NEW QUESTION 1

You are working as a cloud engineer for an IoT startup company which is developing a health monitoring pet collar for dogs and cats. The company collects
biometric Information of the pet every second and then sends it to Oracle Cloud Infrastructure (OCI)
Your task is to come up with an architecture which will accept and process the monitoring data as well as provide complete trends and health reports to the pet
owners. The portal should be highly available, durable, and scalable with an additional feature for showing real time biometric data analytics.
which architecture will help you meet this requirement?

A. Use OCI Streaming Service to collect the incoming biometric dat

B. Use Oracle Functions to process the date and show the results on a real-time dashboard and store the results lo OCI Object Storage Store the data In OCI
Autonomous Data warehouse (ADW) to handle analytics.
C. Launch an open source Hadoop cluster to collect the Incoming biometrics data Use an Open source Fluentd cluster to analyze the- data me results to OCI
Autonomous Transaction Processing (ADW)to handle complex analytics
D. Create an OCI Object Storage bucket to collect the incoming biometric data from the smart pet collar Fetch the data horn OC\ Object storage to OCI
Autonomous Data Warehouse (ADW) every day and run analytics Jobs with it
E. Use OCI Streaming Service to collect the incoming biometric dat
F. Use an open source Hadoop cluster to analyze the data horn streaming servic
G. Store the results to OCI Autonomous Data warehouse (ADW) to handle complex analytics.

Answer: A

NEW QUESTION 2
You are working as a security consultant with a global insurance organization which is using Microsoft Azure Active Directory as an identity provider to manage
user login/passwords. When a user logs in to Oracle Cloud Infrastructure (OCI) console, it should get authenticated by Azure AD.
Which set of steps are required to be configured in OCI to meet this requirement?

A. Setup Azure AD as an Identity Provider, import users and groups from Azure AD to OCI, set up IAM policies to govern access to Azure AD groups.
B. Setup Azure AD as an Enterprise Application, configure OCI for single sign-on, map Azure AD groups to OCI groups, set up the IAM policies to govern access
to Azure AD groups.
C. Setup Azure AD as an Enterprise Application, map Azure AD users, groups and policies to OCI groups and users.
D. Setup Azure AD as an Identity Provider, map Azure AD groups to OCI groups, set up the IAM policies to govern access to Azure AD groups.

Answer: D

NEW QUESTION 3

You are responsible for migrating your on-premises legacy databases on 11.2.0.4 version to Autonomous Transaction Processing - Dedicated (ATP-D) in Oracle
Cloud Infrastructure (OCI). As a solution architect, you need to plan your migration approach.
Which three options do you need to implement together to migrate your on-premises databases to OCI?

A. Retain all legacy structures and unsupported features (e.

B. legacy LOBs) in the on-premises databases for migration.
C. Use Oracle Data Guard to keep on-premises database always active during migration.
D. Launch Autonomous Transaction Processing - Dedicated database in OCI.
E. Retain changes to Oracle shipped privileges, stored procedures or views in the on-premises databases.
F. Convert on-premises databases to PDB, upgrade to 19c, and encrypt.
G. Use Oracle GoldenGate replication to keep on-premises database online during migration.

Answer: CEF

NEW QUESTION 4
You are running a legacy application in a compute instance on Oracle Cloud Infrastructure (OCI). To provide enough space for it to store internal data, a block
volume is attached to the instance in paravirtualized mode.
Your application is not resilient to crash-consistent backup.
What should you do to backup the block volume in a secure and cost effective way? (Choose the best answer.)

A. Save your application data, detach the block volume and create a clone.
B. Create a volume group, add the boot volume and then run the volume group backup.
C. Create a backup, detach the block volume and save your application data.
D. Save your application data, detach the block volume and create a backup.

Answer: D

NEW QUESTION 5
You want to automate the processing of new Image files to generate thumbnails. the expected rate is 10 new files every hour.
Which of the following is the most cost effective option to meet this requirement in Oracle Cloud Infrastructure (OCI)?

A. Upload files to an OCI Object storage bucke

B. Every time a file is uploaded, an event is emitte
C. Write a rule to filter these events with an action to trigger a function in Oracle Function
D. The function processes the image in the file and stores the thumbnails back in an Object storage bucket.
E. Upload files to an OCI Object storage bucke
F. Every time a file is uploaded, trigger an event with an action to provision a compute instance with a cloud-init script to access the file, process it and store it back
in an Object storage bucke
G. Terminate the instance using Autoscaling policy after the processing is finished.
H. Build a web application to ingest the files and save them to a NoSQL Databas
I. Configure OCI Events service to trigger a notification using Oracle Notification Service (ONS). ONS invokes a custom application to process the image files to
generate thumbnail
J. Store thumbnails in a NoSQL Database table.
K. Upload all files to an Oracle Streaming Service (OSS) strea
L. Set up a cron job to invoke a function in Oracle Functions to fetch data from the strea
M. Invoke another function to process the image files and generate thumbnail
N. Store thumbnails in another OSS stream.

Answer: A

Explanation:

You can invoke a function that you've deployed to Oracle Functions by triggered by an event in the Events service when update the Object storage to fetch the
data then the function can process the File and store back to Object storage

NEW QUESTION 6
You are working on the migration of the web application infrastructure of your company from on-premises to Oracle Cloud Infrastructure. You need to ensure that
the DNS cache entries of external clients will not direct them to the on-premises infrastructure after switching to the new infrastructure.
Which of the following options will minimize this problem?

A. Reduce the TTL of the DNS records after the switch.

B. DNS changes propagate fast enough that it is not necessary to take any action.
C. Increase the TTL of the DNS records before the switch.
D. Increase the TTL of the DNS records after the switch.
E. Reduce the TTL of the DNS records before the switch.

Answer: E

NEW QUESTION 7
Which of the following is NOT a good use case for using the functionality available in the Oracle Cloud Infrastructure (OCI) Events service?

A. Publish all events in a specific compartment to Oracle Streaming service for later analysis.
B. Triggers Function using Oracle Functions when new files are uploaded in an OCI Object Storage bucket.
C. Publish a notification when long lived tasks complete, such as OCI Autonomous Database backup completion.
D. Capture Monitoring Alarms and invoke Autoscaling of compute instances.
E. Trigger a notification when a function completes its execution.

Answer: D

NEW QUESTION 8
Your security team has informed you that there are a number of malicious requests for your web application coming from a set of IP addresses originating from a
country in Europe.
Which of the following methods can be used to mitigate these type of unauthorized requests?

A. Web Application Firewall policy using access control rules

B. Deny rules in Virtual Cloud Network Security Group for the specific set of IP addresses.
C. Delete Internet Gateway from Virtual Cloud Network.
D. Deny rules in Virtual Cloud Network Security Lists for the specific set of IP addresses.

Answer: A

NEW QUESTION 9

As an administrator you want to give users of ObjectWriters group full access to bucket Bucket-A and its objects in compartment comp-images. You want users of
ObjectWriters to not be able to access or modify properties of any other buckets and its objects in the compartment comp-images.
Select the statement(s) below that will best define your IAM policies.

A. Allow group ObjectWriters to mange buckets in compartment comp- imagesAllow group ObjectWriters to manage objects in compartment comp-images where
target.bucket.name=
B. Allow group ObjectWriters to manage buckets in compartment comp-images where target.bucket.name=' Bucket-A'
C. Allow group ObjectWriters to inspect buckets in compartment comp-imagesAllow group ObjectWriters to read buckets in compartment comp-images where
target.bucket.name=' Bucket-A"Allow group ObjectWriters to manage objects in compartment comp-images where target.bucket.name=' Bucket-A'
D. Allow group ObjectWritexs to read buckets in compartmentcomp-imagesAllow group ObjectWriters to manage objects in compartment comp- images where
target.bucket.name= 'Bucket-A'

Answer: C

NEW QUESTION 10

You are tasked with building a highly available, fault tolerant web application for your current employer. The security team is concerned about an increase in
malicious web-based attacks across the internet and asked what you can do to add a higher level of security to the website.
How should you architect the solution on Oracle Cloud Infrastructure (OCI) to meet all requirements defined by your organization? (Choose the best answer.)

