(2024) 1z0-1072-23 Exam Dumps, Practice Test Questions BUNDLE PACK
Oracle Cloud Certification 1z0-1072-23 Sample Questions Reliable
NEW QUESTION # 13
Which statement is TRUE about delegating an existing domain to the Oracle Cloud Infrastructure (OCI) DNS service?
- A. Domains can be delegated to OCI DNS from the OCI Marketplace.
- B. Domains can be self-delegated to OCI DNS from its own service portal.
- C. Domains can be delegated to OCI DNS via FastConnect partners.
- D. Domains can be delegated to OCI DNS from the Domain Registrar's self-service portal.
- E. All domains can be retrieved to OCI DNS via DYN.
Answer: D
Explanation:
Domains can be delegated to OCI DNS from the Domain Registrar's self-service portal. The explanation is that delegating a domain to OCI DNS means that you are transferring the authority to resolve DNS queries for your domain from your current DNS provider to OCI DNS. To delegate a domain to OCI DNS, you need to create a zone in OCI DNS that matches your domain name and add any records that you want to serve from OCI DNS. Then, you need to update the name servers for your domain at your Domain Registrar's self-service portal with the name servers provided by OCI DNS. This will point your domain to OCI DNS and allow it to resolve DNS queries for your domain.
NEW QUESTION # 14
Which TWO statements are TRUE about Private IP addresses in Oracle Cloud Infrastructure (OCI)?
- A. A private IP can have an optional public IP assigned to it if it resides in a public subnet.
- B. By default, the primary VNIC of an instance in a subnet has one primary private IP address.
- C. By default, the primary VNIC of an instance in a subnet has one primary private IP address and one secondary private IP address.
- D. Each VNIC can only have one private IP address.
Answer: A,B
Explanation:
Explanation
By default, the primary VNIC of an instance in a subnet has one primary private IP address. A private IP can have an optional public IP assigned to it if it resides in a public subnet. The explanation is that a private IP address is an IPv4 address that is assigned to a VNIC and belongs to the CIDR block of the VCN or subnet.
By default, the primary VNIC of an instance in a subnet has one primary private IP address, which is automatically assigned by OCI and cannot be changed. However, you can also assign secondary private IP addresses to a VNIC, either manually or automatically, up to a maximum of 31 per VNIC. A private IP address can have an optional public IP address assigned to it, which allows the instance to communicate with the internet. A public IP address can be either ephemeral or reserved, depending on whether you want to keep it after stopping or terminating the instance. A private IP address can only have a public IP address assigned to it if it resides in a public subnet, which means that the subnet's route table has a route rule that directs traffic to the internet gateway.
NEW QUESTION # 15
Which is NOT a valid Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) approach?
- A. Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges.
- B. Use OCI tags to tag VCN resources so that all resources follow organizational tagging/naming conventions.
- C. Private subnets should ideally have individual route tables to control the flow of traffic within and outside of VCN.
- D. Ensure not all IP addresses are allocated at once within a VCN or subnet; instead reserve some IP addresses for future use.
Answer: A
Explanation:
Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges. The explanation is that a VCN CIDR prefix is the range of IPv4 addresses that can be used within the VCN and its subnets. The VCN CIDR prefix should not overlap with other VCNs in your tenancy or with your organization's private IP network ranges, as this can cause routing conflicts and connectivity issues. You should choose a VCN CIDR prefix that is large enough to accommodate your current and future needs, but not too large to waste IP addresses. You can use any of the private IPv4 address ranges specified in RFC 1918 for your VCN CIDR prefix.
NEW QUESTION # 16
Your DevOps team needs to interconnect the on-premises network to the Oracle Cloud Infrastructure(OCI)resources, such as a managed database that resides in a private subnet. Theyindicate that they have a lowbudget and their bandwidth requirements are minimal, so you decide that a site-to-site VPN is the best option.
They provide you with their router public IP address. You need to create an object in OCI that represents thisrouter. Which object would you create?
