[Feb-2022] Verified Oracle 1z0-997-21 Bundle Real Exam Dumps PDF
1z0-997-21 Dumps PDF New [2022] Ultimate Study Guide
Oracle 1z0-997-21 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
NEW QUESTION 66
Many development engineers are deploying new instances as part of their projects in Oracle Cloud Infrastructure tenancy, but majority of these instances have not been tagged. You as an administrator of this tenancy want to enforce tagging to identify owners who are launching these instances.
Which option below should be used to implement this requirement?
- A. Create tag variables for each compartment to automatically tag a resource with user name.
- B. Create a predefined tag with tag variables to automatically tag a resource with usemame.
- C. Create an IAM policy to automatically tag a resource with the usemame.
- D. Create a default tag for each compartment which ensure appropriate tags are allowed at resource creation.
Answer: B
NEW QUESTION 67
Which three scenarios are suitable for the Oracle Infrastructure (OCI) Autonomous transaction Processing Server less (ATP-S) deployment?
- A. A manufacturing company is running Oracle E-Business Suite application on premises. They are looking to move this application to OCI and they want to use a managed database offering for their database tier.
- B. A small startup is deploying a new application fen eCommerce and it requires database to store customers' transactions the team b of what the load will look like since it is a new application. (Correct)
- C. A developer working on an Internal project needs to use a database during work hours but doesn't need It during nights or weekends. the project budget requires her to keep costs low. (Correct)
- D. well established, online auction marketplace is running an application where there is database usage 24*7 but also has peaks of activity that the hard to predict when the peaks happen, the total activities may reach 3 times the normal activity level (Correct)
- E. A midsize company is considering migrating its legacy on premises MongoDB database to Oracle Cloud Infrastructure (OCI). The database has significantly higher workloads on weekends than weekdays
Answer: B,C,D
Explanation:
MongoDB is a cross-platform document-oriented database program. Classified as a NoSQL database program, MongoDB uses JSON-like documents with schema, so the best to be migrated to Oracle NoSQL Database.
https://blogs.oracle.com/nosql/migrate-mongodb-data-to-oracle-nosql-database Autonomous transaction Processing Serverless (ATP-S) isn't supported yet for EBS database
NEW QUESTION 68
A hospital in Austin has hosted its web based medical records portal entirely In Oracle cloud Infrastructure (OCI) using Compute Instances for its web-tier and DB system database for its data tier. To validate compliance with Health Insurance Portability and Accountability (HIPAA), the security professional to check their systems it was found that there are a lot of unauthorized coming requests coming from a set of IP addresses originating from a country in Southeast Asia.
Which option can mitigate this type of attack?
- A. Mitigate the attack by changing the Route fable to redirect the unauthorized traffic to a dummy Compute instance
- B. Block the attacking IP address by implementing a OCI Web Application Firewall policy using Access Control Rules
- C. Block the attacking IP address by creating by Network Security Group rule to deny access to the compute Instance where the web server Is running
- D. Block the attacking IP address by creating a Security List rule to deny access to the subnet where the web server Is running
Answer: B
Explanation:
WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications.
WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.
As a WAF administrator you can define explicit actions for requests that meet various conditions. Conditions use various operations and regular expressions. A rule action can be set to log and allow, detect, or block requests
NEW QUESTION 69
A customer has a Virtual Machine instance running in their Oracle Cloud Infrastructure tenancy. They realized that they wrongly picked a smaller shape for their compute instance. They are reaching out to you to help them fix the issue.
Which of the below options is best recommended to suggest to the customer?
- A. Change the shape of the virtual machine instance using the Change Shape feature available in the console.
- B. Change the shape of instance without reboot, but stop all the applications running on instance beforehand to prevent data corruption.
- C. Delete the running instance and spin up a new instance with the desired shape.
- D. OCI doesn't allow such an operation.
Answer: A
Explanation:
Explanation
You can change the shape of a virtual machine (VM) instance without having to rebuild your instances or redeploy your applications. This lets you scale up your Compute resources for increased performance, or scale down to reduce cost.