A. Deploy at least 3 web application servers, each in a different fault domain, using a regional private subne
B. Place a public load balancer in a regional public subnet and create a backend set for all of the web application server
C. Deploy a Web Application Firewall (WAF) and configure the load balancer public IP address as the origin.
D. Deploy at least 3 web application servers, each in a different fault domain, using a regional private subne
E. Place a public load balancer in a regional public subnet and create a backend set for all of the web application server
F. Create a Geolocation steering policy in Traffic Management and add an answer pool that directs to the public IP address of the load balance
G. Configure a global catch-all rule to use this answer pool.
H. Deploy at least 3 web application servers, each in a different fault domain, using a regional public subne
I. Ensure that each web application server is assigned a public IP addres
J. Deploy a Web Application Firewall (WAF) and configure one Origin for each public IP address.
K. Deploy at least 3 web application servers, each in a different fault domain, using a regional public subne
L. Use the OCI Traffic Management service to create a load balancing policy that will resolve DNS evenly between all web servers.

Answer: A

NEW QUESTION 10
Your company developed a function that needs to access the Oracle Database to inject some data to it at runtime. You are tasked to move this function to the
Oracle Cloud Infrastructure (OCI) and use Oracle Functions and access Oracle Autonomous Database. You created a Dockerfile below to run this function,
however, you are getting this error "cx_Oracle.DatabaseError: ORA""12560: TNS:protocol adapter error".

What should you do to make sure that Oracle Functions can run this Dockerfile properly? (Choose the best answer.)

A. Add these two lines to your Dockerfile: groupadd """"gid 1000 fn && \ adduser """"uid 1000 """"gid fn fn
B. Use """"privileged flag while running the Docker container to add runtime privilege
C. Use """"cap""add=ALL flag while running the Docker container to add runtime capability
D. You ned to run this Container as root, so add this line: USER root

Answer: A

Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionsrunningasunprivileged.htm

NEW QUESTION 14
You have decided to migrate your application to Oracle Cloud Infrastructure and use Oracle Functions to deploy your microservices.
Which monitoring metrics are available to help you calculate your total cost for using Oracle Functions per month? (Choose Two)

A. Amount of RAM used by your functions.

B. Length of time a function runs.
C. Number of times a function is invoked.
D. Amount of storage used by your functions.
E. Network bandwidth used by your functions.

Answer: BC
NEW QUESTION 17

You work for a large bank where your main application is a payment processing gateway API. You deployed the application on Oracle Container Engine for
Kubernetes (OKE) and used API Gateway with several policies to control the access of the API endpoint. However, your customers are complaining about the
unavailability of the API endpoint. Upon checking, you
noticed that the Gateway URL is throwing Service
Unavailable error. You need to check the backend latency and backend responses when this error started last night.
What should you do to get this data? (Choose the best answer.)

A. Check with the application owner and search the log file for the container to get the metrics from the log file.
B. Go to Governance Menu and click on Audit to see the Audit log for the API Gatewa
C. Filter it using Start and End date with a 503 response status.
D. Go to Developer Services and click on API Gatewa
E. Go to the detail page of the gateway and select Metric
F. Change the Start and End time to filter the metrics.
G. Go to Monitoring and click on Service Metric
H. Choose the Metric Namespace as oci_apigateway.Change the Start and End time accordingl
I. Add a Dimension and select httpStatusCode: 503. Check the backend latency and backend responses metric.

Answer: D

Explanation:
https://medium.com/oracledevs/using-oci-monitoring-healthchecks-to-schedule-execution-of-serverless-function

NEW QUESTION 21
Which three scenarios are suitable for the Oracle Infrastructure (OCI) Autonomous transaction Processing Server less (ATP-S) deployment?

A. well established, online auction marketplace is running an application where there is database usage 24×7 but also has peaks of activity that the hard to predict
when the peaks happen, the total activities may reach 3 times the normal activity level (Correct)
B. A small startup is deploying a new application fen eCommerce and it requires database to store customers' transactions the team b of what the load will look like
since it is a new applicatio
C. (Correct)
D. A midsize company is considering migrating its legacy on premises MongoDB database to Oracle Cloud Infrastructure (OCI). The database has significantly
higher workloads on weekends than weekdays
E. A developer working on an Internal project needs to use a database during work hours but doesn't need It during nights or weekend
F. the project budget requires her to keep costs lo
G. (Correct)
H. A manufacturing company is running Oracle E-Business Suite application on premise
I. They are looking to move this application to OCI and they want to use a managed database offering for their database tier.

Answer: ABD

Explanation:
MongoDB is a cross-platform document-oriented database program. Classified as a NoSQL database program, MongoDB uses JSON-like documents with
schema, so the best to be migrated to Oracle NoSQL Database.
https://blogs.oracle.com/nosql/migrate-mongodb-data-to-oracle-nosql-database
Autonomous transaction Processing Serverless (ATP-S) isn't supported yet for EBS database

NEW QUESTION 26
A global retailer is setting up the cloud architecture to be deployed in Oracle Cloud infrastructure (OCI) which will have thousands of users from two major
geographical regions: North America and Asia Pacific. The requirements of the services are:
* Service needs to be available 27/7 to avoid any business disruption
* North American customers should be served by application running In North American regions
* Asia Pacific customers should be served by applications running In Asia Pacific regions
* Must be resilient enough to handle the outage of an entire OCI region

A. OCl DNS, Traffic Management with Failover steering policy

B. OCl DNS, Traffic Management with Geolocation steering polic
C. Health Checks
D. OCl DNS, Traffic Management with Geolocation steering policy
E. OCl DNS,' Traffic Management with Load Balancer steering policy, Health Checks

Answer: B

Explanation:
GEOLOCATION STEERING
Geolocation steering policies distribute DNS traffic to different endpoints based on the location of the end user. Customers can define geographic regions
composed of originating continent, countries or states/provinces (North America) and define a separate endpoint or set of endpoints for each region. Combine with
Oracle Health Checks to fail over from one region to another
NEW QUESTION 28
A fast growing E-commerce company has deployed their online shopping application on Oracle Cloud Infrastructure. The application was deployed on compute
instances with Autoscaling configuration for application servers fronted by a load balancer and OCI Autonomous Transaction Processing (ATP) in the backend. In
order to promote their e-commerce platform 50% discount was announced on all the products for a limited period. During the day 1 of promotional period it was
observed that the application is running slow and company's hotline is flooded with complaints.
What could be two possible reasons for this situation?

A. The health check on some of the backend servers has failed and the load balancer has taken those servers temporarily out of rotation.
B. As part of Autoscaling, the load balancer shape has dynamically changed to a larger shape to handlemore incoming traffic and the system was slow for a short
time during this change.
C. The health check on some of the backend servers has failed and the load balancer was rebooting these servers.
D. Autoscaling has already scaled to the maximum number of instances specified in the configuration and there is no room for scaling further.

Answer: AD

NEW QUESTION 30
You are trying to troubleshoot the configuration of your Oracle Cloud Infrastructure (OCI) Load Balancing service. You have a backend HTTP service for which you
have created a backend set in the load balancer. You have configured health checks for the backend set. Although the health checks appear good, customers
sometimes experience transaction failures.
Which of the following options will definitely lead to this problem?

A. You are NOT using regional subnets in your Virtual Cloud Networ
B. With Availability Domain (AD) specific subne
C. the compute instances of the backend service running in the subnet have issues when the AD is down.
D. You are using OCI Domain Name Syste
E. You have misconfigured the 'A' record with the wrong IP address leading to requests not getting routed correctly.
F. You are using iSCI for block volume attachment to the compute instances in your backed HTTP service.TCP/IP configuration of your block volume attachment is
not configured correctly, leading to issues in your backend service.
G. You are running a TCP-level health check against your HTTP servic
H. The TCP handshake can succeed and indicate that the service is up even when the HTTP service has issues.

Answer: D

NEW QUESTION 35
You are working as a cloud consultant for a major media company. In the US and your client requested to consolidate all of their log streams, access logs,
application logs, and security logs into a single system.
The client wants to analyze all of their logs In real-time based on heuristics and the result should be validated as well. This validation process requires going back
to data samples extracted from the last 8 hours.
What approach should you take for this scenario?