- A. Bastion Host
- B. Internet Gateway
- C. Customer Premises Equipment (CPE)
- D. Dynamic Routing Gateway (DRG)
- E. IPSec Tunnel
- F. Virtual Network Interface Card (vNIC)
Answer: C
Explanation:
Explanation
Customer Premises Equipment (CPE). The explanation is that CPE is an object in OCI that represents your on-premises router or VPN device that connects to your VCN via a site-to-site VPN. A site-to-site VPN is a secure and encrypted connection between your on-premises network and your VCN over the public internet.
To set up a site-to-site VPN, you need to create a CPE object with your router's public IP address and other information, such as vendor and platform. You also need to create a Dynamic Routing Gateway (DRG) object in your VCN andattach it to your VCN. Then, you need to create an IPSec connection between your CPE and DRG, which will create two redundant VPN tunnels for high availability.
NEW QUESTION # 17
You have objects stored in an OCI Object Storage bucket that you want to share with a partner company. You decide to use pre-authenticated requests to grant access to the objects. Which statement is true about preauthenticated requests?
- A. Deleting a pre-authenticated request does not revoke user access to the associated bucket or object.
- B. Pre-authenticated requests can be used to delete buckets or objects.
- C. You need to provide your OCI credentials to the partner company.
- D. You cannot edit a pre-authenticated request.
Answer: D
Explanation:
Explanation
You cannot edit a pre-authenticated request is a true statement about pre-authenticated requests.
Pre-authenticated requests are URLs that allow users to access objects or buckets in OCI Object Storage without requiring additional authentication or authorization. Pre-authenticated requests can be created with an expiration date and time, and can be used for read or write operations. However, once created, pre-authenticated requests cannot be edited, but can only be deleted or extended. The other statements are false about pre-authenticated requests. References: [Pre-Authenticated Requests]
NEW QUESTION # 18
Which is NOT a valid Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) approach?
- A. Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges.
- B. Use OCI tags to tag VCN resources so that all resources follow organizational tagging/naming conventions.
- C. Private subnets should ideally have individual route tables to control the flow of traffic within and outside of VCN.
- D. Ensure not all IP addresses are allocated at once within a VCN or subnet; instead reserve some IP addresses for future use.
Answer: A
Explanation:
Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges. The explanation is that a VCN CIDR prefix is the range of IPv4 addresses that can be used within the VCN and its subnets. The VCN CIDR prefix should not overlap with other VCNs in your tenancy or with your organization's private IP network ranges, as this can cause routing conflicts and connectivity issues. You should choose a VCN CIDR prefix that is large enough to accommodate your current and future needs, but not too large to waste IP addresses. You can use any of the private IPv4 address ranges specified in RFC 1918 for your VCN CIDR prefix.
NEW QUESTION # 19
You need to set up instance principals so that an application running on an instance can call Oracle Cloud Infrastructure (OCI) public services, without the need to configure user credentials.
A developer in your team has already configured the application built using an OCI SDK to authenticate using the instance principals provider.
Which is NOTa necessary step to complete this set up?
- A. Create a policy granting permissions to the dynamic group to access services in your compartment or tenancy.
- B. Generate Auth Tokens to enable instances in the dynamic group to authenticate with APIs.
- C. Create a dynamic group with matching rules to specify which instances can make API calls against services.
- D. Deploy the application and the SDK to all the instances that belong to the dynamic group.
Answer: B
Explanation:
Generating Auth Tokens to enable instances in the dynamic group to authenticate with APIs is not a necessary step to complete this set up. This is because Auth Tokens are used to authenticate users, not instances, when making API calls to OCI services. Instance principals are a feature that allows instances to authenticate themselves using certificates, without requiring user credentials or Auth Tokens. The other options are necessary steps to complete this set up, as they enable instances in the dynamic group to make API calls against services using instance principals and IAM policies. Reference: [Instance Principals], [Auth Tokens]
NEW QUESTION # 20
You have a block volume created in the US West (Phoenix) region. You enabled Cross Region Replication for thevolume and selected US West (San Jose) as the destination region. Now, you would like to create a new volumefrom the volume replica in the US West (San Jose) region.
What should you do?
- A. Activate the replica.
- B. Initiate the replica.
