Latest Oct 29, 2022 1z0-997-22 Brain Dump A Study Guide with Tips & Tricks for passing Exam [Q14-Q31]

Latest Oct 29, 2022 1z0-997-22 Brain Dump: A Study Guide with Tips & Tricks for passing Exam

1z0-997-22 Question Bank: Free PDF Download Recently Updated Questions

NEW QUESTION 14
You notice that a majority of your Oracle Cloud Infrastructure (OCI) resources like compute instances, block volumes, and load balancers are not tagged. You have received a mandate from your CIO to add a predefined set of tags to identify owners for respective OCI resources. E.g. if Chris and Larry each create compute instances in a compartment, the instances that Chris creates include tags that contain his name as the value, while the instances that Larry creates have his name.
Which option is the simplest way to implement this new tagging requirement?

• A. Create a default tag for each compartment, which ensure that appropriate tags are applied at the time of resource creation.
• B. Create an OCI Identity and Access Management policy to automatically tag a resource with the user name.
• C. Create tag variables to automatically tag a resource with the user name.
• D. Create an OCI Identity and Access Management policy requiring users to tag resources with their user name.

Answer: C

 

NEW QUESTION 15
An organization has its IT infrastructure in a hybrid setup with an on-premises environment and an Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) in the us-phonix-1 region. The on-premise applications communications with compute instances inside the VPN over a hardware VPN connection. They are looking to implement an Intrusion detected and Prevention (IDS/IPS) system for their OCI environment. This platform should have the ability to scale to thousands of compute of instances running inside the VCN.
How should they architect their solution on OCI to achieve this goal?

• A. Set up an OCI Private Load Balance! and configure IDS/IPS related health checks at TCP and/or HTTP level to inspect traffic
• B. Configure autoscaling on a compute Instance pool and set vNIC to promiscuous mode to called traffic across the vcn and send it IDS/IPS platform for inspection.
• C. Configure each host with an agent that collects all network traffic and sends that traffic to the IDS/IPS platform to inspection
• D. There Is no need to implement an IPS/IDS system as traffic coming over IPSec VPN tunnels Is already encrypt

Answer: C

Explanation:
in Transit routing through a private IP in the VCN you set up an instance in the VCN to act as a firewall or intrusion detection system to filter or inspect the traffic between the on-premises network and Oracle Services Network.
The Networking service lets you implement network security functions such as intrusion detection, application-level firewalls In fact, the IDS model can be host-based IDS (HIDS) or network-based IDS (NIDS). HIDS is installed at a host to periodically monitor specific system logs for patterns of intrusions. In contrast, an NIDS sniffs the traffic to analyze suspicious behaviors. A signature-based NIDS (SNIDS) examines the traffic for patterns of known intrusions. SNIDS can quickly and reliably diagnose the attacking techniques and security holes without generating an over-whelming number of false alarms because SNIDS relies on known signatures.
However, anomaly-based NIDS (ANIDS) detects unusual behaviors based on statistical methods. ANIDS could detect symptoms of attacks without specific knowledge of details. However, if the training data of the normal traffic are inadequate, ANIDS may generate a large number of false alarms.

 

NEW QUESTION 16
You are working with a social media company as a solution architect. The media company wants to collect and analyze large amounts of data being generated from their websites and social media feeds to gain insights and continuously improve the user experience. In order to meet this requirement, you have developed a microservices application hosted on Oracle Container Engine for Kubernetes. The application will process the data and store the result to an Autonomous Data Warehouse (ADW) instance.
Which Oracle Cloud Infrastructure (OCI) service can you use to collect and process a large volume of unstructured data in real time?

