Question No. 1

You set up a bastion host in your VCN to only allow your IP address (140.19.2.140) to establish SSH connections to your Compute Instances that are deployed in a private subnet. The Compute Instances have an attached Network Security Group with a Source Type: Network Security Group (NSG), Source NSG: NSG-050504. To secure the bastion host, you added the following ingress rules to its Network Security Group:

However, after checking the bastion host logs, you discovered that there are IP addresses other than your own that can access your bastion host.

What is the root cause of this issue? (Choose the best answer.)

AThe Security List allows access to all IP address which overrides the Network Security Group ingress rules.

BAll compute instances associated with NSG-050504 are also able to connect to the bastion host.

CThe port 22 provides unrestricted access to 140.19.2.140 and to other IP address.

DA netmask of /32 allows all IP address in the 140.19.2.0 network, other than your IP 140.19.2.140

Show Answer

Correct Answer: B

Question No. 2

You created an Oracle Linux compute instance through the Oracle Cloud Infrastructure (OCI) management console then immediately realize you forgot to add an SSH key file. You notice that OCI compute service provides instance console connections that supports adding SSH keys for a running instance. Hence, you created the console connection for your Linux server and activated it using the connection string provided. However, now you get prompted for a username and password to login.

What option should you recommend to add the SSH key to your running instance, while minimizing the administrative overhead? (Choose the best answer.)

AYou need to configure the boot loader to use ttyS0 as a console terminal on the VM.

BYou need to terminate the running instance and recreate it by providing the SSH key file.

CYou need to reboot the instance from the console, boot into the bash shell in maintenance mode, and add SSH keys for the opc user.

DYou need to modify the serial console connection string to include the identity file flag, --i to specify the SSH key to use.

Show Answer

Correct Answer: C

If you created an instance without an SSH key, you can use the serial console to boot into maintenance mode and add or reset the SSH key for the opc user or reset the password for the opc user. Alternately, you can stop the instance, attach the boot volume to a new instance, and configure SSH on the new instance.

https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/accessinginstance.htm

Question No. 3

You have created a geolocation steering policy in the Oracle Cloud Infrastructure (OCI) Traffic Management service, with this configuration:

What happens to requests that originate in Africa? (Choose the best answer.)

AThe traffic will be forwarded at the same time to both Pool 1 and Pool 2.

BThe traffic will be dropped.

CThe traffic will be forwarded randomly to any of the pools mentioned in the rules.

DThe traffic will be forwarded to Pool 1. If Pool 1 is not available, then it will be forwarded to Pool 2.

Show Answer

Correct Answer: C

This policy currently has no global catch-all. No global catch-all means that queries not matching any of the above rules will receive a random answer. Global Catche-all need to set up if the traffic does not meet any condition in the pool and you still want to serve the request. Default is serve randomly.

https://www.oracle.com/a/ocom/docs/cloud/traffic-management-100.pdf

Question No. 4

The boot volume on your Oracle Linux instance has run out of space. Your application has crashed due to a lack of swap space, forcing you to increase the size of the boot volume.

Which step should NOT be included in the process used to solve the issue? (Choose the best answer.)

AReattach the boot volume and restart the instance.

BAttach the resized boot volume to a second instance as a data volume; extend the partition and grow the file system in the resized boot volume.

CStop the instance and detach the boot volume.

DResize the boot volume by specifying a larger value than the boot volume's current size.

ECreate a RAID 0 configuration to extend the boot volume file system onto another block volume.

Show Answer

Correct Answer: B

Question No. 5

You are asked to deploy a new application that has been designed to scale horizontally. The business stakeholders have asked that the application be deployed in us-phoenix-1.

Normal usage requires 2 OCPUs. You expect to have few spikes during the week, that will require up to 4 OCPUs, and a major usage uptick at the end of each month that will require 8 OCPUs.

What is the most cost-effective approach to implement a highly available and scalable solution? (Choose the best answer.)

ACreate an instance pool with a VM.Standard2.2 shape instance configuration. Setup the autoscaling configuration to use 2 availability domains and have a minimum of 2 instances, to handle the weekly spikes, and a maximum of 4 instances.

BCreate an instance with 1 OCPU shape. Use the Resize Instance action to scale up to a larger shape when more resources are needed.

CCreate an instance with 1 OCPU shape. Use a CLI script to clone it when more resources are needed.

DCreate an instance pool with a VM.Standard2.1 shape instance configuration. Setup the autoscaling configuration to use 2 availability domains and have a minimum of 2 instances and a maximum of 8 instances.

Show Answer

Correct Answer: D

https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm#baremetalshapes__bm-standard

Free Oracle 1Z0-1067-22 Exam Actual Questions

The questions for 1Z0-1067-22 were last updated On Nov 3, 2024