- C. No action required. By default, the replica is available as a block volume.
- D. Trigger the replica.
Answer: A
Explanation:
Explanation
The explanation is that when you enable Cross Region Replication for a block volume, Object Storage creates a replica of the volume in another region of your choice. The replica is not available as a block volume until you activate it. To activate a replica, you need to select the replica from the Block Storage console and click Activate Replica. This will create a new block volume from the replica in the destination region.
NEW QUESTION # 21
You want to distribute DNS traffic to different endpoints based on the locationof the end user. Which TrafficManagement Steering Policy would you use?
- A. Load Balancer
- B. Failover
- C. IP Prefix
- D. Geolocation
Answer: D
Explanation:
Explanation
The explanation is that geolocation is a type of Traffic Management Steering Policy that allows you to distribute DNS traffic to different endpoints based on the location of the end user. Geolocation steering policies use geolocation data from third-party providers to map end user IP addresses to geographic regions.
You can create rules that specify which endpoints to serve for each region or country, or use a default endpoint for unspecified regions.
NEW QUESTION # 22
When creating an Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) with the VCN wizard, which THREE gateways are created automatically?
- A. Bastion Host
- B. Local Peering Gateway
- C. Internet Gateway
- D. Service Gateway
- E. Dynamic Routing Gateway
- F. Storage Gateway
- G. NAT Gateway
Answer: C,D,G
Explanation:
Internet Gateway, NAT Gateway, and Service Gateway are three gateways that are created automatically when creating a VCN with the VCN wizard. An Internet Gateway allows public traffic between the VCN and the internet. A NAT Gateway allows private traffic from the VCN to access the internet without exposing the VCN resources to incoming internet connections. A Service Gateway allows private traffic from the VCN to access OCI services such as Object Storage, Email Delivery, and Notifications. The other options are not created automatically by the VCN wizard, but can be added manually later if needed. Reference: [VCN Wizard], [Gateways]
NEW QUESTION # 23
You are backing up your on-premises data to the Oracle Cloud Infrastructure (OCI) Object Storage Service.
Your requirements are:
1. Backups need to be retained for at least full 31 days.
2. Data should be accessible immediately if and when needed after the backup.
Which OCI Object Storage tier is suitable for storing the backup to minimize cost?
- A. Standard tier
- B. Auto-Tiering tier
- C. Archive tier
- D. Infrequent Access tier
Answer: D
Explanation:
The explanation is that the Infrequent Access tier is suitable for storing data that is accessed less frequently but requires immediate access when needed. The Infrequent Access tier has lower storage costs than the Standard tier, but higher retrieval costs. The Infrequent Access tier also has a minimum storage duration of 30 days, which means that you will be charged for at least 30 days of storage even if you delete or move the data before that period.
NEW QUESTION # 24
You are part of an organization with thousands of users accessing Oracle Cloud Infrastructure (OCI). An unknown user action was executed resulting in configuration errors. You are tasked to quickly identify the details of all users who were active in the last six hours along with any REST API calls that were executed.
Which OCI service would you use?
- A. Audit
- B. Service Connectors
- C. Logging
- D. Notifications
- E. Notifications
Answer: A
Explanation:
Audit is the OCI service that would help identify the details of all users who were active in the last six hours along with any REST API calls that were executed. Audit is a service that records all API calls and other actions taken by or on behalf of users in OCI. It can be used to track user activity, monitor compliance, and troubleshoot issues. The other options are not suitable for this task. Reference: [Audit]
NEW QUESTION # 25
You want to create a policy to allow the NetworkAdmins group to manage Virtual Cloud Network (VCN) in compartment C. You want to attach this policy to the tenancy. The compartment hierarchy is shown below.
Which policy statement can be used to accomplish this task?