• A. OCI Events
• B. OCI Resource Manager
• C. OCI Notifications
• D. OCI Streaming

Answer: D

 

NEW QUESTION 17
The Finance department of your company has reached out to you. They have customer sensitive data on compute Instances In Oracle Cloud Infrastructure (OCI) which they want to store in OCI Storage for long term retention and archival.
To meet security requirements they want to ensure this data is NOT transferred over public internet, even if encrypted.
which they want to store In OCI Object Storage fin long term retention and archival To meet security requirements they want to ensure this data is NOT transferred over public Internet, even it encrypted.
Which option meets this requirements?

• A. Configure a NAT instance and all traffic between compute In Private subnet should use this NAT instance with Private IP as the route target.
• B. Use Storage gateway with appropriate firewall rule.
• C. Use NAT gateway with appropriate route table when transferring data. Then use NAT gateways' toggle (on/off) once data transfer is complete.
• D. Use Service gateway with appropriate route table.

Answer: D

Explanation:
Service Gateway is virtual router that you can add to your VCN. It provides a path for private network traffic between your VCN and supported services in the Oracle Services Network like Object Storage) so compute Instances in a private subnet in your VCN can back up data to Object Storage without needing public IP addresses or access to the intern

 

NEW QUESTION 18
A global media organization is working on a project which lets users upload their videos on their site. After upload is complete, the video should be automatically processed by an Al algorithm. The algorithm will try to recognize actions in the videos so that it can be used to show related advertisements in future. The development team wants to focus on writing Al code and don't want to worry about underlying infrastructure for high-availability, scalability, security and monitoring.
Which OCI services should you recommend for this project?

• A. Use Object Storage for storing videos, OCI Events service and OCI Functions
• B. Use OCI Resource Manager to manage the underlying infrastructure, OCI Functions and OCI Events service.
• C. Use Oracle Container Engine for Kubernetes (OKE) for deployment of Al Code, OCI Notifications and Object Storage
• D. Use OCI Events service for triggering automatic processing of video, Oracle Container Engine for Kubernetes (OKE) and OCI Digital Assistant

Answer: A

Explanation:
Oracle Functions is a fully managed, multi-tenant, highly scalable, on-demand, Functions-as-a-Service platform. It is built on enterprise-grade Oracle Cloud Infrastructure and powered by the Fn Project open source engine. Use Oracle Functions (sometimes abbreviated to just Functions) when you want to focus on writing code to meet business needs.
The serverless and elastic architecture of Oracle Functions means there's no infrastructure administration or software administration for you to perform. You don't provision or maintain compute instances, and operating system software patches and upgrades are applied automatically. Oracle Functions simply ensures your app is highly-available, scalable, secure, and monitored. With Oracle Functions, you can write code in Java, Python, Node, Go, and Ruby (and for advanced use cases, bring your own Dockerfile, and Graal VM). You can then deploy your code, call it directly or trigger it in response to events, and get billed only for the resources consumed during the execution.
You can create automation based on state changes for your Oracle Cloud Infrastructure resources by using event types, rules, and actions. When the function is executing inside the container, the function can read from and write to other resources and services running in the same subnet (for example, Database as a Service). The function can also read from and write to other shared resources (for example, Object Storage), and other Oracle Cloud Services.

 

NEW QUESTION 19
An organization has its mission critical application consisting of multiple application servers and databases running inside Virtual Cloud Network (VCN) in uk-london-1 region. Their solution architect wants to further strengthen their architecture by planning for Disaster Recovery (DR) in eu-frankfurt-1 region.
Which two solutions should their architect keep in mind while designing for DR?

• A. The RTO is the acceptable timeframe of lost data that application can tolerate.
• B. Load balancer will automatically distribute traffic between both the regions.
• C. A remote VCN peering connection is required to establish secure and reliable connectivity between different VCNs created in uk-london-1 and eu-frankfurt-1 region.
• D. rsync utility can be used to asynchronously copy file systems or snapshot data to another region.
• E. It is not possible to use Active Data Guard to synchronize a database in uk-london-1 region to equivalent database in eu-frankfurt-1 region.

