oracle 1z0-1067-21 practice test
Oracle Cloud Infrastructure 2021 Cloud Operations Associate Exam
Question 1
An insurance company has contracted you to help automate their application business continuity
plan. They have the application running in eu-frankfurt-1 as the primary site and uk-london-1 as a
disaster recovery site. Normally they have a DNS A record associated with the IP address of the
primary endpoint in eu-frankfurt-1. In the event of a disaster, they use OCI DNS Zone Management to
update the A record and replace it with the IP address of the endpoint in uk-londond-1.
How can you automate the failover process? (Choose the best answer.)
-
A. Didn’t include anything in user_data.
-
A. Create a Health Check that evaluates both regional endpoints. Create a Traffic Management Steering policy with Failover type and associate it with the Health Check.
-
B. Wrote a custom script which tried to install GPU drivers.
-
B. Create a Traffic Management Steering policy with Load Balancer type and add both eu-frankfurt-1 and uk- london-1 endpoints. Attach the Traffic Management Steering policy to the A record.
-
C. Ran a cloudbase-init script instead of cloud-init.
-
C. Provision a Load Balancer in Frankfurt and associate it with the A record in DNS. Create a backend set with backend servers from both eu-frankfurt-1 and uk-london-1 regions.
-
D. Specified a #directive on the first line of your script.
-
D. Create a Traffic Management Steering policy and attach it to a backend servers from both eu- frankfurt-1 and uk-london-1 regions.
Answer:
A
Question 2
Your team implemented a SaaS application that requires a whole system deployment for each new
customer. The infrastructure provisioning is already automated via Terraform, and now you have
been asked to develop an Ansible playbook to centralize configuration file management and
deployment.
What is the most effective way to ensure your playbooks are utilizing up-to-date and accurate
inventory? (Choose the best answer.)
-
A. You need to configure the boot loader to use ttyS0 as a console terminal on the VM.
-
A. Export an inventory list from the Oracle Cloud Infrastructure Web console.
-
B. You need to terminate the running instance and recreate it by providing the SSH key file.
-
B. Export an inventory list using Terraform apply command.
-
C. You need to reboot the instance from the console, boot into the bash shell in maintenance mode, and add SSH keys for the opc user.
-
C. Implement a Command Line Interface script to list all the resources and run it within Ansible to generate a dynamic inventory list.
-
D. You need to modify the serial console connection string to include the identity file flag, –i to specify the SSH key to use.
-
D. Download the dynamic inventory script provided by Oracle Cloud Infrastructure and include it in the playbook invocation command.
Answer:
D
Explanation:
https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/ansibleinventoryscript.htm
Question 3
You are working as a Cloud Operations Administrator for your company. They have different Oracle
Cloud Infrastructure (OCI) tenancies for development and production workloads. Each tenancy has
resources in two regions uk-london-1 and eu-frankfurt-1. You are asked to manage all resources
and to automate all the tasks using OCI Command Line Interface (CLI).
Which is the most efficient method to manage multiple environments using OCI CLI? (Choose the
best answer.)
-
A. Create a network security group, add a stateful rule to allow ingress access on port 443 and associate it to the public subnet that hosts the company website.
-
A. Use OCI CLI profiles to create multiple sets of credentials in your config file, and reference the appropriate profile at runtime.
-
B. In default security list, add a stateful rule to allow ingress access on port 443.
-
B. Create environment variables for the sets of credentials that align to each combination of tenancy, region, and environment.
-
C. Create a new security list with a stateful rule to allow ingress access on port 443 and associate it to the public subnet.
-
C. Run oci setup config to create new credentials for each environment every time you want to access the environment.
-
D. Create a network security group, add a stateful rule to allow ingress access on port 443 and associate it to the instance that hosts the company website.
-
D. Use different bash terminals for each environment.
Answer:
A
Question 4
Security Testing Policy describes when and how you may conduct certain types of security testing of
Oracle Cloud Services, including vulnerability and penetration tests, as well as tests involving data
scraping tools.
What does Oracle allow as part of this testing? (Choose the best answer.)