When you change the shape of an instance, you select a different processor, number of cores, amount of memory, network bandwidth, and maximum number of VNICs for the instance. The instance's public and private IP addresses, volume attachments, and VNIC attachments remain the same.
NEW QUESTION 70
A large E-commerce company is looking to run seasonal workloads in Oracle Cloud Infrastructure. The Oracle database used by their E-commerce application can use up to 52 cores at peak workloads. Due to the seasonal nature of the business, the database will be not be used for 10 months in a year and can also be shut down during non-business hours.
- A. Oracle Cloud Infrastructure Bare Metal DB Systems
- B. Autonomous Transaction Processing with shared Exadata infrastructure
- C. Oracle Cloud Infrastructure Exadata DB Systems
- D. Oracle Cloud Infrastructure Virtual Machine DB Systems
Answer: B
NEW QUESTION 71
A startup company is looking for a solution for processing of data transmitted by the IOT devices fitted to transport vehicles that carry frozen foods. The data should be consumed and processed in real time. The processed data should be archived to OCI Object Storage bucket. and use Autonomous Data warehouse (ADW) to handle analytics.
Which architecture will help you meet this requirement?
- A. Use OCI Streaming Service to collect the incoming biometric data. Use an open source Hadoop cluster to analyze the data horn streaming service. Store the results to OCI Autonomous Data warehouse (ADW) to handle complex analytics
- B. Use OCI Streaming Service to collect the incoming biometric data. Use Oracle Functions to process the date and show the results on a real-time dashboard and store the results lo OCI Object Storage Store the data In OCI Autonomous Data warehouse (ADW) to handle analytics.
- C. Launch an open source Hadoop cluster to collect the Incoming biometrics data Use an Open source Fluentd cluster to analyze the- data me results to OCI Autonomous Transaction Processing (ADW)to handle complex analytics
- D. Create an OCI Object Storage bucket to collect the incoming biometric data from the smart pet collar Fetch the data horn OC\ Object storage to OCI Autonomous Data Warehouse (ADW) every day and run analytics Jobs with it
Answer: B
Explanation:
Real-time processing of high-volume streams of data
- OCI Streaming service provides a fully managed, scalable, durable storage option for continuous, highvolume streams of data that you can consume and process in real-time
- Use cases
Log and Event data collection
Web/Mobile activity data ingestion
IoT Data streaming for processing and alerts
Messaging: use streaming to decouple components of large systems
- Oracle managed service with REST APIs (Create, Put, Get, Delete)
- Integrated Monitoring
NEW QUESTION 72
Which of the following features is NOT supported by Oracle Cloud Infrastructure Multi-factor authentication (MFA)?
- A. Users can disable MFA for their own accounts.
- B. Members of the Administrators group can disable MFA for other users.
- C. Members of the Administrators group can enable MFA for other users.
- D. Only the user can enable MFA for their own account.
Answer: C
NEW QUESTION 73
You are responsible for migrating your on premises legacy databases on 11.2.0.4 version to Autonomous Transaction Processing Dedicated (ATP-D) In Oracle Cloud Infrastructure (OCI). As a solution architect, you need to plan your migration approach.
Which two options do you need to implement together to migrate your on premises databases to OCI?
- A. Retain all legacy structures and unsupported features (e.g. taw U>Bs) In the onuses databases for migration.
- B. Use Oracle GoldenGate replication to keep on premises database online during migration.
- C. Convert on-premises databases to PDB, upgrade to 19c, and encrypt Migration.
- D. Use Oracle Data Guard to keep on premises database always active during migration
- E. Retain changes to Oracle shipped privileges, stored procedures or views In the on-premises databases.
Answer: B,C
Explanation:
Autonomous Database is an Oracle Managed and Secure environment.
A physical database can't simply be migrated to autonomous because:
- Database must be converted to PDB, upgraded to 19c, and encrypted
- Any changes to Oracle shipped privileges, stored procedures or views must be removed
- All legacy structures and unsupported features must be removed (e.g. legacy LOBs) GoldenGate replication can be used to keep database online during migration
NEW QUESTION 74
A large London based eCommerce company is running Oracle DB System Virtual RAC database on Oracle Cloud Infrastructure (OCI) for their eCommerce application activity. They are launching a new product soon, which is expected to sell in large quantities all over the world.