Answer: B,C

 

NEW QUESTION 20
You are developing a Serverless function for your company's IoT project. This function should access Oracle Cloud Infrastructure (OCI) Object Storage to store some files. You choose Oracle Functions to deploy this function on OCI. However, your security team doesn't allow you to carry any API Token or RSA Key to authenticate the function against the OCI API to access the Object Storage.
What should you do to get this function to access OCI Object Storage without carrying any static authentication files? (Choose the best answer.)

• A. Option C
• B. Option D
• C. Option B
• D. Option A

Answer: D

Explanation:
https://blogs.oracle.com/cloud-infrastructure/getting-started-with-oracle-functions-and-object-storage

 

NEW QUESTION 21
You are part of a project team working in the development environment created in OCI. You have realized that the CIDR block specified for one of the subnet in a VCN is not correct and want to delete the subnet. While deleting you are getting an error indicating that there are still resources that you must delete first. The error includes the OCID of the VNIC that is in the subnet.
Which of the following action you will take to troubleshoot this issue?

• A. Copy and Paste OCID of the VNIC in the search box of the OCI Console to find out the parent resource of the VNIC
• B. Use OCI CLI to call "GetVnic" operation to find out the parent resource of the VNIC
• C. Use OCI CLI to delete the subnet using --force option
• D. Use OCI CLI to delete the VNIC first and then delete the subnet

Answer: B

Explanation:
VCN, it must first be empty and have no related resources or attached gateways To delete a VCN's subnets, they must first be empty.
Note: When you create one of the preceding resources, you specify a VCN and subnet for it. The relevant service creates at least one VNIC in the subnet and attaches the VNIC to the resource. The service manages the VNICs on your behalf, so they are not readily apparent to you in the Console. The VNIC enables the resource to communicate with other resources over the network. Although this documentation commonly talks about the resource itself being in the subnet, it's actually the resource's attached VNIC.
If the subnet is not empty, you instead get an error indicating that there are still resources that you must delete first. The error includes the OCID of a VNIC that is in the subnet (there could be more, but the error returns only a single VNIC's OCID).
You can use the Oracle Cloud Infrastructure command line interface (CLI) or another SDK or client to call the GetVnic operation with the VNIC OCID. The response includes the VNIC's display name. Depending on the type of parent resource, the display name can indicate which parent resource the VNIC belongs to. You can then delete that parent resource, or you can contact your administrator to determine who owns the resource. When the VNIC's parent resource is deleted, the attached VNIC is also deleted from the subnet. If there are remaining VNICs in the subnet, repeat the process of determining and deleting each parent resource until the subnet is empty. Then you can delete the subnet.
For example, if you're using the CLI, use this command to get information about the VNIC.
oci network vnic get --vnic-id <VNIC_OCID

 

NEW QUESTION 22
You are working for a Travel company and your travel portal application is a collection of microservices that run on Oracle Cloud Infrastructure Container Engine for Kubernetes. As per the recent security overview, you have noticed that Oracle has published a newer image of the Operating System used by the worker nodes. You want to make sure that your application doesn't face any downtime but at the same time the worker nodes gets upgraded to the latest version of the Operating System.
What should you do to get this upgrade done without application downtime? (Choose the best answer.)

• A. 1. Create a new node pool using the latest available Operating System image. 2. Run kubectl cordon <node name> against all the worker nodes in the old pool to stop any new application pods to get scheduled 3. Run kubectl drain <node name> """"delete""local""data """"force """"ignore""daemonsets to evict any Pods that are running 4. Delete the old node pool
• B. 1. Run kubectl cordon <node name> against all the worker nodes in the old pool to stop any new application pods to get scheduled 2. Run kubectl drain <node name> """"delete""local""data """"force """"ignore""daemonsets to evict any Pods that are running 3. Download the patches for the new Operating System image 4. Patch the worker nodes to the latest Operating System image
• C. 1. Shutdown the worker nodes 2. Create a new node pool 3. Manually schedule the pods on the newly built node pool
• D. 1. Create a new node pool using the latest available Operating System image 2. Run kubectl taint nodes """"all node""role.kubernetes.io/master"" 3. Delete the old node pool

