Oracle Cloud Infrastructure 2024Cloud Operations Professional - 1z0-1067-24 Exam Practice Test
Recently, your e-commerce web application has been receiving significantly more traffic than usual. Users are reporting they often encounter a 503 Service Error when trying to access your site. Sometimes the site is very slow. You check your instance pool configuration to con-firm that the maximum number of instances is configured to allow 20 compute instances. Currently, 14 compute instances have been provisioned by the instance pool. You also confirm that current CPU utilization across all hosts exceeds the scale-out threshold you set in your auto-scaling policy. However, the instance pool is not provisioning any new instances. What can you check to determine why the application is NOT functioning properly? (Choose the best answer.)
Correct Answer: D
Vote an answer
Your company hosts an application on many compute instances in the same subnet in OCI. You have an Ansible playbook to ensure that all instances have the latest versions of dependencies installed.
Which three are required to run the playbook in OCI Cloud Shell?
Which three are required to run the playbook in OCI Cloud Shell?
Correct Answer: C,D,E
Vote an answer
One of the compute instances that you have deployed on Oracle Cloud Infrastructure (OCI) is malfunctioning. You have created a console connection to remotely troubleshoot it. Which two statements about console connections are TRUE? (Choose two.)
Correct Answer: C,E
Vote an answer
Which option is NOT a possible return value for an OCI health check?
Correct Answer: C
Vote an answer
You run a large global application with 90% of customers based in the US and Canad a. You want to be able to test a new feature and allow a small percentage of users to access the new version of your application. What Oracle Cloud Infrastructure Traffic Management steering policy should you utilize? (Choose the best answer.)
Correct Answer: B
Vote an answer
Multiple teams are sharing a tenancy in Oracle Cloud Infrastructure (OCI). You are asked to figure out an appropriate method to manage OCI costs. Which is NOT a valid technique to accurately attribute costs to resources used by each team? (Choose the best answer.)
Correct Answer: D
Vote an answer
SIMULATION
Scenario: 3 (Use the OCI CLI to Work with Object Storage from a Compute Instance) Scenario Description: (Hands-On Performance Exam Certification) Your company runs a web application in OCI that generates log files. You want to upload these files to OCI Object Storage to meet data retention requirements. Some files need to be retained indefinitely, whereas others can be deleted after 30 days. Use the OCI CLI to create bucket and upload the log directory and create a lifecycle policy rule to delete temporary files after 30 days.
Pre-Configuration:
To fulfill this requirement, you are provided with the following:
Access to an OCI tenancy, an assigned compartment, and OCI credentials
A compute instance with OCI CLI installed and a set of files in ~/dir_to_upload to use Access to the OCI Console Required IAM policies Assumptions:
Perform the tasks by using the OCI CLI on the compute instance.
Use instance principal authentication for all CLI commands; the instance has been given the policies necessary.
Connect to the compute instance using Cloud Shell's private networking and the provided SSH key.
An SSH key pair has been provided to you for the compute instance.
Private Key https://objectstorage.us-ashburn-1.oraclecloud.com/n/tenancyname/b/PBT_Storage/o/PKey.key Note: Throughout your exam, ensure to use assigned Compartment , User Name and Region.
Complete the following tasks in the provisioned OCI environment:
Task 1: Create a Bucket in Object Storage
Task 2: Upload a Directory's Contents to Object Storage
Task 3: Add a Lifecycle Policy to the Bucket
Scenario: 3 (Use the OCI CLI to Work with Object Storage from a Compute Instance) Scenario Description: (Hands-On Performance Exam Certification) Your company runs a web application in OCI that generates log files. You want to upload these files to OCI Object Storage to meet data retention requirements. Some files need to be retained indefinitely, whereas others can be deleted after 30 days. Use the OCI CLI to create bucket and upload the log directory and create a lifecycle policy rule to delete temporary files after 30 days.
Pre-Configuration:
To fulfill this requirement, you are provided with the following:
Access to an OCI tenancy, an assigned compartment, and OCI credentials
A compute instance with OCI CLI installed and a set of files in ~/dir_to_upload to use Access to the OCI Console Required IAM policies Assumptions:
Perform the tasks by using the OCI CLI on the compute instance.
Use instance principal authentication for all CLI commands; the instance has been given the policies necessary.
Connect to the compute instance using Cloud Shell's private networking and the provided SSH key.
An SSH key pair has been provided to you for the compute instance.
Private Key https://objectstorage.us-ashburn-1.oraclecloud.com/n/tenancyname/b/PBT_Storage/o/PKey.key Note: Throughout your exam, ensure to use assigned Compartment , User Name and Region.
