Questão 1
Questão
Identify the correct statements about PCI Functions service metrics. Select THREE correct answers.
Responda
-
The number of requests to invoke a function that failed with an error response.
-
The number of times a function is invoked.
-
The number of times a function is deleted.
-
The amount of time a function runs for.
Questão 2
Questão
A number of malicious requests for a web application is coming from a set of IP addresses originating from Antartica.
Which of the following statement will help to reduce these types of unauthorized requests ?
Responda
-
Delete NAT Gateway from Virtual Cloud Network
-
Use WAF policy using Access Control Rules
-
List specific set of IP addresses then deny rules in Virtual Cloud Network Security Lists
-
Change your home region in which your resources are currently deployed
Questão 3
Questão
A company’s data center has been hit by a tsunami in Japan which has damaged buildings, although still operational which needs to migrate 377 TB of data to PCI in seventeen days.
The company has 150 mbps internet connectivity but the connection is intermittent due to the damages caused to the electrical grid. Which is the most effective service for this scenario ?
Responda
-
Use object storage multipart to upload data to OCI
-
Establish OCI storage gateway to connect your data center and VCN. Then Upload all data to OCI
-
Establish 1 Gbps fastConnect between your data center and OCI. Use CLI to automate the migration of data to OCI using object storage multipart upload
-
Use numerous OCI Data Transfer appliances to transfer data to OCI
Questão 4
Questão
An automobile company is designing a website to be deployed across multiple PCI for worldwide audience. The target should be that users from each region should access application web servers deployed in their own geographical PCI location. Which feature will help you achieve this goal?
Questão 5
Questão
A global e-commerce company wants to set up durable, cost-effective solution to archive data from on-premises to OCI. What is most feasible way to meet the requirement ?
Responda
-
Use File Storage to copy data from on premise to OCI
-
Setup FastConnect and use rsync tool to copy data to OCI Object Storage Archive Tier
-
Setup on-premise storage gateway which will back up data to OCI Object Storage Standard Tier
-
Setup on-premise storage gateway which will back up data to OCI Object Storage Archive Tier
Questão 6
Questão
A leading e-commerce company announced Black Friday Sale due which they noticed a dramatic increase in the incoming traffic to their e-commerce website. Customer support line is flooded with tickets that the users are getting 503 error (Service Unavailable). What can be the root cause of the issue ?
Responda
-
Database is down since patching of updates is in progress.
-
Web servers are overloaded or down for maintenance and hence unable to answer requests
-
Traffic management policy is using IP prefix steering instead of geolocation steering
-
Internet Gateway is not configured properly between load balancers and web servers
Questão 7
Questão
A global web series company wants to focus on A1 code without worrying about underlying infrastructure for scalability, high-availability, monitoring and security. Users are allowed to upload videos on their website for making reviews. Which OCI services should you recommend?
Responda
-
OCI Functions, OCI Event Service and Object Storage for storing videos
-
OCI Object Storage, OCI Notifications and OKE for deployment of AI Code
-
OCI Functions, OCI Event Service and OCI Resource Manager to manage infrastructure
-
OCI Event Service for videos and OKE for application development
Questão 8
Questão
Operations team is planning to migrate an on premise database to Autonomous Transaction Processing Dedicated.
As a solutions architect, which TWO statements plays a key role during the migration from on-premise legacy database to OCI?
Responda
-
To keep on-premise database online while the migration is in progress use GoldenGate replication
-
To keep the on-premise database active during migration, use data guard
-
Any changes to Oracle stored procedures, views and shipped privileges must be kept
-
Convert on-premise database to PDB, then upgrade to 19c and encrypt
Questão 9
Questão
A company which has multiple departments and use shared PCI tenancy for various projects. As a solutions architect, you need to manage the cost of resources in the tenancy in order to obtain better view of department's usage. Which TWO statements can help you meet the requirement?