Answer: A

Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengupgradingk8sworkernode.htm

 

NEW QUESTION 23
A retail company runs their online shopping platform entirely on Oracle cloud Infrastructure (OCI). This is a 3-tier web application that Includes a Mbps Load Balancer. Virtual Machine Instances for web and an Oracle DB Systems Virtual Machine Due to unprecedented growth, they noticed an Increase in the Incoming traffic to their website and all users start getting 503 (Service Unavailable) errors.
What is the potential problem in this scenario?

• A. The Traffic Management Policy is not set to load Balancer the traffic to the web servers.
• B. All the web servers are too busy and not able to answer any request from users.
• C. You did not configure a Service Gateway to allow connection between web servers and load Balance
• D. The Load Balancer health check status Indicates critical situation for half of the backend webservers
• E. The Database Is down hence users can not access the web site

Answer: B

Explanation:
A 503 Service Unavailable Error is an HTTP response status code indicating that a server is temporarily unable to handle the request. This may be due to the server being overloaded or down for maintenance.

 

NEW QUESTION 24
You have provisioned a new VM.DenseIO2.24 compute instance with local NVMe drives. The compute instance is running production application. This is a write heavy application, with a significant Impact to the business it the application goes down.
What should you do to help maintain write performance and protect against NVMe devices failure.

• A. NVMe drive have built in capability to recover themself so no other actions are required
• B. Configure RAID 10 for NVMe devices.
• C. Configure RAID 6 for NVMe devices.
• D. Configure RAID 1 for NVMe devices.

Answer: B

Explanation:
VM.DeselO2.24 compute instance include locally attached NVMe devices. These devices provide extremely low latency, high performance block storage that is ideal for big data, OLTP, and any other workload that can benefit from high-performance block storage.
A protected RAID array is the most recommended way to protect against an NVMe device failure. There are three RAID levels that can be used for the majority of workloads:
RAID 1: An exact copy (or mirror) of a set of data on two or more disks; a classic RAID 1 mirrored pair contains two disks RAID 10: Stripes data across multiple mirrored pairs. As long as one disk in each mirrored pair is functional, data can be retrieved RAID 6: Block-level striping with two parity blocks distributed across all member disks If you need the best possible performance and can sacrifice some of your available space, then RAID 10 array is an option.

 

NEW QUESTION 25
Your company developed a function that needs to access the Oracle Database to inject some data to it at runtime. You are tasked to move this function to the Oracle Cloud Infrastructure (OCI) and use Oracle Functions and access Oracle Autonomous Database. You created a Dockerfile below to run this function, however, you are getting this error "cx_Oracle.DatabaseError: ORA""12560: TNS:protocol adapter error".

What should you do to make sure that Oracle Functions can run this Dockerfile properly? (Choose the best answer.)

• A. You ned to run this Container as root, so add this line: USER root
• B. Use """"cap""add=ALL flag while running the Docker container to add runtime capability
• C. Use """"privileged flag while running the Docker container to add runtime privilege
• D. Add these two lines to your Dockerfile: groupadd """"gid 1000 fn && \ adduser """"uid 1000 """"gid fn fn

Answer: D

Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionsrunningasunprivileged.htm

 

NEW QUESTION 26
A customer has a Virtual Machine instance running in their Oracle Cloud Infrastructure tenancy. They realized that they wrongly picked a smaller shape for their compute instance. They are reaching out to you to help them fix the issue.
Which of the below options is best recommended to suggest to the customer?

• A. Change the shape of instance without reboot, but stop all the applications running on instance beforehand to prevent data corruption.
• B. OCI doesn't allow such an operation.
• C. Delete the running instance and spin up a new instance with the desired shape.
• D. Change the shape of the virtual machine instance using the Change Shape feature available in the console.

