Content/Database/Tasks/migrating.htm Some of the characteristics and factors to consider when choosing a migration method are:
On-premises database versionDatabase service database versionOn-premises host operating system and versionOn-premises database character setQuantity of data, including indexesData types used in the
on-premises databaseStorage for data stagingAcceptable length of system outageNetwork bandwidth

NEW QUESTION 21

Your company decided to move a few applications to Oracle Cloud Infrastructure (OCI) in the US West (us-phoenix-1) region.
You need to design a cloud-based disaster recovery (DR) solution with a requirement to deploy the DR resources in the US East (us-ashburn-1) region to minimize network latency.
What is the recommended deployment?

• A. Deploy production and DR applications in two separate virtual cloud networks (VCNs), each in different regions, and then use VCN local peering gateways for connectivity.
• B. Deploy production and DR applications in two separate VCNs, each in different region
• C. Connect them using a VCN remote peering connection.
• D. Deploy production and DR applications in the same VC
• E. Create production subnets in one AD, and DR subnets in another AD (assume a multi-AD region).
• F. Deploy production and DR applications in two separate VCNs in different availability domains (ADs) within the primary region, and then use a VCN remote peering connection for connectivity.

Answer: A

Explanation:
Remote VCN peering is the process of connecting two VCNs in different regions
The peering allows the VCNs' resources to communicate using private IP addresses without routing the traffic over the internet or through your on-premises network.

NEW QUESTION 22

You are about to upload log file (5 TiB size) to Oracle Cloud Infrastructure object storage and have decided to use multipart upload capability for a more efficient and resilient upload.
Which two statements are true about multipart upload? (Choose two.)

• A. Individual object parts can be as small as 10 MiB or as large as 50 GiB
• B. While a multipart upload is still active, you cannot add parts even if the total number of parts is less than 10,000
• C. The maximum size for an uploaded object is 10 TiB
• D. You do not have to commit the upload after you have uploaded all the object parts

Answer: AC

Explanation:
With multipart upload, you split the object you want to upload into individual parts. Individual parts can be as large as 50 GiB or as small as 10 MiB. (Object Storage waives the minimum part size restriction for the last uploaded part.) Decide what part number you want to use for each part. Part numbers can range from 1 to 10,000. You do not need to assign contiguous numbers, but Object Storage constructs the object by ordering part numbers in ascending order.
The maximum size for an uploaded object is 10 TiB
While a multipart upload is still active, you can keep adding parts as long as the total number is less than 10,000.
https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Tasks/usingmultipartuploads.htm

NEW QUESTION 23

Which two are Regional resources in Oracle Cloud Infrastructure? (Choose two.)

• A. Ephemeral public IPs
• B. Compartments
• C. Compute images
• D. Dynamic groups
• E. Block volume backups

Answer: BD

Explanation:
Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm

NEW QUESTION 24
......