Responda
-
Create multiple compartments for each department. Then analyze and track costs
-
Use CLI to send an automated mail to all users whenever the budget meets the threshold
-
Create consolidated budget-tracking tags to analyze costs in a granular manner
-
Create tag default which automatically applies tags to all specified resources created in a compartment. For cost analysis, use these tags
Questão 10
Questão
An online tourism company is hosting a competition where contestants are allowed to upload their videos and photos of the places they have travelled. The online portal must offload the videos and photos to an Object Storage for a duration of 48 hours. After the time has elapsed, the portal will hold all the photos and videos locally. Which statement will help you meet this goal ?
Responda
-
Set up a dynamic group and grant access to the object storage for 48 hours
-
Set up PAR URL for each object uploaded to object storage and grant write permission with an expiraton time of 48 hours
-
Set up PAR URL for entire object storage bucket and grant read permission with an expiration time of 48 hours
-
Set up PAR URL for entire object storage bucket and grant write permission with an expiraton time of 48 hours
Questão 11
Questão
Compartment A policy: Allow group networkadmins to manage subnets in compartment Z Root compartment policy: Allow group admins to read subnets in compartment Dev: A: Z Compartment Z is moved, and now It's parent compartment is C.
Which TWO IAM policies would be required to ensure both groups have the same permissions to compartment Z that is had before?
Responda
-
Define a policy in compartment C : allow group networkadmins to read subnets in compartments Z
-
Define a policy in UAT compartment: allow group networkadmins to manage subnets in compartment C : Z
-
Define a policy in root compartment: allow group admins to read subnets in compartment UAT: C : Z
-
Define a policy in root compartment : allow group admins to manage subnets in compartment Dev: A: Z
Questão 12
Questão
An e-commerce company is running Black Friday sale for limited period of time. During first day of promotion, the website was running slow and customer support is flooded with complaints. What can be the TWO reasons for this scenario?
Responda
-
Backend servers was restarting during that time as load balancer health check failed
-
The load balancer has taken some of servers temporarily out of rotation as health check on few backend servers has failed
-
Load balancer dynamically changed the servers to a larger shape so that more incoming traffic can be handled and due this website was slow for short duration
-
There is no room for scaling out as autoscaling has scaled to maximum number of instances as specified in the configuration
Questão 13
Questão
An automobile company needs OCI Object Storage for storing data for sales records.
--Data must be encrypted at rest and should not get transmit over the public Internet.
-- Data must be retained for 7 years and should be accessible within 3 hours if data is less than 2 years old.
Which TWO statements will satisfy the requirement of the automobile company ?
Responda
-
Configure a public peering virtual circuit and set up a FastConnect link to the nearest OCI region
-
Configure o private peering virtual circuit and set up a FastConnect link to the nearest OCI region
-
Configure a lifecycle policy for object storage standard bucket to delete any object older than 5 years
-
Configure a lifecycle policy for object storage standard bucket to move objects to archive tier for objects older than 2 years
Questão 14
Questão
With regard to OCI Event Service, which of statement is NOT best use case?
Responda
-
Upon function execution, trigger a notification
-
Initiate autoscaling of compute instance and capture monitoring alarms
-
Upon longer task completion, publish a notification
-
When new files arrives in OCI bucket, trigger an OCI function
Questão 15
Questão
An artificial intelligence (AI) company has realised that they have incorrectly picked up a smaller shape for their compute instance which is unable to handle a complex algorithm. As a solutions architect, how can you help fix the issue?
Responda
-
Instance shape is permanent and changing of instance shape is not supported
-
Delete the instance with smaller shape and then spin up a new instance with larger shape
-
Stop all applications running on the first to prevent data loss then change the shape of instance without reboot
-
Using change shape feature from OCI console, change the shape of the VM instance
Questão 16
Questão
An IT company needs to ensure that the data stored by It’s application is high available, scalable and disaster resilient. In the even of failure of the application which is deployed over numerous availability domains, the RPO & RTO should be less than 3 hours.
Which strategy will help you to achieve the above requirements ?
Responda
-
Using OCI CU, automate and configure hourly block volume backup
-
Using OCI Storage Gateway, configure hourly block volume backup
-
Using user defined backup policy, schedule block volume backups for daily backups
-
Using user defined backup policy, schedule block volume backups for hourly backups
Questão 17
Questão
Which of the following statement is INCORRECT about private access to services in PCI?