A. Create an auto scaling pool of syslog-enabled servers using compute instances which will store the logs In Object storage, then use map reduce jobs to extract
logs from Object storage, and apply heuristics on the logs.
B. Create a bare-metal instance big enough to host a syslog enabled server to process the logs and store logs on the locally attached NVMe SSDs for rapid
retrieval of logs when needed.
C. Set up an OCI Audit service and ingest all the API arils from Audit service pragmatically to a client side application to apply heuristics and save the result in an
OCI Object storage.
D. Stream all the logs and cloud events of Events service to Oracle Streaming Servic
E. Build a client process that will apply heuristics on the logs and store them in an Object Storage.

Answer: D

Explanation:

The Oracle Cloud Infrastructure Streaming service provides a fully managed, scalable, and durable storage solution for ingesting continuous, high-volume streams
of data that you can consume and process in real time. Streaming can be used for messaging, ingesting high-volume data such as application logs, operational
telemetry, web click-stream data, or other use cases in which data is produced and processed continually and sequentially in a publish-subscribe messaging
model.
Streaming Usage Scenarios
Here are some of the many possible uses for Streaming:
Metric and log ingestion: Use the Streaming service as an alternative for traditional file-scraping approaches to help make critical operational data more quickly
available for indexing, analysis, and visualization.
Messaging: Use Streaming to decouple components of large systems. Streaming provides a pull/bufferbased communication model with sufficient capacity to
flatten load spikes and the ability to feed multiple consumers with the same data independently. Key-scoped ordering and guaranteed durability provide reliable
primitives to implement various messaging patterns, while high throughput potential allows for such a system to scale well.
Web/Mobile activity data ingestion: Use Streaming for capturing activity from websites or mobile apps (such
as page views, searches, or other actions users may take). This information can be used for realtime monitoring and analytics, as well as in data warehousing
systems for offline processing and reporting.
Infrastructure and apps event processing: Use Streaming as a unified entry point for cloud components to report their life cycle events for audit, accounting, and
related activities.

NEW QUESTION 39
By copying block volume backups to another region at regular intervals, it makes it easier for you to rebuild applications and data in the destination region if a
region-wide disaster occurs in the source region.
Which IAM Policy statement allows the VolumeAdmins group to copy volume backups between regions '

A. Allow group VolumeAdmins to use volumes in tenancy

B. Allow group VolumeAdmins to copy volume' backups in tenancy
C. Allow group VolumeAdmins to manage volume-family In tenancy
D. Allow group VolumeAdmins to inspect volumes in tenancy

Answer: C

Explanation:

The backups feature of the Oracle Cloud Infrastructure Block Volume service lets you make a point-intime snapshot of the data on a block volume.These backups
can then be restored to new volumes either immediately after a backup or at a later time that you choose.
You can copy block volume backups between regions using the Console, command line interface (CLI), SDKs, or REST APIs.
To copy volume backups between regions, you must have permission to read and copy volume backups in the source region, and permission to create volume
backups in the destination region.
to do all things with block storage volumes, volume backups, and volume groups in all compartments with the exception of copying volume backups across
regions.
Allow group VolumeAdmins to manage volume-family in tenancy
The aggregate resource type volume-family does not include the VOLUME_BACKUP_COPY permission, so to enable copying volume backups across regions
you need to ensure that you include the third statement in that policy, which is:
Allow group VolumeAdmins to use volume-backups in tenancy where request.permission='VOLUME
_BACKUP_COPY'

NEW QUESTION 41
You are advising the database administrator responsible for managing non-production environment for Oracle Autonomous Database running on Oracle Cloud
Infrastructure. You need to help the database administrator ensure that the non-production environments have a copy of the current data from the production
environment in a manner that is most time-efficient.
Which method should you recommend? (Choose the best answer.)

A. Take a full database backup of the production Autonomous database and create the non-production database from it.
B. Create a metadata clone of the production Autonomous Database and create the non-production database from it.
C. Create a full clone of the production Autonomous Database and create the non-production database from it.
D. Take a Data Pump export of the production Autonomous database and import into the non-production database.

Answer: C

Explanation:
https://www.oracle.com/database/technologies/datawarehouse-bigdata/adb-faqs.html

NEW QUESTION 46
A developer is using Oracle Functions to deploy her code as part of an event-driven solution in Oracle Cloud Infrastructure (OCI). When she invokes her function,
Oracle Functions returns a FunctionlnvokelmageNotAvailable message and a 502 error:

Which of the following options is NOT a plausible reason for this error?

A. Missing or invalid IAM policy to give Oracle Functions read access to images stored for functions in repositories in OCI Registry.
B. The function does not exist in the specified location in OCI Registry.
C. The VCN being used does not have an internet gateway or a service gateway configured for Oracle Functions to be able to access OCI Registry.
D. OCI Events service rule is not configured with the correct location of the function in OCI Registry.

Answer: D
NEW QUESTION 49
You notice that a majority of your Oracle Cloud Infrastructure (OCI) resources like compute instances, block volumes, and load balancers are not tagged. You
have received a mandate from your CIO to add a predefined set of tags to identify owners for respective OCI resources. E.g. if Chris and Larry each create
compute instances in a compartment, the instances that Chris creates include tags that contain his name as the value, while the instances that Larry creates have
his name.
Which option is the simplest way to implement this new tagging requirement?

A. Create a default tag for each compartment, which ensure that appropriate tags are applied at the time of resource creation.
B. Create an OCI Identity and Access Management policy requiring users to tag resources with their user name.
C. Create an OCI Identity and Access Management policy to automatically tag a resource with the user name.
D. Create tag variables to automatically tag a resource with the user name.

Answer: D

NEW QUESTION 53
An Oracle Cloud Infrastructure (OCI) Public Load Balancer's SSL certificate is expiring soon. You noticed the Load Balancer is configured with SSL Termination
only. When the certificate expires, data traffic can be interrupted and security compromised.
What steps do you need to take to prevent this situation?

A. Add the new SSL certificate to the Load Balancer, update backend servers to work with a new certificate and edit listeners so they can use the new certificate
bundle.
B. Add the new SSL certificate to the Load Balancer, update listeners and backend sets so they can use the new certificate bundle.
C. Add the new SSL certificate to the Load Balancer and implement end to end SSL so it can encrypt the traffic from clients all the way to the backend servers.
D. Add the new SSL certificate to the Load Balancer and update backend servers to use the new certificate bundle.
E. Add the new SSL certificate to the Load Balancer and update listeners to use the new certificate bundle.

Answer: A

Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/Balance/Tasks/managingcertificates.htm

NEW QUESTION 55
A startup company is looking for a solution for processing of data transmitted by the IOT devices fitted to transport vehicles that carry frozen foods. The data
should be consumed and processed in real time. The processed data should be archived to OCI Object Storage bucket. and use Autonomous Data warehouse
(ADW) to handle analytics.
Which architecture will help you meet this requirement?

A. Use OCI Streaming Service to collect the incoming biometric dat

B. Use an open source Hadoop cluster to analyze the data horn streaming servic
C. Store the results to OCI Autonomous Data warehouse (ADW) to handle complex analytics
D. Use OCI Streaming Service to collect the incoming biometric dat
E. Use Oracle Functions to process the date and show the results on a real-time dashboard and store the results lo OCI Object Storage Store the data In OCI
Autonomous Data warehouse (ADW) to handle analytics.
F. Create an OCI Object Storage bucket to collect the incoming biometric data from the smart pet collar Fetch the data horn OC\ Object storage to OCI
Autonomous Data Warehouse (ADW) every day and run analytics Jobs with it
G. Launch an open source Hadoop cluster to collect the Incoming biometrics data Use an Open source Fluentd cluster to analyze the- data me results to OCI
Autonomous Transaction Processing (ADW)to handle complex analytics

Answer: B

Explanation:
Real-time processing of high-volume streams of data
- OCI Streaming service provides a fully managed, scalable, durable storage option for continuous, highvolume
streams of data that you can consume and process in real-time
- Use cases
Log and Event data collection Web/Mobile activity data ingestion
IoT Data streaming for processing and alerts
Messaging: use streaming to decouple components of large systems
- Oracle managed service with REST APIs (Create, Put, Get, Delete)
- Integrated Monitoring

NEW QUESTION 58
A civil engineering company is running an online portal In which engineers can upload there constructions photos, videos, and other digital files.
There is a new requirement for you to implement: the online portal must offload the digital content to an Object Storage bucket for a period of 72 hours. After the
provided time limit has elapsed, the portal will hold all the digital content locally and wait for the next offload period.
Which option fulfills this requirement?