-
A. Group G2 can now manage instance-families in compartment Project_B and compartment Team_X
-
A. Customers are allowed to use their own testing and monitoring tools.
-
B. Group G1 can now manage instance-families in compartment Project_A, compartment Project_B and compartment Team_X
-
B. Customers can simulate DoS attack scenarios as long as its restricted to the customers own environment.
-
C. Group G1 can now manage instance-families in compartment Project_A but not in compartment Team_x
-
C. Customers can validate that their network resources are isolated from other customer resources.
-
D. Group G2 can now manage instance-families in compartment Project_A but not in compartment Team_x
-
D. Customers are allowed to test Oracle Cloud Infrastructure (OCI) hardware related to resources in their tenancy.
-
E. Group G2 can now manage instance-families in compartment Project_B, compartment Project_A and compartment Team_X
Answer:
A
Explanation:
Using your own monitoring and testing tools, you may conduct penetration and vulnerability tests of
your acquired single-tenant Oracle Infrastructure as a Service (IaaS) offerings
Reference:
https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_testing-
policy.htm
Question 5
You have a 750 MIB file in an Oracle Cloud Infrastructure (OCI) Object Storage bucket. You want to
download the file in multiple parts to speed up the download using the OCI CLI. You also want to
configure each part size to be 128 MIB.
Which is the correct OCI CLI command for this operation? (Choose the best answer.)
-
A. Select group as the type of target for your budget.
-
A. oci os object get –ns my–namespace –bn my–bucket ––name my–large–object –– multipart– download–threshold 750 ––parallel–download–count 128
-
B. Select Tenancy as the type of target for your budget.
-
B. oci os object download –ns my–namespace –bn my–bucket ––name my–large–object –– multipart–download–threshold 750 ––parallel–download–count 128
-
C. Select user as the type of target for your budget.
-
C. oci os object download –ns my–namespace –bn my–bucket ––name my–large–object –– resume– put ––multipart–download–threshold 500 ––part–size 128
-
D. Select Cost-Tracking Tags as the type of target for your budget.
-
D. oci os object get –ns my–namespace –bn my–bucket ––name my–large–object –– multipart– download–threshold 500 ––part–size 128
-
E. Select Compartment as the type of target for your budget.
Answer:
D
Explanation:
https://docs.public.oneportal.content.oci.oraclecloud.com/en-
us/iaas/Content/API/SDKDocs/cliusing.htm
https://docs.oracle.com/en-us/iaas/tools/oci-cli/2.6.15/oci_cli_docs/cmdref/os/object/get.html
Reference:
https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliusing.htm
Question 6
Recently, your e-commerce web application has been receiving significantly more traffic than usual.
Users are reporting they often encounter a 503 Service Error when trying to access your site.
Sometimes the site is very slow.
You check your instance pool configuration to confirm that the maximum number of instances is
configured to allow 20 compute instances. Currently, 14 compute instances have been provisioned by
the instance pool.
You also confirm that current CPU utilization across all hosts exceeds the scale-out threshold you set
in your auto-scaling policy. However, the instance pool is not provisioning any new instances.
What can you check to determine why the application is NOT functioning properly? (Choose the best
answer.)
-
A. Decrease the prefix length of AS for the FastConnect you want to use as PASSIVE connection.
-
A. Verify that the new offer feature code did not introduce any performance bugs.
-
B. Enable BGP on the FastConnect that you want as the ACTIVE connection.
-
B. Verify that the database is accessible.
-
C. Use AS PATH prepending with your routes.
-
C. Verify that the compute resource quota has not been exceeded.
-
D. Adjust one of the connections to have a higher ASN.
-
D. Verify that the Quality Assurance team is not currently performing load-testing against production.
Answer:
C
Question 7
What is a key benefit of using Oracle Cloud Infrastructures Resource Manager for your Terraform
provisioning and management activities? (Choose the best answer.)
-
A. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service drops the message. Confirm that the subscriber is always online to receive messages to help debug the issue.
-
A. You can use Resource Manager to apply patches to all existing Oracle Linux interfaces in a specified compartment.
-
B. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, check the NumberOfNotificationFailed metric through the OCI Monitoring service for failed messages. Copy these messages to an OCI Object Storage bucket. Make sure the subscriber has the required credentials to access this bucket to help debug the issue.
-
B. Resource Manager has administrative privileges by design. Even if your IAM user does not have access, you can leverage Resource Manager to provision new resources to any compartment in the Tenancy.
-
C. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service tries to redeliver messages for up to one day. Make sure that the subscriber is online at least once a day to help debug the issue.
-
C. You can use Resource Manager to identify and maintain an inventory of all Compute and Database instances across your tenancy.