Responda
-
Private endpoint cannot be used for hosts in the on-prem network
-
Within your VCN private endpoint gives hosts access to a given services
-
Request from an OCI compute instance going via service gateway to object storage is routed without being sent over the internet
-
Private access can be enabled to certain services from VCN using either service gateway or a private endpoint
Questão 18
Questão
An automobile company is having multiple instances which do not have public IP addresses and are running In private subnet Inside a VCN spread among two avilabllity domain. Monitoring is enabled for instances and you find out that instances cannot be auto scaled inspite of setting up the autoscaling feature.
What can be the root cause of the problem ?
Responda
-
Autoscaling can only be set up for single availability domain
-
Set up Service Gateway so that metrics can be send to OCI monitoring service
-
Autoscaling works only for instances having public IP addresss
-
Reserved public IP needs to be assigned for the compute instances
Questão 19
Questão
Which of the following statement is INCORRECT about block volumes?
Responda
-
If a block volume attached to on instance as read only then it can only be attached to other instance as read-only
-
read-only block volumes are configured by default as shareable
-
Block volume from one instance can be deleted without detaching it from other instances so that other instances can use the storage for time being
-
Block volume already attached to on instance as write/read non-shareable then it can’t be attached to another instance until the block volume is detached from first instance
Questão 20
Questão
Compartment Z contains compute instances which is moved to Compartment B. The VCN into which the compute instances was deployed previously also resides in it.
What will be the result of moving compute instance to new compartment?
Responda
-
Move will fall db VCN needs to be moved first
-
VNIC associated with the compute instance needs to be also moved after moving the compute instance
-
The compute instance’s private and public IP will change. Moving compute instance to new compartment will be successful
-
The compute instance’s private and public IP will remain as it is. Moving compute instance to new compartment will be successful
Questão 21
Questão
An automobile company has customers from two major geographical regions: Antartica and Africa. The requirement is as follows:
-- Antartica customers should be served by app running in Antartica & Africa customers should be served by app running In Africa which should be available 24X7 to avoid any outages.
-- Solution must be resilient in case of regional outages and should be fault tolerant.
Which solution will meet the above requirement with lowest latency?
Responda
-
Geolocation steering policy, OCI DNS
-
Failover steering policy, OCI DNS
-
Geolocation steering policy with health checks, OCI DNS
-
Failover steering policy with health checks, OCI DNS
Questão 22
Questão
An application is running on a non-resilient crash-consistent backup which has block volume attached to an instance in paravirtualized mode.
How can you backup the block volume in a cost-friendly and secure manner?
Responda
-
Create a clone, detach the block volume and save application data
-
Save application data first then detach the block volume and finally create a backup
-
Save application data first then detach the block volume and finally create a clone
-
First create volume group, then add the boot volume and finally run the volume group backup
Questão 23
Questão
When planning for a database migration from on-premise to PCI, which additional factors should be taken Into considerations apart from database character set, storage for data staging, acceptable length of system outage and database version ?
Select TWO correct answers
Responda
-
On-premise database data type usage
-
Total number of connections active
-
Host operating system and version used in on-premises
-
Top 7 longest running queries
Questão 24
Questão
A company is migrating an application from on-premise to PCI which needs zero downtime when the migration is in progress. The company decided to divert 20% of the traffic to new application in PCI and rest 80% traffic to on-premises.
How can the above requirement be met?
Responda
-
Establish VPN connectivity between OCI and on prem and use route tables
-
Using Load Balancer to distribute the traffic between OCI and on-premise
-
Using traffic management with failover steering policy to distribute traffic between on-prem and OCI
-
Using traffic management with load balancer steering policy to distribute traffic between on-prem and OCI
Questão 25
Questão
Asa solutions architect, you need to copy the latest data from production environment to Development environment as quickly as possible to carry out some urgent tasks as instructed by your manager. The size of data to be copied is 100 GB from an autonomous database in OCI. Which steps should you recommend to the operations team for this activity?