A. Create a pre-authenticated URL for the entire Object Storage bucket to read and list the content with an expiration of 72 hours.
B. Create a pre authenticated URL lot each object that Is uploaded to the Object Storage bucket with an expiration of 72 hours.
C. Create a Dynamic Group with matching rule for the portal compute Instance and grant access to the Object Storage bucket for 72 hours.
D. Create a pre authenticated URL for the entire Object Storage bucket to write content with an expiration of 72 hours.

Answer: D

Explanation:

Pre-authenticated requests provide a way to let users access a bucket or an object without having their own
credentials, as long as the request creator has permission to access those objects.
For example, you can create a request that lets operations support user upload backups to
a bucket without owning API keys. Or, you can create a request that lets a business partner update shared data in a bucket without owning API keys.
When creating a pre-authenticated request, you have the following options:
You can specify the name of a bucket that a pre-authenticated request user has write access to and can upload one or more objects to.
You can specify the name of an object that a pre-authenticated request user can read from, write to, or read from and write to.
Scope and Constraints
Understand the following scope and constraints regarding pre-authenticated requests:
Users can't list bucket contents.
You can create an unlimited number of pre-authenticated requests. There is no time limit to the expiration date that you can set.
You can't edit a pre-authenticated request. If you want to change user access options in response to changing requirements, you must create a new pre-
authenticated request.
The target and actions for a pre-authenticated request are based on the creator's permissions. The request is not, however, bound to the creator's account login
credentials. If the creator's login credentials change, a pre-authenticated request is not affected.
You cannot delete a bucket that has a pre-authenticated request associated with that bucket or with an object in that bucket.

NEW QUESTION 60
You have designed and deployed your Autonomous Data Warehouse (ADW) such that it is accessible from your on-premises data center and servers running on
both private and public networks in Oracle Cloud Infrastructure (OCI).

As you are testing the connectivity to your ADW database from the different access paths, you notice that the server running on the private network is unable to
connect to ADW.
Which two steps do you need to take to enable connectivity from the server on the private network to ADW? (Choose two.)

A. Add an entry in the Security List of the ADW allowing ingress traffic for C10R block 10.2.2.0/24
B. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/: target type of NAT Gateway, add a stateful egress rule to the
security list (associated with the private subnet) with destination of 0.0.0.0./0 and for all IP protocols.
C. Add an entry in the access table list of ASW for CIDR block 10.2.2.0/24.
D. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0./0; target type of internet Gateway, add a stateful egress in the
security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols.
E. Add an entry in the access control list of ADW for IP address 129.146.160.11

Answer: BE

Explanation:
There are 3 connections to ADW
* 1- Connecting to (ADW) from Public Internet
* 2- Connecting to ADW (via NAT or Service Gateway) from a server running on a private subnet in OCI (in the same tenancy)
* 3- Connecting to ADW (via internet Gateway) from a server running on a public subnet in OCI (in the same tenancy

NEW QUESTION 63
A cloud consultant is working on implementation project on OCI. As part of the compliance requirements, the objects placed in object storage should be
automatically archived first and then deleted. He is testing a Lifecycle Policy on Object Storage and created a policy as below:
[ { "name": "Archive_doc", "action": "ARCHIVE", "objectNameFilter": { "inclusionPrefixes": "doc"] }, "timeAmount": 5, "timeunit": "DAYS", "isEnabled": true },
{ "name": "Delete_doc", "action": "DELETE", "objectNameFilter": "inclusionPrefixes": [ "doc"] 1."timeAmount": 5, "timeunit": "DAYS", "isEnabled": true }
What will happen after this policy is applied?

A. All objects with names starting with "doc" will be deleted after 5 days of object creation
B. All the objects having file extension ".doc" will be archived for 5 days and will be deleted 10 days after object creation
C. All the objects having file extension ".doc" will be archived 5 days after object creation
D. All the objects with names starting with "doc" will be archived 5 days after object creation and will be deleted 5 days after archival

Answer: A

Explanation:
Object Lifecycle Management works by defining rules that instruct Object Storage to archive or delete objects on your behalf within a given bucket. A bucket's
lifecycle rules are collectively known as an object lifecycle policy.
You can use a rule to either archive or delete objects and specify the number of days until the specified action is taken.
A rule that deletes an object always takes priority over a rule that would archive that same object.

NEW QUESTION 65
You have configured backups for your Oracle Cloud Infrastructure (OCI) 2-node RAC DB systems on virtual machines. In the console, the database backup
displays a Failed status.
Which of the following options is the most likely reason for this backup issue?

A. The master key stored in OCI Key Management for encryption and decryption of data in the database is not accessible to the backup service.
B. The auth token being used by the Object Store Swift endpoint is incorrect.
C. The allocated storage on the OCI File Storage service file system attached with the database is full.
D. The RMAN backup agent is not compatible with the version of database being used.

Answer: B

NEW QUESTION 69
An OCI Architect is working on a solution consisting of analysis of data from clinical trials of a pharmaceutical company. The data is being stored in OCI
Autonomous Data Warehouse (ADW) having 8 CPU Cores and 70 TB of storage. The architect is planning to setup autoscaling to respond to dynamic changes in
the workload.
Which of the following needs to be considered while configuring auto scaling? Choose two

A. Enabling auto scaling does not change the concurrency and parallelism settings
B. Auto scaling also scales IO throughput linearly along with CPU
C. The database memory SGA and PGA will not get affected by the changes in the number of CPUs during auto scaling
D. The maximum CPU cores that will be automatically allocated for this database is 16 CPUs

Answer: AB

Explanation:
Auto scaling is enabled by default when you create an Autonomous Database instance or you can use Scale Up/Down on the Oracle Cloud Infrastructure console
to enable or disable auto scaling.
With auto scaling enabled the database can use up to three times more CPU and IO resources than specified by the number of OCPUs currently shown in the
Scale Up/Down dialog. When auto scaling is enabled, if your workload requires additional CPU and IO resources the database automatically uses the resources
without any manual intervention required.
Enabling auto scaling does not change the concurrency and parallelism settings for the predefined services
IO throughput depends on the number of CPUs you provision and scales linearly with the number of CPUs.

NEW QUESTION 72
You are developing a Serverless function for your company's IoT project. This function should access Oracle Cloud Infrastructure (OCI) Object Storage to store
some files. You choose Oracle Functions to deploy this function on OCI. However, your security team doesn't allow you to carry any API Token or RSA Key to
authenticate the function against the OCI API to access the Object Storage.
What should you do to get this function to access OCI Object Storage without carrying any static authentication files? (Choose the best answer.)

A. Option A
B. Option B
C. Option C
D. Option D

Answer: A

Explanation:
https://blogs.oracle.com/cloud-infrastructure/getting-started-with-oracle-functions-and-object-storage

NEW QUESTION 77
You are building a demo for a customer that showcases Oracle Cloud Infrastructure (OCI) Events service and Oracle Functions. You plan to create an event every
time an image is uploaded to an OCI Object Storage bucket. You have also created a function that is listening to the event and processes the image for face
recognition.
Choose the two actions from below that are NOT required to run the demo successfully.
A. You must specify an action type while creating an Event service and specify the function you want to trigger.
B. Creating an event rule is not permitted for OCI Object storage.
C. The function must be deployed only to Oracle Kubernetes Engine (OKE).
D. You have to enable Object Storage buckets to emit events for state changes.
E. You must deploy the function that does facial recognition for the demo to work.