- A. Allow group NetworkAdmins to manage virtual-network-family in tenancy
- B. Allow group NetworkAdmins to manage virtual-network-family in compartment A:B:C
- C. Allow group NetworkAdmins to manage virtual-network-family in compartment C
- D. Allow group NetworkAdmins to manage virtual-network-family in compartment B:C
Answer: B
Explanation:
Allow group NetworkAdmins to manage virtual-network-family in compartment A:B:C. The explanation is that when you attach a policy to the tenancy, you need to specify the full path of the compartment where you want to grant permissions. In this case, the compartment C is a sub-compartment of compartment B, which is a sub-compartment of compartment A, which is a sub-compartment of the root compartment (tenancy). Therefore, the full path of compartment C is A:B:C. The virtual-network-family resource type includes all the resources related to VCN, such as subnets, route tables, security lists, gateways, etc.
NEW QUESTION # 26
Which statement is true about File System Replication in Oracle Cloud Infrastructure (OCI)?
- A. You can replicate the data in one file system to another file system only in the same region.
- B. You cannot specify a replication interval when you create the replication resource.
- C. Only a file system that has been exported can be used as a target file system.
- D. You can replicate the data in one file system to another file system in the same region or a different region.
Answer: D
Explanation:
You can replicate the data in one file system to another file system in the same region or a different region is a true statement about File System Replication in OCI. File System Replication is a feature that allows users to create a copy of a file system in another file system, either within the same region or across regions. This can be useful for disaster recovery, data migration, or data distribution purposes. The other statements are false about File System Replication in OCI. Reference: [File System Replication]
NEW QUESTION # 27
As a network architect you have been tasked with creating a fully redundant connection from your on-premises data center to your Virtual Cloud Network (VCN) in the us-ashburn-1 region.Which TWO options will accomplish this requirement?
- A. Configure two FastConnect virtual circuits to the us-ashburn-1 region and terminate them in diverse hardware on-premises.
- B. Configure one FastConnect virtual circuit to the us-ashburn-1 region and the second FastConnect virtual circuit to the us-phoenix-1 region.
- C. Configure one FastConnect virtual circuit to the us-ashburn-1 region and a Site-to-Site VPN to the usashburn-1 region.
- D. Configure a Site-to-Site VPN from a single on-premises CPE.
Answer: A,C
Explanation:
Configure two FastConnect virtual circuits to the us-ashburn-1 region and terminate them in diverse hardware on-premises. Configure one FastConnect virtual circuit to the us-ashburn-1 region and a Site-to-Site VPN to the us-ashburn-1 region. The explanation is that FastConnect is a service that provides a private and dedicated connection between your on-premises network and your VCN in OCI. FastConnect offers higher bandwidth, lower latency, and more consistent network performance than public internet connections. To create a fully redundant connection from your on-premises data center to your VCN in the us-ashburn-1 region, you can either configure two FastConnect virtual circuits to the same region and terminate them in diverse hardware on-premises, or configure one FastConnect virtual circuit to the region and a Site-to-Site VPN to the same region as a backup option.
NEW QUESTION # 28
As your company's cloud architect, you have been invited by the CEO to join his staff meeting. They want your input on interconnecting Oracle Cloud Infrastructure (OCI) to another cloud provider in London, with some specific requirements:
* They want resources in the other cloud provider to leverage OCI Autonomous Data Warehouse ML capabilities.
* The connection between OCI and the other cloud provider should be provisioned as quickly as possible.
* The connection should offer high bandwidth and predictable performance.
Which other cloud provider should you recommend to interconnect with OCI and meet the above requirements?
- A. Microsoft Azure
- B. OCI
- C. IBM Cloud
- D. Alibaba Cloud
- E. Digital Ocean
- F. Amazon Web Services
- G. Google Cloud
Answer: A
Explanation:
The explanation is that Microsoft Azure is one of the cloud providers that has an interconnect location with OCI in London. This means that you can use OCI FastConnect to establish a private and dedicated connection between OCI and Azure in London, with high bandwidth and predictable performance. This connection can also enable you to leverage OCI Autonomous Data Warehouse ML capabilities from Azure resources, as you can access OCI services across regions using private IP addresses. The interconnect location can be provisioned quickly using the OCI and Azure consoles or APIs.
NEW QUESTION # 29
You want to create a policy to allow the NetworkAdmins group to manageVirtual Cloud Network (VCN) incompartment C.