Responda
-
Use data pump utility to export data from production and import data to dev environment
-
Create a non-production database using a full clone of production autonomous database
-
Use ZDM to export data from production and import data to dev environment
-
Create a non production database using a full database backup or production autonomous database
Questão 26
Questão
Which of the statement is INCORRECT about autoscaling?
Responda
-
Cooldown duration between autoscaling events stabilizes the system at updated level
-
Autoscaling needs an instance pool as a pre-requisite
-
Autoscaling works on performance metrics like CPU utilization
-
Instances are terminated in the following order: the number of instances across availability domain is balanced, and then balanced across fault domains. The newest instance in the fault domain is terminated first
Questão 27
Questão
As a solutions architect, you need to assist operations team to write an 1AM policy to give users in group-uatl and group-uat2 access to manage all resources in the compartment Uat Which is the CORRECT 1AM policy?
Responda
-
Allow any-user to manage all resources in tenancy where target.compartment= Uat
-
Allow any-user to manage all resources in compartment Uat where request.group=/group-uat*/
-
Allow group /group-uat*/ to manage all resources in compartment Uat
-
Allow group group-uatl group-uat2 to manage all resources in compartment Uat
Questão 28
Questão
A company is currently running an application in Azure and want to implement Oracle Autonomous Data warehouse (ADW) instance for running e-commerce analytics services which should be secure.
As a solutions architect, how can you achieve this goal?
Responda
-
Connect Azure Vnet to Oracle ADW in your VCN via internet
-
Use data transfer appliance to transfer the data from Azure to Oracle ADW
-
Establish an interconnect between Azure and OCI using Fastconnect and ExpressRoute. Use Service Gateway in OCI VCN to establish connectivity to Oracle ADW instance
-
Establish an interconnect between Azure and OCI using Directconnect and ExpressRoute. Use Service Gateway in OCI VCN to establish connectivity to Oracle ADW instance
Questão 29
Questão
Database backup failed for OCI 2-node RAC DB systems on virtual machines. What can be the possible reason for failed backup status?
Responda
-
Incorrect auth token is used by Object Store Swift endpoints
-
Versioning mismatch between RMAN backup and database being used
-
Allocated storage on OCI object storage attached with the full database
-
Master key stored in OCI Key Management is inaccessible for backup service
Questão 30
Questão
What are the use case of Autonomous Transaction Processing Serverless (ATP-S) ? Select TWO use case scenario.
Responda
-
An e-commerce company migrating its DynamoDB database to OCI
-
Manufacturing company using new applications which requires a database to store customers transactions
-
An automobile company migrating Oracle e business suite to OCI
-
A start up company which needs to use a database during office hours but doesn’t need during weekends
Questão 31
Questão
What is the correct IAM policy which allows VolGroup group to copy boot volume backup; to another region?
Responda
-
Allow group VolGroup to inspect volumes in tenancy where request.permission='BOOT_VOLUME_BACKUP_COPY'
-
Allow group VolGroup to use backups in tenancy where request.permission='BOOT_VOLUME_BACKUP_COPY'
-
Allow group VolGroup to manage volumes in tenancy where request.permission='BOOT_VOLUME_BACKUP_COPY'
-
Allow group VolGroup to copy volumes in tenancy where rcqucst.permission='BOOT_VOLUME_BACKUP_COPY'
Questão 32
Questão
An Oracle function returns a FunctionlnvokelmageNotAvailable message and a 502 error. What can be the root cause of It?
Responda
-
Function is absent in the mentioned location in OCI Registry
-
Current location of the function in OCI Registry is not configured properly in OCI Event Service
-
Current location of the function in OCI Vault is not configured properly in OCI Event Service
-
OCI function is inaccessible as NAT gateway is not configured properly
Questão 33
Questão
Asa solutions architect, how should you configure WAF to protect an application from SQL injection and Cross-Site Scripting (XSS) originating in China?
Responda
-
Protection rule should be enabled to block attacks based on HTTP
-
Protection rule should be enabled to block requests XSS Filters and SQL Categories
-
Access rule should be enabled which contains XSS Filters and SQL Categories
-
Access rule should be enabled to block IP Address range from China
Questão 34
Questão
An e-commerce company needs the following architecture from their on-premise data center to an PCI region:
-- Low latency with Dedicated network bandwidth
-- High Availability with service level redundancy
Which solution is most cost-friendly which meets the above requirement?