Answer: BC

NEW QUESTION 78
A large financial services company has used 2 types of Oracle DB Systems. In Oracle Cloud Infrastructure (OCI) to store user data. One is running on a
VM.Standard2.8 shape and the other on a VM.Standard 2.4 shape.
As business grows, data is growing rapidly on both the databases and performance is also degrading. The company wants to address this problem with a viable
and economical solution.
As the solution architect for that company you have suggested that they move their databases to Autonomous Transaction Processing Serverless (ATP-S)
database.
Which two factors should you consider before you arrived at that recommendation?

A. You verified that ATP S supports the database features and options currently being used by the 2 databases.
B. Validate that ATP-S will support the storage and processing requirements for the 2 databases over the life cycle of the business applications.
C. Confirm that ATP-S allows customers to compress tablespaces to reduce storage costs
D. Upon provisioning, ATP-S automatically scales up CPU to meet the application's processing requirements.

Answer: AB

Explanation:
Not all features present in Oracle Database Enterprise Edition are available in ATP, and some some Oracle Database features are restricted, for example,
database features designed for administration are not available. so you need to validate it first, You can find a complete list of the features that are not supported,
https://docs.oracle.com/en/cloud/paas/atp-cloud/atpug/experienced-database-users.html#GUID-58EE6599-6DB4
Also, you must specify the initial storage required for your database but ADB is elastic, so it is possible to grow or shrink your database as needed.

NEW QUESTION 79
Which of the below options for private access to services within Oracle Cloud Infrastructure (OCI) is NOT valid?

A. You cannot use the private endpoint for hosts in the on-premises network.
B. Traffic from an OCI compute instance going through a Service Gateway to Object Storage is routed without being sent over the internet.
C. You can enable private access to certain services within OCI from your Virtual Cloud Network by using either a private endpoint or a service gateway.
D. The private endpoint gives hosts within your Virtual Cloud Network access to a given service within Oracle Cloud Infrastructure.

Answer: A

NEW QUESTION 80

A manufacturing company is planning to migrate their on-premises database to Oracle Cloud Infrastructure and has hired you for the migration. Customer has
provided following information regarding their existing on-premises database:
Database version, database character set, storage for data staging, acceptable length of system outage.
What additional information do you need from customer in order to recommend a suitable migration method? (Choose Two)

A. On-Premises host operating system and version.

B. Number of active connections.
C. Data types used in the on-premises database.
D. Elapsed time since database was last patched.
E. Top 5 longest running queries.

Answer: AC

NEW QUESTION 82
Which of the below options is true regarding Oracle Cloud Infrastructure's load balancing service?

A. You can dynamically change the load balancer shape to handle more incoming traffic.
B. The public load balancer applies a floating public IP address to the primary load balancer.
C. When you create a private load balancer, the service requires 2 or more subnets to host both the primary and standby load balancers.
D. A public load balancer is Availability Domain specific in scope.

Answer: B

NEW QUESTION 84
You are responsible for migrating your on premises legacy databases on 11.2.0.4 version to Autonomous Transaction Processing Dedicated (ATP-D) In Oracle
Cloud Infrastructure (OCI). As a solution architect, you need to plan your migration approach.
Which two options do you need to implement together to migrate your on premises databases to OCI?

A. Use Oracle Data Guard to keep on premises database always active during migration
B. Retain changes to Oracle shipped privileges, stored procedures or views In the on-premises databases.
C. Use Oracle GoldenGate replication to keep on premises database online during migration.
D. Convert on-premises databases to PDB, upgrade to 19c, and encrypt Migration.
E. Retain all legacy structures and unsupported features (e.
F. taw U>Bs) In the onuses databases for migration.

Answer: CD
Explanation:
Autonomous Database is an Oracle Managed and Secure environment. A physical database can’t simply be migrated to autonomous because:
- Database must be converted to PDB, upgraded to 19c, and encrypted
- Any changes to Oracle shipped privileges, stored procedures or views must be removed
- All legacy structures and unsupported features must be removed (e.g. legacy LOBs) GoldenGate replication can be used to keep database online during
migration

NEW QUESTION 86
A global retailer has decided to re-design its e-commerce platform to have a micro-services architecture. They would like to decouple application architecture into
smaller, independent services using Oracle Cloud Infrastructure (OCI). They have decided to use both containers and servers technologies to run these
application instances.
Which option should you recommend to build this new platform?

A. Install a kubernetes cluster on OCI and use OCI event service.

B. Use Oracle Container Engine for kubernetes, OCI Registry and OCI Functions.
C. Use OCI Resource Manager to automate compute Instances provisioning and use OCI Streaming service.
D. Use OCI functions, OCI object storage and OCI event service.

Answer: B

Explanation:

Oracle Functions is a fully managed, multi-tenant, highly scalable, on-demand, Functions-as-a-Service platform. It is built on enterprise-grade Oracle Cloud
Infrastructure and powered by the Fn Project open source engine. Use Oracle Functions (sometimes abbreviated to just Functions) when you want to focus on
writing code to meet business needs.

Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully-managed, scalable, and highly available service that you can use to deploy your
containerized applications to the cloud. Use Container Engine for Kubernetes (sometimes abbreviated to just OKE) when your development team wants to reliably
build, deploy, and manage cloud-native applications. You specify the compute resources that your applications require, and Container Engine for Kubernetes
provisions them on Oracle Cloud Infrastructure in an existing OCI tenancy.

NEW QUESTION 90
Your customer has gone through a recent reorganization. As part of this change, they are organizing their Oracle Cloud Infrastructure (OCI) compartment structure
to align with the company's new organizational structure. (Refer to the exhibit)

They have made the following change:

Compartment A is moved, and its new parent compartment is compartment Dev.
Policy defined in compartment A: Allow group G1 to manage instance-family in compartment A
Policy defined in root compartment: Allow group admins to manage instance-family in compartment Ops: Test: A
After the compartment move, which action will provide users of group G1 and admins with similar privileges as before the move?

A. Define the following policy in compartment Dev:Allow group G1 to manage instance-family in compartment A
B. Define the following policies in compartment Dev:Allow group G1 to manage instance-family in compartment AAllow group admins to manage instance-family in
compartment Ops: Dev: A
C. Define the following policy in compartment: Dev:Allow group admins to manage instance-family in compartment Ops: Dev: A
D. Mo change in any policy statement is required as all the policies associated with a compartment being moved is automatically updated

Answer: A

NEW QUESTION 92
Your customer has gone through a recent departmental re structure. As part of this change, they are organizing their Oracle Cloud Infrastructure (OCI)
compartment structure to align with the company's new organizational structure.
They have made the following change:
Compartment x Is moved, and its parent compartment is now compartment c.

Policy defined in compartment A: Allow group networkadmins to manage subnets in compartment X Policy defined in root compartment: Allow group admins to
read subnets in compartment Finance:A:X
After you move the compartment, which two IAM policies would be required to ensure both groups retain the same permissions to compartment X that they had
before? (Choose two.)

A. Define a policy in the root compartment as follows: Allow group admins to manage subnets in compartment Finance:A:X
B. Define a policy in compartment HR as follows: Allow group networkadmins to manage subnets in compartment C:X.
C. Define a policy in the root compartment as follows: Allow group admins to read subnets in compartment HR:C:X
D. Define a policy in compartment C as follows: Allow group networkadmins to read subnets in compartment X

Answer: BC

NEW QUESTION 94
You are tasked with backing up your data using Oracle Cloud Infrastructure Block Volume service. When you are finalizing your block volume backup schedule,
which of the following two are valid
considerations for your backup plan? (Choose Two)

A. Number of stored backups: How many backups you need to keep available and the deletion schedule for those you no longer need.
B. Governance: Tagging of backups so you can capture backup related API calls through the Audit service.
C. Frequency: How often you want to back up your data.
D. Location: Determine the Object Store Bucket where the backups will be stored.
E. Encryption: Whether to use your own key to encrypt your volume backups.

Answer: AC

NEW QUESTION 95
A retail company has recently adopted a hybrid architecture. They have the following requirements for their end-to-end Connectivity model between their on-
premises data center and Oracle Cloud Infrastructure (OC1) region
* Highly available connection with service level redundancy
* Dedicated network bandwidth with low latency
Which connectivity setup is the most cost effective solution for this scenario?