Answer: D

 

NEW QUESTION 27
You have an Oracle database system in a virtual cloud network (VCN) that needs to be accessible on port 1521 from your on-premises network CIDR 172.17.0.0/24.
You have the following configuration currently.
Virtual cloud network (VCD) is associated with a Dynamic Routing Gateway (DRG), and DRG has an active IPSec connection with your on-premises data center.
Oracle database system is hosted in a private subnet
The private subnet route table has the following configuration
The private subnet route table has following configuration.

However, you are still unable to connect to the Oracle Database system.
Which action will resolve this issue?
A)
Add an EGRESS rule in network security group as following.

B)
Add a route rule in the private subnet route table as following.

C)
Add an EGRESS rule in private subnet scurity list as following.

D)
Add an EGRESS rule in private subnet security list as following.

• A. Option C
• B. Option D
• C. Option B
• D. Option A

Answer: A

 

NEW QUESTION 28
A global retailer is setting up the cloud architecture to be deployed in Oracle Cloud infrastructure (OCI) which will have thousands of users from two major geographical regions: North America and Asia Pacific. The requirements of the services are:
* Service needs to be available 27/7 to avoid any business disruption
* North American customers should be served by application running In North American regions
* Asia Pacific customers should be served by applications running In Asia Pacific regions
* Must be resilient enough to handle the outage of an entire OCI region

• A. OCl DNS,' Traffic Management with Load Balancer steering policy, Health Checks
• B. OCl DNS, Traffic Management with Failover steering policy
• C. OCl DNS, Traffic Management with Geolocation steering policy
• D. OCl DNS, Traffic Management with Geolocation steering policy. Health Checks

Answer: D

Explanation:
GEOLOCATION STEERING
Geolocation steering policies distribute DNS traffic to different endpoints based on the location of the end user. Customers can define geographic regions composed of originating continent, countries or states/provinces (North America) and define a separate endpoint or set of endpoints for each region. Combine with Oracle Health Checks to fail over from one region to another

 

NEW QUESTION 29
A fast growing E-commerce company has deployed their online shopping application on Oracle Cloud Infrastructure. The application was deployed on compute instances with Autoscaling configuration for application servers fronted by a load balancer and OCI Autonomous Transaction Processing (ATP) in the backend. In order to promote their e-commerce platform 50% discount was announced on all the products for a limited period. During the day 1 of promotional period it was observed that the application is running slow and company's hotline is flooded with complaints.
What could be two possible reasons for this situation?

• A. The health check on some of the backend servers has failed and the load balancer was rebooting these servers.
• B. Autoscaling has already scaled to the maximum number of instances specified in the configuration and there is no room for scaling further.
• C. The health check on some of the backend servers has failed and the load balancer has taken those servers temporarily out of rotation.
• D. As part of Autoscaling, the load balancer shape has dynamically changed to a larger shape to handle more incoming traffic and the system was slow for a short time during this change.

Answer: B,C

 

NEW QUESTION 30
You have an application running in Microsoft Azure and want to use Oracle Autonomous Data warehouse (ADW) instance for running business analytics.
How can you build a secure solution for such a use-case?

• A. Setup an interconnect between OCI and Microsoft Azure using FastConnect and ExpressRoute. Use a Service Gateway in OCI Virtual Cloud Network to provide connectivity to the Oracle ADW instance for the application in Microsoft Azure VNet.
• B. Create a software VPN connection between Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) and Microsoft Azure Virtual Network (VNet) and connect the application with Oracle ADW instance.
• C. Create a software Remote Peering Connection between Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) and Microsoft Azure Virtual Network (VNet) and connect the application with Oracle ADW instance.
• D. Connect the Oracle ADW in your VCN to the Microsoft Azure VNet over the internet.

Answer: A

 

NEW QUESTION 31
......

New 1z0-997-22 Exam Dumps with High Passing Rate: https://passtorrent.testvalid.com/1z0-997-22-valid-exam-test.html