Responda
-
Use IPSec VPN as primary connection and another IPSec VPN as secondary connection
-
Use IPSec VPN as primary connection and FastConnect as secondary connection
-
Use FastConnect as primary connection and IPSec VPN as secondary connection
-
Use FastConnect as primary connection and another FastConnect as secondary connection
Questão 35
Questão
Which solution should you implement to stop all data leakage through input forms?
Questão 36
Questão
An e-tourism website uses OCI Functions and OCI Event Service which should create an event whenever an image is uploaded to an PCI Object Storage by it's customers. OCI function is listening to the event and processes the images for facial recognition.
Which TWO statements are NOT essential for the above scenario?
Responda
-
OCI function should be deployed to Kubernetes Engine
-
State changes should be enabled for Object Storage to emit events
-
Facial recognition function should be deployed to recognise faces in the images
-
Event rule cannot be created for Object Storage
Questão 37
Questão
A company needs to enforce a security policy such that credentials used by the web server to allow access to Object Storage must not be stored locally on the compute instance.
As a solutions architect, what should you Implement to achieve this with least effort?
Responda
-
Store credentials in a compute instance which is in the private subnet
-
Use Instance principal to allow API calls to OCI Object Storage
-
Use Transparent Data Encryption to automatically allow API calls to OCI Object Storage
-
Use OCI Key Vault to allow API calls to OCI Object Storage
Questão 38
Questão
A company needs to migrate from on-prem to OCI where database needs to be online without downtime for its clients.
How can you meet the above requirement?
Responda
-
Database will face some downtime during migration
-
Use on-premise database with bi directional synchronization to allow clients to connect only to any one of the database
-
Use on-premise database with one way synchronization to allow clients to connect only to any one of the database
-
Use on-premise database with one-way synchronization to allow clients to connect only to on-premise database until it’s fully synchronized.
Questão 39
Questão
An e-tourism company uses a single bare metal compute instance to store customer’s data such as images and videos in a block volume.
The website becomes unresponsive during promotional sales and attached block volumes are insufficient to store ever growing data by it’s customers.
Which is the highly scalable and most effective statement for this scenario?
Responda
-
Use OCI Object Storage instead of block volume and ingest data using OCI Streaming Service by replacing single bare metal instance and use autoscaling to distribute the task across instances
-
Use Notification Service to distribute tasks across instances in parallel, dynamically adjust to workload using autoscaling. Use more block volumes as volume of data increases
-
Replace Block volume with SSD for quick data access and ingest data using OCI streaming Service by replacing single bare metal instance and use autoscaling to distribute the task across instances
-
Use additional block volume for ever increasing data.Use multiple compute instances instead of single bare metal instance and implement auto scaling to adjust to the changing workloads during promotional sales
Questão 40
Questão
A company needs to establish connectivity between two VCNs using single FastConnect and on-premises In the same region.
As a solutions architect, how can you configure such connectivity ?
Responda
-
Use DRG and create a private virtual circuit for FastConnect connection
-
Use two DRG and two private virtual circuit for FastConnect connection
-
Use remote peering to peer with FastConnect and on-premise environment
-
Use hub-VCN with DRG to establish connectivity with on-premise network over FastConnect
Questão 41
Questão
Operations team encountered the following error while running a Fn Project CLI command : Fn; x509: decryption password Incorrect
As a solutions architect, what step should you take to resolve the above error ?
Responda
-
Check user is authorized to access function related and network resources or not
-
Check credentials specified for the current profile in the ~/.oci/config file are authenticating or not
-
Check pass.phrase specified for your current profile in the ~/.oci/config file
-
groupadd and adduser lines are not added in the DockerFile
Questão 42
Questão
An e-commerce company needs to authenticate with third-party API that don’t support PCI’s signature-based authentication.
What can be the solution for the above scenario?