A. Setup IPsec VPN as your primary connection, and a FastConnect virtual circuit as a backup connection.Use separate edge devices in your on-premises data
canter for each connection from your edge devices, advertise more specific routes IPSec VPN, and specific routes through the backup FastConnect virtual circuit.
B. Setup FastConnect virtual circuit as your primary connection, and a second FastConnect virtual circuit as a backup connectio
C. Use separate edge devices in your FastConnect physical connectivity is redundant Use a single edge device in your on premises data center for each
connection From yc device, advertise more specific routes via primary FastConnect virtual circuit, and less specific routes through t backup FastConnect circuit.
D. Setup FastConnect virtual circuit as your primary connection, and an IPSec VPN as a backup connectio
E. Use separate edge devices in your on-premises data center for each connectio
F. From your edge devices, advertise more specific routes through FastConnect virtual circuit, and more specific routes through the backup IPSec VPN path.
G. Setup IPSec VPN as your primary connection, and a second IPSec VPN as a backup connectio
H. Use separate edge devices in your on p data center for each connectio
I. From your edge devices, advertise more specific routes via primary IPSec VP
J. and less specific rod the backup IPSec VPN.

Answer: D

Explanation:
there are two main requirements for this Customer
First Highly available connection with service level redundancy and that can achieve by
3- Redundant FastConnect

NEW QUESTION 100

You are a solution architect working with a startup that has decided to move their workload to Oracle Cloud Infrastructure. Since their workload is small, upon
architecting, you decide its sufficient to use 8 compute instances to run their workload. The company wants to use a common storage for their instances. So, you
propose the idea of attaching a block volume to multiple instances to provide a common storage.
Which of the below option is NOT true for such a solution?
A. If the block volume is already attached to an instance as read/write non-shareable you can't attach it to another instance until you detach it from the first
instance.
B. Block volumes attached as read-only are configured as shareable by default.
C. You can delete a block volume from one instance without detaching it from all other instances there by keeping other instance's storage intact.
D. Once you attach a block volume to an instance as read-only, it can only be attached to other instances as read-only.

Answer: C

NEW QUESTION 103

A large London based eCommerce company is running Oracle DB System Virtual RAC database on Oracle Cloud Infrastructure (OCI) for their eCommerce
application activity. They are launching a new product soon, which is expected to sell in large quantities all over the world.
The application architecture should have minimal cost, no data loss, no performance impacts during the database backup windows and should have minimal
downtime.

A. Launch a new VM RAC database in another availability domain, launch a compute instance, deploy Oracle GoldenGate on it and then configure it to replicate
the data from the eCommerce Database over to the new RAC database using GoldenGat
B. Take backups from the new VM RAC database.
C. Turn off automated backups from the eCommerce database, implement Oracle Data Guard with the Standby database deployed on another availability domain,
take backups from the standby database.
D. Launch a new VM RAC database in another availability domain, launch a compute instance, deploy Oracle GoldenGate on it and then configure bi-directional
replication from the eCommerce Database over to the new VM RAC database using GoldenGat
E. Take backups from the new VM RAC database.
F. Turn off automatic backups from the eCommerce database, implement Oracle Active Data Guard with the standby database deployed on another availability
domain, and take backups from the standby database.

Answer: C

Explanation:
Active Data Guard or GoldenGate are used for disaster recovery when fast recovery times or additional levels of data protection are required. And offload queries
and backup to standby system.
Oracle GoldenGate to support a disaster recovery site is to have a working bi-directional data flow, from the primary system to the live-standby system and vice
versa.
DataGuard and Automatic Backup
You can enable the Automatic Backup feature on a database with the standby role in a Data Guard association.
However, automatic backups for that database will not be created until it assumes the primary role.

NEW QUESTION 107

An organization has its mission critical application consisting of multiple application servers and databases running inside Virtual Cloud Network (VCN) in uk-
london-1 region. Their solution architect wants to further strengthen their architecture by planning for Disaster Recovery (DR) in eu-frankfurt-1 region.
Which two solutions should their architect keep in mind while designing for DR?

A. A remote VCN peering connection is required to establish secure and reliable connectivity between different VCNs created in uk-london-1 and eu-frankfurt-1
region.
B. rsync utility can be used to asynchronously copy file systems or snapshot data to another region.
C. Load balancer will automatically distribute traffic between both the regions.
D. The RTO is the acceptable timeframe of lost data that application can tolerate.
E. It is not possible to use Active Data Guard to synchronize a database in uk-london-1 region to equivalent database in eu-frankfurt-1 region.

Answer: AC

NEW QUESTION 112

You have an Oracle database system in a virtual cloud network (VCN) that needs to be accessible on port 1521 from your on-premises network CIDR
172.17.0.0/24.
You have the following configuration currently.
Virtual cloud network (VCD) is associated with a Dynamic Routing Gateway (DRG), and DRG has an active IPSec connection with your on-premises data center.
Oracle database system is hosted in a private subnet
The private subnet route table has the following configuration

The private subnet security list has following INGRESS security rule.

The Oracle database system is part of a network security group with following security rules.
However, you are still unable to connect to the Oracle Database system. Which action will resolve this issue?
A)
Add an EGRESS rule in network security group as following.

B)
Add a route rule in the private subnet route table as following.

C)
Add an EGRESS rule in private subnet scurity list as following.

D)
Add an EGRESS rule in private subnet security list as following.

A. Option A
B. Option B
C. Option C
D. Option D

Answer: C

NEW QUESTION 114

You work for a bank as the lead Oracle Cloud Infrastructure architect. You designed a highly scalable solution for your company's banking application. The
architecture includes a load balancer, application servers with autoscaling configuration based on CPU utilization, and an Autonomous Database with Transaction
Processing workload type running in a Virtual Cloud Network (VCN).
During the peak utilization period, the application users complain that the application runs slow. What are two possible reasons for the application running slow at
times? (Choose two.)

A. The VCN does not have a Network Security Group configured to allow traffic from the load balancer toall the application servers in the backend set.
B. Instance pool in autoscaling configuration for the application servers did not scale out due to compartment quota breach of the VM shapes used by the
application servers.
C. The load balancer is not configured correctly to send traffic to all the listeners of the application servers in the backend set.
D. Instance pool in autoscaling configuration for the Autonomous Database did not scale out due to misconfigured scaling policy.
E. Instance pool in autoscaling configuration for the application servers did not scale out due to service limit breach of the VM shapes used by the application
servers.

Answer: BE

NEW QUESTION 116

You have to migrate your application to Oracle Cloud Infrastructure (OCI). The database is constantly being updated and needs to be online without interruptions.
How can you transition the database to OCI without interrupting its use?

A. It is impossible to migrate without interruption.

B. Use an on-premises database with two-way synchronization to a cloud-based database and allow clients to connect to either databases.
C. Use an on-premises database with one-way synchronization to a cloud-based database and allow clientsto connect only to the cloud database.
D. Use an on-premises database with one-way synchronization to a cloud-based database and allow clients to connect only to the on-premises database until it is
synchronized.

Answer: D

NEW QUESTION 117

You are creating an Oracle Cloud Infrastructure Dynamic Group. To determine the members of this group you are defining a set of matching rules.
Which of the following are the supported variables to define conditions in the matching rules? (Choose Two)

A. instance.compartment.id -the OCID of the compartment where the instance resides.

B. instance.tenancy.id -the OCID of the tenancy where the instance resides.
C. tag.<tagnamespace>.<tagkey>.value -the tag namespace and tag key.
D. iam.policy.id - the OCID of the IAM policy to apply to the group.

Answer: AC

NEW QUESTION 120

A new international hacktivist group, based in London, launched wide scale cyber attacks including SQL Injection and Cross-Site Scripting (XSS) across multiple
websites which are hosted in Oracle Cloud Infrastructure (OCI). As an IT consultant, you must configure a Web Application Firewall (WAF) to protect these
websites against the attacks.
How should you configure your WAF to protect the website against those attacks? (Choose the best answer.)

