Question No. 1

An upcoming e-commerce company has deployed their online shopping application on OCI. The application was deployed on compute instances with autoscaling configuration for application servers fronted by a load balancer and OCI Autonomous Transaction Processing (ATP) in the backend.

In order to promote their e-commerce platform 50% discount was announced on all the products for a limited period. During the day 1 of promotional period it was observed that the application is running slow and company's hotline is flooded with complaints.

What could be two possible reasons for this situation?

AThe health check on some of the backend servers has failed and the load balancer has taken those servers temporarily out of rotation

BAs part of autoscaling, the load balancer shape has dynamically changed to a larger shape to handle more incoming traffic and the system was slow for a short time during this change

CThe health check on some of the backend servers has failed and the load balancer was rebooting these servers.

DThe autoscaling has already scaled to the maximum number of instances specified in the configuration and there is no room of scaling

Show Answer

Correct Answer: A, D

Question No. 2

You are working as a security consultant with a global insurance organization which is using Microsoft Azure Active Directory (AD) as identity provided to manager user login/passwords. When a user logs in to Oracle Cloud infrastructure (OCI) console, it should get authenticated by Azure AD.

Which set of steps are required to configure at OCI side in order to get it enabled

ASetup Azure AD as an Enterprise Application, map Azure AD users and groups and policies to OCI groups and users

BSetup Azure AD as an Identity Provider, Import users and groups from Azure AD to OCI, set up IAM policies to govern access to Azure AD groups

CSetup Azure AD as an Enterprise Application, configure OCI for single sign-on, map Azure AD groups to OCI groups, set up the IAM policies to govern access to Azure AD groups

DSetup Azure AD as an Identity Provider, map Azure AD groups to OCI groups, set up the IAM policies to govern access to Azure AD groups

Show Answer

Correct Answer: D

Federating with Microsoft Azure Active Directory

To federate with Azure AD, you set up Oracle Cloud Infrastructure as a basic SAML single sign-on application in Azure AD. To set up this application, you perform some steps in the Oracle Cloud Infrastructure Console and some steps in Azure AD.

Following is the general process an administrator goes through to set up the federation. Details for each step are given in the next section.

In Oracle Cloud Infrastructure, download the federation metadata document.

In Azure AD, set up Oracle Cloud Infrastructure Console as an enterprise application.

In Azure AD, configure the Oracle Cloud Infrastructure enterprise application for single sign-on.

In Azure AD, set up the user attributes and claims.

In Azure AD, download the Azure AD SAML metadata document.

In Azure AD, assign user groups to the application.

In Oracle Cloud Infrastructure, set up Azure AD as an identity provider.

In Oracle Cloud Infrastructure, map your Azure AD groups to Oracle Cloud Infrastructure groups.

In Oracle Cloud Infrastructure, set up the IAM policies to govern access for your Azure AD groups.

Share the Oracle Cloud Infrastructure sign-in URL with your user

Question No. 3

A global media organization is working on a project which lets users upload their videos to the site. After upload is complete, the video should be automatically processed by an Al algorithm. The algorithm will try to recognize certain actions in the videos so that it can be used to show related advertisements in future. The development team wants to focus on writing Al code and not worry about underlying infrastructure for high availability, scalability, security and monitoring.

Which Oracle Cloud Infrastructure (OCI) services would meet these requirements?

AOCI Object Storage, OCI Events service and OCI Functions.

BOracle Container Engine for Kubernetes, OCI Notifications and OCI Object Storage.

COCI Events, Oracle Container Engine for Kubernetes and OCI Digital Assistant.

DOCI Resource Manager, OCI Functions and OCI Events service.

Show Answer

Correct Answer: A

Question No. 4

You have designed and deployed your Autonomous Data Warehouse (ADW) such that it is accessible from your on-premises data center and servers running on both private and public networks in Oracle Cloud Infrastructure (OCI).

