Name: Oracle Cloud Infrastructure 2020 Architect Professional
Brand: ValidExamDumps
SKU: 1Z0-997-20
Price: 20 USD
Availability: InStock
Rating: 5.0 (200 reviews)

Free Oracle 1Z0-997-20 Exam Actual Questions

The questions for 1Z0-997-20 were last updated On Feb 18, 2025

At ValidExamDumps, we consistently monitor updates to the Oracle 1Z0-997-20 exam questions by Oracle. Whenever our team identifies changes in the exam questions,exam objectives, exam focus areas or in exam requirements, We immediately update our exam questions for both PDF and online practice exams. This commitment ensures our customers always have access to the most current and accurate questions. By preparing with these actual questions, our customers can successfully pass the Oracle Cloud Infrastructure 2020 Architect Professional exam on their first attempt without needing additional materials or study guides.

Other certification materials providers often include outdated or removed questions by Oracle in their Oracle 1Z0-997-20 exam. These outdated questions lead to customers failing their Oracle Cloud Infrastructure 2020 Architect Professional exam. In contrast, we ensure our questions bank includes only precise and up-to-date questions, guaranteeing their presence in your actual exam. Our main priority is your success in the Oracle 1Z0-997-20 exam, not profiting from selling obsolete exam questions in PDF or Online Practice Test.

Question No. 1

Your company will soon start moving critical systems Into Oracle Cloud Infrastructure (OCI) platform. These systems will reside in the us-phoenix-1and us-ashburn 1 regions. As part of the migration planning, you are reviewing the company's existing security policies and written guidelines for the OCI platform usage within the company. you have to work with the company managed key.

Which two options ensure compliance with this policy?

AWhen you create a new compute instance through OCI console, you use the default options for 'configure boot volume' to speed up the process to create this compute instance.

BWhen you create a new block volume through OCI console, select Encrypt using Key Management checkbox and use encryption keys generated and stored in OCI Key Management Service.

CWhen you create a new compute instance through OCI console, you use the default shape to speed up the process to create this compute instance.

DWhen you create a new OCI Object Storage bucket through OCI console, you need to choose 'ENCRYPT USING CUSTOMER-MANAGED KEYS' option.

EYou do not need to perform any additional actions because the OCI Block Volume service always encrypts all block volumes, boot volumes, and volume backups at rest by using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption.

Show Answer

Correct Answer: B, D

Block Volume Encryption

By default all volumes and their backups are encrypted using the Oracle-provided encryption keys. Each time a volume is cloned or restored from a backup the volume is assigned a new unique encryption key.

You have the option to encrypt all of your volumes and their backups using the keys that you own and manage using the Vault service.If you do not configure a volume to use the Vault service or you later

unassign a key from the volume, the Block Volume service uses the Oracle-provided encryption key instead.

This applies to both encryption at-rest and in-transit encryption.

Object Storage Encryption

Object Storage employs 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on the server. Each object is encrypted with its own data encryption key. Data encryption keys are always encrypted with a master encryption key that is assigned to the bucket. Encryption is enabled by default and cannot be turned off. By default, Oracle manages the master encryption key. However, you can optionally configure a bucket so that it's assigned an Oracle Cloud Infrastructure Vault master encryption key that you control and rotate on your own schedule.

Encryption: Buckets are encrypted with keys managed by Oracle by default, but you can optionally encrypt the data in this bucket using your own Vault encryption key. To use Vault for your encryption needs, select Encrypt Using Customer-Managed Keys. Then, select the Vault Compartment and Vault that contain the master encryption key you want to use. Also select the Master Encryption Key Compartment and Master Encryption Key.

Question No. 2

You are trying to troubleshoot the configuration of your Oracle Cloud Infrastructure (OCI) Load Balancing service. You have a backend HTTP service for which you have created a backend set in the load balancer. You have configured health checks for the backend set. Although the health checks appear good, customers sometimes experience transaction failures.

Which of the following options will definitely lead to this problem?

AYou are NOT using regional subnets in your Virtual Cloud Network. With Availability Domain (AD) specific subnet. the compute instances of the backend service running in the subnet have issues when the AD is down.