A. Enable an Access Rule that contains XSS Filters Categories and SQL Filters Categories.
B. Enable a Protection Rule to block the attacks based on HTTP Headers that contain XSS and SQL strings.
C. Enable a Protection Rule that contains XSS Filters Categories and SQL Filters Categories.
D. Enable an Access Rule to block the IP Address range from London.
E. Enable a Protection Rule to block requests that came from London.

Answer: C

Explanation:
https://www.ateam-oracle.com/using-oci-waf-web-application-firewall-with-oracle-e-business-suite#:~:text=The

NEW QUESTION 124

Which of the following features is NOT supported by Oracle Cloud Infrastructure Multi-factor authentication (MFA)?

A. Only the user can enable MFA for their own account.
B. Members of the Administrators group can disable MFA for other users.
C. Users can disable MFA for their own accounts.
D. Members of the Administrators group can enable MFA for other users.

Answer: D

NEW QUESTION 126

A manufacturing company is planning to migrate their on-premises database to OCI and has hired you for the migration. Customer has provided following
information regarding their existing onpremises database:
Database version, host operating system and version, database character set, storage for data staging, acceptable length of system outage.
What additional information do you need from customer in order to recommend a suitable migration method? Choose two

A. Elapsed time since database was last patched

B. On-premises host operating system and version
C. Number of active connections
D. Data types used in the on-premises database
E. Top 5 longest running queries

Answer: BD

Explanation:
Not all migration methods apply to all migration scenarios. Many of the migration methods apply only if specific characteristics of the source and destination
databases match or are compatible. Moreover, additional factors can affect which method you choose for your migration from among the methods that
are technically applicable to your migration scenario.
Some of the characteristics and factors to consider when choosing a migration method are: On-premises database version
Database service database version
On-premises host operating system and version On-premises database character set
Quantity of data, including indexes
Data types used in the on-premises database Storage for data staging
Acceptable length of system outage Network bandwidth

NEW QUESTION 130

You have deployed art application server irt a private Subnet irt your virtual cloud network (VCN). For the database, you have provisioned an Autonomous
Transaction Processing (ATP) serverless instance. However, you are unable to connect to the database instance from your application server.
Which two steps would you need to enable this connectivity?

A. Add an internet gateway to your VCN and add a route rule to your private subnet route table.CIDR: 0.0.0.0/0Target: Internet Gateway
B. Add a remote peering connection from your VCN to the ATP VCN
C. Add a stateful egress rule to the security list associated with your private subnet.Destination CIDR: 0.0.0.0/0 Protocols: All Protocols
D. Create a NAT Gateway and add the following route rule to the route table of private subnet.CIDR: 0.0.0.0/0Target: NAT Gateway

Answer: CD

NEW QUESTION 132

To serve web traffic for a popular product, your cloud engineer has provisioned four BM.Standard2.52 instances, event spread across two availability domains in
the us-asburn-1 region: LoadBalancer is used to deliver the traffic across instances.
After several months, the product grows even more popular and you need additional compute capacity. As a result, an engineer provisioned two additional
VM.Standard2.8 instances.
You register the two VM. Standard2. 8 Instances with your load Balancer Backend sot and quickly find that the VM Standard2.8 Instances running at 100% of CPU
utilization but the BM.Standard2 .52 instances have significant CPU capacity that's unused.
Which option is the most cost effective and uses instances capacity most effectively?

A. Configure your Load Balance, with weighted round robin policy to distribute traffic to the compute instances, with more weight assigned to bare metal instances.
B. Configure Autoscaling instance pool with LoadBalancer to add up to 3 more BM.Standard2.52 Instances when triggere
C. Shut off VM.Standard2.8 instances.
D. Route traffic to BM.Standard2.52 and VM Standard2.8 instances directly using DNS and Health Check
E. Shut off the load Balances.
F. Configure LoadBalancer with two VM Standard2.8 instances and use Autoscalling Instant pool to add up to two additional VM instance
G. Shut off BM.Standard2.52 instances.

Answer: A

Explanation:
Customer have 4 BM.Standard2.52 and After several months he need additional compute capacity customer find The VM Standard2.8 Instances running at 100%
of CPU utilization but the BM.Standard2 .52 instances have significant CPU capacity that unused.
so the customer need to check the Load balance policy to make sure the 4 BM and VM is utilize correctly

NEW QUESTION 133

You are currently working for a public health care company based in the United Stats. Their existing patient records runs in an on-premises data center and the
customer is sending tape backups offsite as part of their recovery planning.
You have developed an alternative archival solution using Oracle Cloud Infrastructure (OCI) that will save the company a significant amount of mom on a yearly
basis. The solution involves storing data in an OCI Object Storage bucket After reviewing your solution with the customer global Compliance (GRC) team they
have highlighted the following security requirements:
• All data less than 1 year old must be accessible within 2 hour.
• All data must be retained for at least 10 years and be accessible within 48 hours
• AH data must be encrypted at rest
• No data may be transmitted across the public Internet
Which two options meet the requirements outlined by the customer GRC team?

A. Provision a FastConnect link to the closest OCI region and configure a private peering virtual circuit.
B. Create an OCI Object Storage Standard tier bucket Configure a lifecycle policy to archive any object that Is older than 365 days
C. Create a VPN connection between your on premises data center and OC
D. Create a Virtual Cloud Network (VCN) along with an OCI Service Gateway for OCI Object Storage.
E. Provision a FastConnect link to the closest OCI region and configure a public peering virtual circuit
F. Create an OCI Object Storage Standard tier bucke
G. Configure a lifecycle policy to delete any object that is older than 7 years

Answer: BD

Explanation:

The Oracle Services Network is a conceptual network in Oracle Cloud Infrastructure that is reserved for Oracle services. These services have public IP addresses
that you typically reach over the internet. However, you can access the Oracle Services Network without the traffic going over the internet. There are different
ways, depending on which of your hosts need the access: Hosts in your on-premises network:
- Private access through a VCN with FastConnect private peering or VPN Connect: The on-premises hosts use private IP addresses and reach the Oracle
Services Network by way of the VCN and the VCN's service gateway.
- Public access with FastConnect public peering: The on-premises hosts use public IP addresses. regarding which Fastconnect Public peering: To access public
services in Oracle Cloud
Infrastructure without using the internet. For example, Object Storage, the Oracle Cloud Infrastructure Console and APIs, or public load balancers in your VCN.
Communication across the connection is with IPv4 public IP addresses. Without FastConnect, the traffic destined for public IP addresses would be routed over the
internet. With FastConnect, that traffic goes over your private physical connection.
so Answer 4 will be the best answer that meets the customer requirement
A service gateway lets your virtual cloud network (VCN) privately access specific Oracle services without exposing the data to the public internet. No internet
gateway or NAT is required to reach those specific services. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic
from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet. Object Lifecycle Management lets you automatically
manage the archiving and deletion of objects. By using
Object Lifecycle Management to manage your Object Storage and Archive Storage data, you can reduce your storage costs and the amount of time you spend
managing data.

NEW QUESTION 138

A cost conscious fashions design company which sells bags, clothes, and other luxury items has recently decided to more all of the their on-premises infrastructure
Oracle Cloud Infrastructure (OCI), One of their on-premises application is running on an NGINX server and the Oracle Database is running in a 2 node Oracle Real
Application Clusters (RAC) configuration.
Based on cost considerations, what is an effective mechanism to migrate the customer application to OCI and set up regular automated backups?

A. Launch a compute Instance and run a NGINX server to host the applicatio
B. Deploy a 2 node VM DB Systems with oracle RAC enabled import the on premises database to OCI VM DB Systems using oracle Data Pump and then enable
automatic backups.
C. Launch a compute Instance and run an NGINX server to host the applicatio
D. Deploy Exadata Quarter Rack, enable automatic backups and import the database using Oracle Data Pump.
E. Launch a compute Instance for both the NGINX application server and the database serve
F. Attach block volumes on the database server compute instance and enable backup policy to backup the block volumes.
G. Launch a Compute instance and run a NGINX Server to host the applicatio
H. Deploy a 2 node VM DBSystems with Oracle RAC enabled Import the on premises database to OCI VM DB Systems using data pump and then enable
automatic backup- Also, enable Oracle Data Guard on the database server

Answer: A

Explanation:
Based on cost
considerations will exclude
the Exadata. and there's
no need for Data Guard
Cost Estimator
https://www.oracle.com/cloud/cost-estimator.html

NEW QUESTION 140

An eCommerce company is running on Oracle Cloud Infrastructure (OCI) and many compute
instances remain unused for the most part of the year except duringBlack Friday and Christmas.
You suggest them to use OCI's Autoscaling feature and present them a slide to showcase the
features of Autoscaling. Which option below is inaccurate in your presentation to the customer?

