Certbus > Oracle > Oracle Cloud > 1Z0-1067-21 > 1Z0-1067-21 Online Practice Questions and Answers

1Z0-1067-21 Online Practice Questions and Answers

Questions 4

You have a web application running on Oracle Cloud Infrastructure (OCI) that lets users log in with a username and password. You notice that an attacker has tried to use SQL comment “--" to alter the database query, remove the password check and log in as a user. You decide to prevent any future attacks.

Which of the following OCI services or features would you choose to safeguard your application? (Choose the best answer.)

A. Network Security Group

B. Data Safe

C. Web Application Framework (WAF)

D. Vault

Browse 55 Q&As
Questions 5

Which two statements about the Oracle Cloud Infrastructure (OCI) Command Line Interface (CLI) are TRUE? (Choose two.)

A. You can run CLI commands from inside OCI Regions only.

B. You can filter CLI output using the JMESPath query option for JSON.

C. The CLI provides an automatic way to connect with instances provisioned on OCI.

D. The CLI allows you to use the Python language to interact with OCI APIs.

E. The CLI provides the same core functionality as the Console, plus additional commands.

Browse 55 Q&As
Questions 6

You have a Linux compute instance located in a public subnet in a VCN which hosts a web application. The security list attached to subnet containing the compute instance has the following stateful ingress rule.

The Route table attached to the Public subnet is shown below. You can establish an SSH connection into the compute instance from the internet. However, you are not able to connect to the web server using your web browser.

Which step will resolve the issue? (Choose the best answer.)

A. In the route table, add a rule for your default traffic to be routed to NAT gateway.

B. In the security list, add an ingress rule for port 80 (http).

C. In the security list, remove the ssh rule.

D. In the route table, add a rule for your default traffic to be routed to service gateway.

Browse 55 Q&As
Questions 7

Your company recently adopted a hybrid cloud architecture which requires them to migrate some of their on-premises web applications to Oracle Cloud Infrastructure (OCI). You created a Terraform template which automatically provisions OCI resources such as compute instances, load balancer, and a database instance. After running the stack using the terraform apply command, it successfully launched the compute instances and the load balancer, but it failed to create a new database instance with the following error:

Service error: NotAuthorizedOrNotFound. shape VM.Standard2.4 not found. http status code: 404

You discovered that the resource quotas assigned to your compartment prevent you from using VM.Standard2.4 instance shapes available in your tenancy. You edit the Terraform script and replace the shape with VM.Standard2.2

Which option would you recommend to re-run the terraform command to have required OCI resources provisioned with the least effort? (Choose the best answer.)

A. terraform plan –target=oci_database_db_system.db_system

B. terraform apply –auto-approve

C. terraform refresh –target=oci_database_db_system.db_system

D. terraform apply –target=oci_database_db_system.db_system

Browse 55 Q&As
Questions 8

You have the following compartment structure within your company's Oracle Cloud Infrastructure (OCI) tenancy:

You want to create a policy in the root compartment to allow SystemAdmins to manage VCNs only in CompartmentC.

Which policy is correct? (Choose the best answer.)

A. Allow group SystemAdmins to manage virtual-network-family in compartment CompartmentB:CompartmentC

B. Allow group SystemAdmins to manage virtual-network-family in compartment Root

C. Allow group SystemAdmins to manage virtual-network-family in compartment CompartmentA:CompartmentB:CompartmentC

D. Allow group SystemAdmins to manage virtual-network-family in compartment CompartmentC

Browse 55 Q&As
Questions 9

Which two statements are TRUE about Object Storage data security and encryption in Oracle Cloud Infrastructure (OCI)? (Choose two.)

A. Client-side encryption is managed by the customer.

B. Data needs to be decrypted on the client side before retrieving it.

C. OCI Vault Management is used by default to provide data security.

D. All traffic to and from Object Storage service is encrypted using TLS.

E. A VPN connection to OCI is required to ensure secure data transfer to an object storage bucket.

Browse 55 Q&As
Questions 10

You are using Oracle Cloud Infrastructure (OCI) console to set up an alarm on a budget to track your OCI spending.

Which two are valid targets for creating a budget in OCI? (Choose two.)

A. Select group as the type of target for your budget.

B. Select Tenancy as the type of target for your budget.

C. Select user as the type of target for your budget.

D. Select Cost-Tracking Tags as the type of target for your budget.

E. Select Compartment as the type of target for your budget.

Browse 55 Q&As
Questions 11

You have been contracted by a local e-commerce company to assist with enhancing their online shopping application. The application is currently deployed in a single Oracle Cloud Infrastructure (OCI) region. The application utilizes a public load balancer, application servers in a private subnet, and a database in a separate, private subnet.

The company would like to deploy another set of similar infrastructure in a different OCI region that will act as standby site. In the event of a failure at the primary site, all customers should be routed to the failover site automatically.

After deploying the additional infrastructure within the second region, how should you configure automated failover requirements? (Choose the best answer.)

A. Create a load balancer policy in the Traffic Management service. Configure one answer for each site. Set the answer for the primary site with a weight of 10 and the answer for the secondary site with a weight of 100.

B. Create a new A record in DNS that points to the public load balancer at the secondary site. Create a CNAME for the sub-domain failover that will resolve to the new A record. Inform customers to prepend the website URL with failover if the primary site is unavailable.

C. Create a failover policy in the Traffic Management service. Set the IP address of the public load balancer for the primary site in answer pool 1. Set the IP address of the public load balancer for the secondary site in answer pool 2. Define a health check to monitor both sites.