You want to attach this policy to the tenancy. The compartment hierarchy is shown below.
Which policy statement can be used to accomplish this task?
- A. Allow group NetworkAdmins to manage virtual-network-family in tenancy
- B. Allow group NetworkAdmins to manage virtual-network-family in compartment A:B:C
- C. Allow group NetworkAdmins to manage virtual-network-family in compartment C
- D. Allow group NetworkAdmins to manage virtual-network-family in compartment B:C
Answer: B
Explanation:
Explanation
Allow group NetworkAdmins to manage virtual-network-family in compartment A:B:C. The explanation is that when you attach a policy to the tenancy, you need to specify the full path of the compartment where you want to grant permissions. In this case, the compartment C is a sub-compartment of compartment B, which is a sub-compartment of compartment A, which is a sub-compartment of the root compartment (tenancy).
Therefore, the full path of compartment C is A:B:C. The virtual-network-family resource type includes all the resources related to VCN, such as subnets, route tables, security lists, gateways, etc.
NEW QUESTION # 30
When defining a query for metric data in Monitoring, which field provides the time window for aggregating metric data points plotted on the metric chart?
- A. Interval
- B. Dimension
- C. Statistic
- D. Namespace
Answer: A
Explanation:
Interval is the field that provides the time window for aggregating metric data points plotted on the metric chart. Interval is a parameter that specifies how often metric data points are collected and aggregated by the Monitoring service. For example, an interval of 5 minutes means that metric data points are aggregated every 5 minutes and displayed on the chart. The other options are not fields that provide the time window for aggregating metric data points, but rather other parameters that define the metric query. Reference: [Interval]
NEW QUESTION # 31
You are part of a team that manages a set of workload instances running in an on-premises environment.
TheArchitect team is tasked with designing and configuring Oracle Cloud Infrastructure (OCI) Logging service tocollect logs from these instances. There is a requirement to archive Info-level logging data of these instances intothe OCI Object Storage.
Which TWO features of OCI can help you achieve this?
- A. ObjectCollectionRule
- B. Service Connectors
- C. Agent Configuration
- D. Cloud Agent Plugin
- E. Grouping Function
Answer: B,D
Explanation:
Explanation
Cloud Agent Plugin and Service Connectors are two features of OCI that can help collect logs from on-premises instances and archive them into OCI Object Storage. Cloud Agent Plugin is a component of the OCI Logging service that can be installed on any Linux or Windows instance to collect logs and send them to OCI. Service Connectors are components of the OCI Service Connector Hub that can transfer data between different OCI services, such as Logging and Object Storage. The other options are not relevant for this requirement. References: [Cloud Agent Plugin], [Service Connectors]
NEW QUESTION # 32
Which TWO are key benefits of setting up Site-to-Site VPN on Oracle Cloud Infrastructure (OCI)?
- A. When setting up Site-to-Site VPN, customers can expect bandwidth above 2 Gbps.
- B. When setting up Site-to-Site VPN, OCI provisions redundant VPN tunnels.
- C. When setting up Site-to-Site VPN, it creates a private connection that provides consistent network experience.
- D. When setting up Site-to-Site VPN, customers can configure it to use static or dynamic routing (BGP).
Answer: B,D
Explanation:
When setting up Site-to-Site VPN, customers can configure it to use static or dynamic routing (BGP). When setting up Site-to-Site VPN, OCI provisions redundant VPN tunnels. The explanation is that Site-to-Site VPN is a secure and encrypted connection between your on-premises network and your Virtual Cloud Network (VCN) in OCI over the public internet. When setting up Site-to-Site VPN, you can choose to use static routing or dynamic routing (Border Gateway Protocol or BGP) to exchange routes between your network and OCI. OCI also provisions two redundant VPN tunnels for each Site-to-Site VPN connection to provide high availability and failover.
NEW QUESTION # 33
......
Oracle 1z0-1072-23 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
Prepare for the Actual Oracle Cloud 1z0-1072-23 Exam Practice Materials Collection: https://examtorrent.actualtests4sure.com/1z0-1072-23-practice-quiz.html