BYou are using OCI Domain Name System. You have misconfigured the 'A' record with the wrong IP address leading to requests not getting routed correctly.

CYou are using iSCI for block volume attachment to the compute instances in your backed HTTP service. TCP/IP configuration of your block volume attachment is not configured correctly, leading to issues in your backend service.

DYou are running a TCP-level health check against your HTTP service. The TCP handshake can succeed and indicate that the service is up even when the HTTP service has issues.

Show Answer

Correct Answer: D

Question No. 3

You are a solutions architect for a global health care company which has numerous data centers around the globe. Due to the ever growing data that your company is storing, you were Instructed to set up a durable, cost effective solution to archive you data from your existing on-premises tape based backup Infrastructure to Oracle Cloud Infrastructure (OCI).

What is the most-effective mechanism to Implement this requirement?

AUse the File Storage Service in OCI and copy the data from your existing tape based backup to the shared file system

BSetup an on premises OCI Storage Gateway which will back up your data to OCI Object Storage Archive tier.(Correct)

CSetup an on premises OCI Storage Gateway which will back up your data to OCI object Storage Standard tier. Use Object Storage life cycle policy management to move any data older than 30 days from Standard to Archive tier.

DSetup an on-promises OCI Storage Gateway which will back up your data to OCI Object Storage Standard

ESetup fastConnect to connect your on premises network to your OCI VCN and use rsync tool to copy your data to OCI Object Storage Archive tier.

Show Answer

Correct Answer: B

Oracle Cloud Infrastructure offers two distinct storage tiers for you to store your unstructured data. Use the Object Storage Standard tier for data to which you need fast, immediate, and frequent access. Use the Archive Storage service's Archive tier for data that you access infrequently, but which must be preserved for long periods of time. Both storage tiers use the same manageable resources (for example, objects and buckets). The difference is that when you upload a file to Archive Storage, the object is immediately archived. Before you can access an archived object, you must first restore the object to the Standard tier.

you can use Storage Gateway to move files to Oracle Cloud Infrastructure Archive Storage as a cost effective backup solution. You can move individual files and compressed or uncompressed ZIP or TAR

archives. Storing secondary copies of data is an ideal use case for Storage Gateway.

Question No. 4

You are working on the migration of the web application infrastructure of your company from on-premises to Oracle Cloud Infrastructure. You need to ensure that the DNS cache entries of external clients will not direct them to the on-premises infrastructure after switching to the new infrastructure.

Which of the following options will minimize this problem?

AReduce the TTL of the DNS records after the switch.

BDNS changes propagate fast enough that it is not necessary to take any action.

CIncrease the TTL of the DNS records before the switch.

DIncrease the TTL of the DNS records after the switch.

EReduce the TTL of the DNS records before the switch.

Show Answer

Correct Answer: E

Question No. 5

You have designed and deployed your Autonomous Data Warehouse (ADW) such that it is accessible from your on-premises data center and servers running on both private and public networks in Oracle Cloud Infrastructure (OCI).

As you are testing the connectivity to your ADW database from the different access paths, you notice that the sewer lunninq on the private network is unable to connect to ADW.

Which two steps do you need to take to enable connectivity from the server on the private network to ADW?

AAdd an entry in the Security List of the ADW allowing ingress traffic for C10R block 10.2.2.0/24

BAdd an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/: target type of NAT Gateway, add a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0./0 and for all IP protocols.

CAdd an entry in the access table list of ASW for CIDR block 10.2.2.0/24.

DAdd an entry in the route table (associated with the private subnet) with destination of 0.0.0.0./0; target type of internet Gateway, add a stateful egress in the security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols.

EAdd an entry in the access control list of ADW for IP address 129.146.160.11

Show Answer

Correct Answer: B, E

There are 3 connections to ADW

1- Connecting to (ADW) from Public Internet

2- Connecting to ADW (via NAT or Service Gateway) from a server running on a private subnet in OCI (in the same tenancy)

3- Connecting to ADW (via internet Gateway) from a server running on a public subnet in OCI (in the same tenancy