-
D. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service tries to redeliver messages for up to two hours. Configure an alarm on the NumberOfNotificationFailed metric through the OCI Monitoring service to help debug the issue.
-
D. Resource Manager manages to Terraform state file for your infrastructure and locks the file so that only one job at a time can run on a given stack.
Answer:
D
Explanation:
https://docs.oracle.com/en-us/iaas/Content/ResourceManager/Concepts/resourcemanager.htm
A Terraform configuration codifies your infrastructure in declarative configuration files. Resource
Manager allows you to share and manage infrastructure configurations and state files across multiple
teams and platforms. This infrastructure management can't be done with local Terraform
installations and Oracle Terraform modules alone. For more information about the Oracle Cloud
Infrastructure Terraform provider, see Terraform Provider.
Reference:
https://docs.oracle.com/en-us/iaas/Content/ResourceManager/Concepts/
samplecomputeinstance.htm
Question 8
Which technique does NOT help you get the optimal performance out of the Oracle Cloud
Infrastructure (OCI) File Storage service? (Choose the best answer.)
-
A. Load Balancing policy
-
A. Limit access to the same Availability Domain (AD) as the File Storage service where possible.
-
B. Geolocation steering
-
B. Serialize operations to the file system to access consecutive blocks as much as possible.
-
C. ASN steering policy
-
C. Right size compute instances from where file system is accessed based on their network capacity.
-
D. IP Prefix steering
-
D. Increase concurrency by using multiple threads, multiple clients, and multiple mount targets.
Answer:
D
Explanation:
"File Storage performance increases with parallelism. Increase concurrency by using multiple
threads, multiple clients, and multiple mount targets."
Reference:
https://www.oracle.com/a/ocom/docs/cloud/file-storage-performance-guide.pdf
(6)
Question 9
A subscriber of an Oracle Cloud Infrastructure (OCI) Notifications service topic complained about not
receiving messages from the service.
Which option can help you debug this issue? (Choose the best answer.)
-
A. terraform plan –target=oci_database_db_system.db_system
-
A. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service drops the message. Confirm that the subscriber is always online to receive messages to help debug the issue.
-
B. terraform apply –auto-approve
-
B. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, check the NumberOfNotificationFailed metric through the OCI Monitoring service for failed messages. Copy these messages to an OCI Object Storage bucket. Make sure the subscriber has the required credentials to access this bucket to help debug the issue.
-
C. terraform refresh –target=oci_database_db_system.db_system
-
C. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service tries to redeliver messages for up to one day. Make sure that the subscriber is online at least once a day to help debug the issue.
-
D. terraform apply –target=oci_database_db_system.db_system
-
D. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service tries to redeliver messages for up to two hours. Configure an alarm on the NumberOfNotificationFailed metric through the OCI Monitoring service to help debug the issue.
Answer:
D
Explanation:
https://www.oracle.com/devops/notifications/faq/
When a subscribers endpoint doesnt acknowledge receipt of a message, the service retries
delivery and currently retains the message up to two hours from the time the message is published
to a topic. The service tries to deliver messages within the retention window.
Question 10
You are asked to implement the disaster recovery (DR) and business continuity requirements for
Oracle Cloud Infrastructure (OCI) Block Volumes. Two OCI regions being used: a primary/source
region and a DR/ destination region. The requirements are:
There should be a copy of data in the destination region to use if a region-wide disaster occurs in the
source region
Minimize costs
Which design will help you meet these requirements? (Choose the best answer.)
-
A. oci os object delete –ns vision –bn app–data ––prefix /temp
-
A. Clone block volumes. Use Object Storage lifecycle management to automatically move clone objects to Archive Storage. Copy Archive Storage buckets from source region to destination at regular intervals.
-
B. oci os object bulk-delete –ns vision –bn app–data ––prefix /temp ––force
-
B. Clone block volumes. Copy block volume clones from source region to destination region at regular intervals.
-
C. oci objectstorage bulk–delete –ns vision –bn app–data ––prefix /temp ––force
-
C. Back up block volumes. Copy block volume backups from source region to destination region at regular intervals.
-
D. oci os object delete app-data in vision where prefix = /temp
-
D. Back up block volumes. Use Object Storage lifecycle management to automatically move backup objects to Archive Storage. Copy Archive Storage buckets from source region to destination at regular intervals.
Answer:
C
Explanation:
https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/copyingvolumebackupcrossregion.htm