Questão 43
Questão
An automobile company uses Autonomous Transaction Processing Server!ess (ATP-S) for its application. During peak hours of the day you notice that the application response is very poor. Which TWO solutions should you propose to Improve the application response time?
Responda
-
During peak hours scale up memory and CPU core count
-
Implement auto scaling for CPU on ATP-S databse
-
Scale up CPU capacity and core count throughout the day as per peak hour requirements
-
Note the maximum memory or CPU capacity needed during peak hours of the day and scale up ATP-S database as per the requirement. ATP-S will adjust the memory or CPU when not needed
Questão 44
Questão
Which statements are TRUE regarding User Data on Images in Oracle Cloud Infrastructure ? Select TWO correct answers.
Responda
-
On Windows images custom user data scripts are executed using cloud-init
-
On Windows images custom user data scripts are executed using cloudbase-init
-
On Linux images custom user data scripts are executed using cloud-init
-
On Linux images custom user data scripts are executed using cloudbase-init
Questão 45
Questão
DevOps team encountered the following error while running a DockerFile : cx.Oracle.PatabaseError: QRA-12560: TNS:protocol adapter error
As a solutions architect, what step should you take to resolve the above error ?
Responda
-
Check user is authorized to access function related and network resources or not in DockerFile
-
Check credentials specified for the current profile in the ~/.oci/config file are authenticating or not
-
Check pass_pharse specified for your current profile in the ~/.oci/config file in DockerFile
-
groupadd and adduser lines are not added in the DockerFile
Questão 46
Questão
Which VCN configuration is CORRECT with regard to VCN peering within a same region ?
Responda
-
12.0.0.0/16 and 194.168.0.0/16
-
12.0.0.0/16 and 12.0.0.0/16
-
194.168.0.0/24 and 194.168.0.0/24
-
194.168.0.0/24 and 194.168.0.0/16
Questão 47
Questão
A company needs File System based application to be mounted In the /Document folder on the Linux file system which needs to store logs, transaction data and durable data storage which needs to be accessible from all the application servers. The solution should require low maintenance and needs to survive two or more fault domain failures.
Which is the appropriate architecture for storage based on the scenario?
Responda
-
Mount the file system in /Document and use FSS to operate from all availability domains
-
Store the Data on Object Storage and mount at /Document mount point
-
Use one instance NFS share and mount on /Document on application instances
-
Use NVMe disk attached to the instances and configure RAID 0 between servers
Questão 48
Questão
An e-commerce company needs to deploy Maximum Availability Architecture for its database workload which should ensure best possible RPO and RTO, to prevent any data loss while configuring Oracle Data Guard.
Which solution will achieve the above requirement?
Responda
-
Implement "Maximum RPO & RTO" mode to prevent data loss if primary database fails
-
Implement "Maximum Availability” mode in ASYNC mode between different regions and SYNC mode between availability domains in the same region
-
Implement "Maximum Performance” mode in ASYNC mode between different regions and SYNC mode between availability domains in the same region
-
Implement "Maximum Durability" mode to prevent data loss if primary database fails
Questão 49
Questão
An AI/ML company has provisioned eight BM.GPU4.8 and four VM.Standard3.Flex across two availability domains equally distributed in sa-saopaulo-1. You found out that four VM.Standard3.Flex is running at its full CPU utilization while eight BM.GPU4.8 has underutilised CPU capacity despite of using a Load Balancer.
Which Is most effective solution for instance utilization while keeping cost constraints?
Responda
-
Turn off the load balancer and route traffic only to BM.GPU4.8
-
Terminate BM.GPU4.8 instances and instead provision more VM.Standard3.Flex as its cheaper
-
Use autoscaling instance pool to add more VM.Standard3.Flex to balance CPU Utilization
-
Implement weight round robin policy using load balancer to distribute the traffic such that more weight is assigned to BM.GPU4.8
Questão 50
Questão
Which statements are CORRECT about Object Storage Multipart upload ? Select TWO correct answers.
Responda
-
You can list information for an individual object part in an active multipart upload
-
Individual parts can be as large as 50 GiB
-
Each part should be assigned contiguos number
-
You can restart a failed upload for an individual part due to network issues