As you are testing the connectivity to your ADW database from the different access paths, you notice that the sewer lunninq on the private network is unable to connect to ADW.

Which two steps do you need to take to enable connectivity from the server on the private network to ADW?

AAdd an entry in the Security List of the ADW allowing ingress traffic for C10R block 10.2.2.0/24

BAdd an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/: target type of NAT Gateway, add a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0./0 and for all IP protocols.

CAdd an entry in the access table list of ASW for CIDR block 10.2.2.0/24.

DAdd an entry in the route table (associated with the private subnet) with destination of 0.0.0.0./0; target type of internet Gateway, add a stateful egress in the security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols.

EAdd an entry in the access control list of ADW for IP address 129.146.160.11

Show Answer

Correct Answer: B, E

There are 3 connections to ADW

1- Connecting to (ADW) from Public Internet

2- Connecting to ADW (via NAT or Service Gateway) from a server running on a private subnet in OCI (in the same tenancy)

3- Connecting to ADW (via internet Gateway) from a server running on a public subnet in OCI (in the same tenancy

Question No. 5

You are currently working for a public health care company based in the United Stats. Their existing patient records runs in an on-premises data center and the customer is sending tape backups offsite as part of their recovery planning.

You have developed an alternative archival solution using Oracle Cloud Infrastructure (OCI) that will save the company a significant amount of mom on a yearly basis. The solution involves storing data in an OCI Object Storage bucket After reviewing your solution with the customer global Compliance (GRC) team they have highlighted the following security requirements:

* All data less than 1 year old must be accessible within 2 hour.

* All data must be retained for at least 10 years and be accessible within 48 hours

* AH data must be encrypted at rest

* No data may be transmitted across the public Internet

Which two options meet the requirements outlined by the customer GRC team?

AProvision a FastConnect link to the closest OCI region and configure a private peering virtual circuit.

BCreate an OCI Object Storage Standard tier bucket Configure a lifecycle policy to archive any object that Is older than 365 days

CCreate a VPN connection between your on premises data center and OCI. Create a Virtual Cloud Network (VCN) along with an OCI Service Gateway for OCI Object Storage.

DProvision a FastConnect link to the closest OCI region and configure a public peering virtual circuit

ECreate an OCI Object Storage Standard tier bucket. Configure a lifecycle policy to delete any object that is older than 7 years

Show Answer

Correct Answer: B, D

The Oracle Services Network is a conceptual network in Oracle Cloud Infrastructure that is reserved for Oracle services. These services have public IP addresses that you typically reach over the internet. However, you can access the Oracle Services Network without the traffic going over the internet. There are different ways, depending on which of your hosts need the access:

Hosts in your on-premises network:

- Private access through a VCN with FastConnect private peering or VPN Connect: The on-premises hosts

use private IP addresses and reach the Oracle Services Network by way of the VCN and the VCN's service

gateway.

- Public access with FastConnect public peering: The on-premises hosts use public IP addresses.

regarding which Fastconnect Public peering: To access public services in Oracle Cloud

Infrastructure without using the internet. For example, Object Storage, the Oracle Cloud Infrastructure Console and APIs, or public load balancers in your VCN. Communication across the connection is with IPv4 public IP addresses. Without FastConnect, the traffic destined for public IP addresses would be routed over the internet. With FastConnect, that traffic goes over your private physical connection.

so Answer 4 will be the best answer that meets the customer requirement

A service gateway lets your virtual cloud network (VCN) privately access specific Oracle services without exposing the data to the public internet. No internet gateway or NAT is required to reach those specific services. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.

Object Lifecycle Management lets you automatically manage the archiving and deletion of objects. By using Object Lifecycle Management to manage your Object Storage and Archive Storage data, you can reduce your storage costs and the amount of time you spend managing data.

Free Oracle 1Z0-997-20 Exam Actual Questions

The questions for 1Z0-997-20 were last updated On Jan 13, 2025