A. A cooldown period between Autoscaling events lets the system stabilize at the updated level.
B. When an instance pool scales in, instances are terminated in this order: the number of
instances is balanced across Availability Domains, and then balanced across Fault Domain
C. Finally, within a Fault Domain, the newest instance is terminated first.
D. Autoscaling relies on performance metrics such as CPU utilization that are collected by OCI
Monitoring service to trigger an Autoscaling event.
E. Autoscaling requires an instance pool as a pre-requisite so that it can automatically adjust the
number of compute instances in an instance pool.

Answer: B

NEW QUESTION 142

You have deployed a multi-tier application with multiple compute instances in Oracle Cloud
Infrastructure. You want to back up these volumes and have decided touse Volume Group's
feature. The Block volume and Compute instances exist in different compartments within your
tenancy.
Periodically. a few child compartments are moved under different parent
compartments, and you notice that sometimes volume group backup fails.What
could be the cause?
A. You are exceeding your volume group backup quota configured.
B. You have the same block volume attached to multiple compute instances; if these
compute instances are in different compartments then all concernedcompartments must
be moved at the same time.
C. Compute instance with multiple block volumes attached cannot move when a compartment is
moved.
D. The Identity and Access Management policy allowing backup failed to move when the
compartment was moved.

Answer: D

Explanation:
You can move a compartment to a different parent compartment within the same tenancy. When
you move a compartment, all its contents (subcompartments andresources) are moved with it.
Moving a compartment has implications for the contents.
After you move a compartment to a new parent compartment, the access policies of the new
parent take effect and the policies of the previous parent no longerapply. Before you move a
compartment, ensure that:
You are aware of the policies that govern access to the compartment in its current position.
You are aware of the polices in the new parent compartment that will take effect when you move
the compartment.
In some cases, when moving nested compartments with policies that specify the hierarchy, the
polices are automatically updated to ensure consistency.

NEW QUESTION 146

......
Identify the correct statements about OCI Functions service metrics.
A number of malicious requests for a web application is coming from a set of IP addresses origination
from Antartica. Which of the following statement will help to reduce these types of unauthorized
requests?
Tsunami 377 TB

Automobile company
Global e commerce

Black friday
Global web series company AI code

Migration ATP -D
Multiple departments

Online tourism company

Diagram compartment

Black Friday
Automobile 7 years

Event service
AI company smaller shape

RPO RTO
Private access to services

Automobile company VCN

Block volume

Compartment Z
FN project CLI x509

Signature based authentication

Automobile ATP-S

User data image

Dockerfile TNS error

VCN peering
File system based Linux fault domain failure architecture

RPO RTO
AI/ML BM.GPU.4.8

Object storage multipart upload

Your customer recently provisioned a 1-Gbps Fastconnect connection in ap-tokyo-1 region of Oracle
cloud infrastructure (OCI). They will use this to connect to one VCN in their production OCI tenancy
compartment and another VCN in their development OCI tenancy. How should you configurethe
connectivity between on premise an the two VCns In OCI using the single FastConnect connection?

Your are working as solution architect with a global automotive provide who is looking to create a multi-
cloud solution. They want to run their application tier in Microsoft Azure while utilizing the Oracle DB
system in OCI. What is the most fault tolerant and secure solution for this customer?
Your work as a solutions architect for an online retail store creating a portal to allow the users to pay for
their groceries using credit cards. Since th application is not fully copliant with the payment card
industry data security standard PCI DSS. Your company is looking to use a third-party payment service to
process credit card payments.
Your company needs to migrate a business critical application from your data center to OCI. The
application runs on oracle Database and both the application and database servers run on oracle linux
version 7. The application servers is weblogic server running on multiple 4 core servers and the database
is deployed as an oracle database enterprise edition rac database on 2 servers.

You are responsible for migrating your on premise legacy database on 11.2.0.4 version to autonomous
transaction processing dedicated atp-d in oci. As a solution architect you need to plan your migration
approach.
A company has an urgent requirement to migrate 300 TB of data to OCI in two weeks. Their Data center
has been recently struct by a massive hurricane and the building has been badly damaged, although still
operational. They have a 100 MBps internet line but the connection is intermittent due to the damages
caused to the electrical grid

A telecom company has an application running in OCI Germany central region. They want to configure
disaster recovery DR site in the OCI UK south region. Which is the most cost effective option to help set
up application and persistence layers in the dr site.
Your work for a bank as the lead OCI architect. You designed a highly scalable solution for you
company’s bank application. The architecture includes a load balance, application servers with auto
scaling configuration based on CPU utilization, and an autonomous database with transaction processing
workload type running in a VCN.
An ISV partner wants to deploy their CRM application for one of its major clients on OCI. The application
will use an Oracle database on OCI. The clients business continuity requirements for the CRM application
are

You are responsible for a web application deployed on a set of compute VM instance in OCI. The
application instance in each VM writes data to local disk – i.e block volumes attached to the VM. You
need to ensure that the storage used by the application is highly available and disaster resilient. In the
evet of a failure the recovery point objective RPO is 2 hours or less
A company has an urgent requirement to migrate 100 TB of data to OCI in two weeks. They have a 100
Mbps internet line but the connection is intermittent due to problems with their internet provider.

In this scenario what is the most time efficient mechanism to migrate data to oci?

You work for a large bank where security and compliance are critical. As part of the security overview
meeting, you company decided to minimize the installation of local tools on your laptop. You have been
running ansible and kubectl to spin up OKE clusters and deployed your application.
Concurrent connections from multiple compute instances hosted in multiple availability domains. Cost
effective way

HIPAA. Mitigate this type of attack

Digital content to an object storage bucket for a period of 72 hrs.

Oracle Functions metrics

7 TB file to object storage multipart upload

Online shopping platform 3 tier web application 100 mbps

Large financial company no downtime migration 30% 70%

Three scenarios ATP-s

OS management service linux 8 osms agent

Console. Oracle provided images

172.17.0.0/24

SSH troubleshooting
You have designed and deployed your Autonomous Data Warehouse (ADW) such that it is accessible
from your on-premises data center and servers running on both private and public networks in Oracle
Cloud Infrastructure (OCI).

As you are testing the connectivity to your ADW database from the different access paths, you notice
that the server running on the private network is unable to connect to ADW. Which two steps do you
need to take to enable connectivity from the server on the private network to ADW? (Choose two.)

E commerce company seasonal workloads 52 cores 10 months

Database administrator time efficient

Small business specializing video processing cost effective solution

Designing the network appserver design your routing configuration to meet these requirement VCn
fastconnect

Global health care company tape based backup OCI

Web traffic popular product BM standard VM standard 2.52

Public facing java based restful api

Confidential data on premise

London based ecommerce RAC architecture

OKE expose multiple endpoints

Digital marketing company OKE API least effort

OKE microservices fewest ssl

Large bank OKE api gateway Kubernetes URL backend

Deletevolume API call

GRC team

IOT project serverless

Retail company microservices shopping kubernetes

Travel company portal microservices

DOckerfile oracle functions

End group diagram, operations team IAM policy

Diagram compartment root IAM policies

Critical systems migration planning security policies guidelines platform customer managed keys
Monitoring nodes Operations team most efficient solution to allow the operation team to fully managed
the monitoring nodes.

Diagram Systest-team Move resources compartment

You are tasked with building a highly available fault tolerant web application for you current employer.
The security team is concerned about an increase in malicious web based attacks across the internet and
asked what you can do to add a higher level of security to the website