Complete the following tasks in the provisioned OCI environment:
Task 1: Create a Bucket in Object Storage
Task 2: Upload a Directory's Contents to Object Storage
Task 3: Add a Lifecycle Policy to the Bucket
Correct Answer:
See the solution below with Step by Step Explanation
Explanation:
Task 1: Create a Bucket in Object Storage
Create a bucket named CloudOpsBucket_<user id> with the following properties:
Storage tier: Standard
Auto-tiering: Disabled
Object versioning: Enabled
Emit events: Disabled
Keys: Oracle-managed
Visibility: Private
Task 2: Upload a Directory's Contents to Object Storage
Upload the contents of the directory ~/dir_to_upload and its subdirectories to the bucket CloudOpsBucket Task 3: Add a Lifecycle Policy to the Bucket Create a lifecycle policy rule that deletes all files from ~/dir_to_upload/temp after 30 days Task 1: Create a bucket in Object Storage
1. Open Cloud Shell in the console. Under Network along the top, select Ephemeral Private Network Setup.
2. Select the subnet of the compute instance.
3. SSH into the compute instance using the provided SSH key:
ssh -i /path/to/key opc@<private_ip>
4. In the compute instance, create the bucket with the following command (note that it's one long line):
oci os bucket create -c "<compartment_id>" --name "CloudOpsBucket" --auth instance_principal --versioning 'Enabled' Task 2: Upload a directory's contents to Object Storage
1. Upload the contents of the specified directory and subdirectories with the following command (note that it's one long line):
oci os object bulk-upload -bn "CloudOpsBucket" --src-dir "~/dir_to_upload" --auth instance_principal Task 3: Add a lifecycle policy to the bucket
1. Create a file named rule.json
2. Add the following content to rule.json:
{"items": [{"action": "DELETE","is-enabled": true,"name": "Delete-Rule","object-name-filter": {"exclusion-patterns": null,"inclusion-patterns": null,"inclusion-prefixes": ["temp/"]},"target": "objects","time-amount": 30,"time-unit": "DAYS"}]}
3. Add the lifecycle policy rule with the following command:
oci os object-lifecycle-policy put -bn "CloudOpsBucket" --from-json file://rule.json --auth instance_principal Top of Form
Explanation:
Task 1: Create a Bucket in Object Storage
Create a bucket named CloudOpsBucket_<user id> with the following properties:
Storage tier: Standard
Auto-tiering: Disabled
Object versioning: Enabled
Emit events: Disabled
Keys: Oracle-managed
Visibility: Private
Task 2: Upload a Directory's Contents to Object Storage
Upload the contents of the directory ~/dir_to_upload and its subdirectories to the bucket CloudOpsBucket Task 3: Add a Lifecycle Policy to the Bucket Create a lifecycle policy rule that deletes all files from ~/dir_to_upload/temp after 30 days Task 1: Create a bucket in Object Storage
1. Open Cloud Shell in the console. Under Network along the top, select Ephemeral Private Network Setup.
2. Select the subnet of the compute instance.
3. SSH into the compute instance using the provided SSH key:
ssh -i /path/to/key opc@<private_ip>
4. In the compute instance, create the bucket with the following command (note that it's one long line):
oci os bucket create -c "<compartment_id>" --name "CloudOpsBucket" --auth instance_principal --versioning 'Enabled' Task 2: Upload a directory's contents to Object Storage
1. Upload the contents of the specified directory and subdirectories with the following command (note that it's one long line):
oci os object bulk-upload -bn "CloudOpsBucket" --src-dir "~/dir_to_upload" --auth instance_principal Task 3: Add a lifecycle policy to the bucket
1. Create a file named rule.json
2. Add the following content to rule.json:
{"items": [{"action": "DELETE","is-enabled": true,"name": "Delete-Rule","object-name-filter": {"exclusion-patterns": null,"inclusion-patterns": null,"inclusion-prefixes": ["temp/"]},"target": "objects","time-amount": 30,"time-unit": "DAYS"}]}
3. Add the lifecycle policy rule with the following command:
oci os object-lifecycle-policy put -bn "CloudOpsBucket" --from-json file://rule.json --auth instance_principal Top of Form
All the developers in a DevOps team are using the same compartment called 'devops'. There are two IAM groups: 'group-devs' and 'group-ops'. Which of the following IAM policy will give users in both these groups access to manage all resources in the compartment?
Correct Answer: A
Vote an answer
You set up a bastion host in your Virtual Cloud Network (VCN) to allow only your IP ad-dress (140.19.2.140) to establish SSH connections with your compute instances that are deployed in a private subnet. The compute instances have an attached Network Security Group (NSG) with a Source Type: Network Security Group (NSG), Source NSG: NSG-050504. To secure the bastion host, you add the following ingress rules to its NSG: Type: All TCP Proto-col: TCP Port Range: 22 Source: 140.19.2.140/32 Type: All TCP Protocol: TCP Port Range: 22 Source: NSG-050504 However, when you check the bastion host logs, you discover that there are IP addresses other than your own that can access your bastion host. What is the root cause of this issue?
Correct Answer: C
Vote an answer
To upload a file from a compute instance into Object Storage, you SSH into the compute instance and run the following OCI CLI command: oci os object put -ns mynamespace -bn mybucket --name myfile.txt --file /Users/me/myfile.txt --auth instance_principal Which statement must be true for this command to succeed?
Correct Answer: C
Vote an answer