D. Deploy a new load balancer in the primary region. Create one backend set for the primary application servers and a second backend set for the standby application servers. Create a listener for the primary backend set with a timeout of 3 minutes. Create a listener for the secondary backend set with a timeout of 10 minutes.

Browse 55 Q&As
Questions 12

You are working with Terraform on your laptop and have been tasked with spinning up multiple compute instances in Oracle Cloud Infrastructure (OCI) for a project. In addition, you are also required to collect IP

addresses of provisioned instances and write them to a file and save it in your laptop. Which specific Terraform functionality can help accomplish this task? (Choose the best answer.)

A. Terraform modules

B. Terraform remote state

C. Terraform local-exec

D. Terraform remote-exec

Browse 55 Q&As
Questions 13

You have created the following JSON file to specify a lifecycle policy for one of your object storage buckets:

How will this policy affect the objects that are stored in the bucket? (Choose the best answer.)

A. Objects with the prefix “LOGS” will be retained for 120 days and then deleted permanently.

B. Objects containing the name prefix LOGS will be automatically migrated from standard Storage to Archive storage 30 days after the creation date. The object will be deleted 120 days after creation.

C. The objects with prefix “LOGS” will be deleted 30 days after creation date.

D. Objects containing the name prefix LOGS will be automatically migrated from standard Storage to Archive storage 30 days after the creation date. The object will be migrated back to standard Storage 120 days after creation.

Browse 55 Q&As
Questions 14

You are using Oracle Cloud Infrastructure (OCI) services across several regions: us-phoenix-1, usashburn-1, uk-london-1 and ap-tokyo-1. You have creates a separate administrator group for each region: PHX-Admins, ASH-Admins, LHR-Admins and NRT-Admins, respectively.

You want to restrict admin access to a specific region. E.g., PHX-Admins should be able to manage all resources in the us-phoenix-1 region only and not any other OCI regions.

What IAM policy syntax is required to restrict PHX-Admins to manage OCI resources in the us-phoenix-1 region only? (Choose the best answer.)

A. Allow group PHX-Admins to manage all-resources in tenancy where request.region= ‘phx’

B. Allow group PHX-Admins to manage all-resources in tenancy where request.permission= ‘phx’

C. Allow group PHX-Admins to manage all-resources in tenancy where request.target= ‘phx’

D. Allow group PHX-Admins to manage all-resources in tenancy where request.location= ‘phx’

Browse 55 Q&As
Questions 15

You have been asked to update the lifecycle policy for object storage using the Oracle Cloud Infrastructure (OCI) Command Line Interface (CLI).

Which command can successfully update the policy? (Choose the best answer.)

A. oci os object-lifecycle-policy delete –ns –bn

B. oci os object-lifecycle-policy put –ns –bn

C. oci os object-lifecycle-policy put –ns –bn – –items

D. oci os object-lifecycle-policy get –ns –bn

Browse 55 Q&As
Questions 16

Multiple teams are sharing a tenancy in Oracle Cloud Infrastructure (OCI). You are asked to figure out an appropriate method to manage OCI costs.

Which is NOT a valid technique to accurately attribute costs to resources used by each team? (Choose the best answer.)

A. Create a Cost-Tracking tag. Apply this tag to all resources with team information. Use the OCI cost analysis tools to filter costs by tags.

B. Create separate compartment for each team. Use the OCI cost analysis tools to filter costs by compartment.

C. Create an Identity and Access Management (IAM) group for each team. Create an OCI budget for each group to track spending.

D. Define and use tags for resources used by each team. Analyze usage data from the OCI Usage Report which has detailed information about resources and tags.

Browse 55 Q&As
Questions 17

You have been asked to investigate a potential security risk on your company's Oracle Cloud Infrastructure (OCI) tenancy. You decide to start by looking through the audit logs for suspicious activity.

How can you retrieve the audit logs using the OCI Command Line Interface (CLI)? (Choose the best answer.)

A. oci audit event list –-end-time $end-time –-compartment-id $compartment-id

B. oci audit event list –-start-time $start-time –-compartment-id $compartment-id

C. oci audit event list –-start-time $start-time –-end-time $end-time –-compartment-id $compartment-id

D. oci audit event list –-start-time $start-time –-end-time $end–time –-tenancy-id $tenancy–id

Browse 55 Q&As
Questions 18

A subscriber of an Oracle Cloud Infrastructure (OCI) Notifications service topic complained about not receiving messages from the service.

Which option can help you debug this issue? (Choose the best answer.)

A. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service drops the message. Confirm that the subscriber is always online to receive messages to help debug the issue.

B. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, check the NumberOfNotificationFailed metric through the OCI Monitoring service for failed messages. Copy these messages to an OCI Object Storage bucket. Make sure the subscriber has the required credentials to access this bucket to help debug the issue.

C. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service tries to redeliver messages for up to one day. Make sure that the subscriber is online at least once a day to help debug the issue.

D. If OCI Notifications service does not receive an acknowledgement from a subscription endpoint, the service tries to redeliver messages for up to two hours. Configure an alarm on the NumberOfNotificationFailed metric through the OCI Monitoring service to help debug the issue.

Browse 55 Q&As
Exam Code: 1Z0-1067-21
Exam Name: Oracle Cloud Infrastructure 2021 Cloud Operations Associate
Last Update: Mar 19, 2024
Questions: 55 Q&As

PDF

$45.99

VCE

$49.99

PDF + VCE

$59.99