The application architecture should have minimal cost, no data loss, no performance impacts during the database backup windows and should have minimal downtime.
- A. Turn off automatic backups from the eCommerce database, implement Oracle Active Data Guard with the standby database deployed on another availability domain, and take backups from the standby database.
- B. Launch a new VM RAC database in another availability domain, launch a compute instance, deploy Oracle GoldenGate on it and then configure it to replicate the data from the eCommerce Database over to the new RAC database using GoldenGate. Take backups from the new VM RAC database.
- C. Turn off automated backups from the eCommerce database, implement Oracle Data Guard with the Standby database deployed on another availability domain, take backups from the standby database.
- D. Launch a new VM RAC database in another availability domain, launch a compute instance, deploy Oracle GoldenGate on it and then configure bi-directional replication from the eCommerce Database over to the new VM RAC database using GoldenGate. Take backups from the new VM RAC database.
Answer: D
Explanation:
Active Data Guard or GoldenGate are used for disaster recovery when fast recovery times or additional levels of data protection are required. And offload queries and backup to standby system.
Oracle GoldenGate to support a disaster recovery site is to have a working bi-directional data flow, from the primary system to the live-standby system and vice versa.
DataGuard and Automatic Backup
You can enable the Automatic Backup feature on a database with the standby role in a Data Guard association. However, automatic backups for that database will not be created until it assumes the primary role.
NEW QUESTION 75
You have been asked to implement a bespoke financial application in Oracle Cloud Infrastructure using virtual machine instances controlled by Autoscaling across multiple Availability Domains. The application stores transaction logs, intermediate transaction data, and audit data and needs to store this on a persistent, durable data store accessible from all of the application servers. The application requires the file system to be mounted in the /audit folder on the Linux file system. The system needs to tolerate the failure of two or more Fault Domains and still maintain data integrity. The solution should be as low maintenance as possible.
What storage architecture should you suggest?
- A. Use File Storage Service(FSS). Configure FSS to operate from all Availability Domains the application servers operate in and mount the file system in the /audit folder.
- B. Implement a single instance and install an NFS server, configure and create an NFS share, and mount this as /audit on the application instances.
- C. Use locally attached NVMe instances and configure RAID 0 replication between servers.
- D. Store the data on Oracle Object Storage mounted at the /audit mount point on all the Linux instances using the default mount options.
Answer: A
NEW QUESTION 76
You have created compartment called Dev for developers. There are two IAM groups for developers: group-devl and group-dev2. You need to write an Identity and Access Management (IAM) policy to give users in these groups access to manage all resources in the compartment Dev.
Which of the following IAM policy will accomplish this?
- A. Allow any-user to manage all resources in tenancy where target.comparment= Dev
- B. Allow group /group-dev*/ to manage all resources in compartment Dev
- C. Allow group group-devl group-dev2 to manage all resources in compartment Dev
- D. Allow any-user to manage all resources in compartment Dev where request.group= /group-dev*/
Answer: C
NEW QUESTION 77
You notice that a majority of your Oracle Cloud Infrastructure (OCI) resources like compute instances, block volumes, and load balancers are not tagged. You have received a mandate from your CIO to add a predefined set of tags to identify owners for respective OCI resources. E.g. if Chris and Larry each create compute instances in a compartment, the instances that Chris creates include tags that contain his name as the value, while the instances that Larry creates have his name.
Which option is the simplest way to implement this new tagging requirement?
- A. Create tag variables to automatically tag a resource with the user name.
- B. Create a default tag for each compartment, which ensure that appropriate tags are applied at the time of resource creation.
- C. Create an OCI Identity and Access Management policy to automatically tag a resource with the user name.
- D. Create an OCI Identity and Access Management policy requiring users to tag resources with their user name.
Answer: A
NEW QUESTION 78
You are tasked with migrating an online shopping website to Oracle Cloud Infrastructure (OCI) and decide to use a Load Balancer. You have configured the backend set with the round robin policy. During the testing phase, you noticed that users are losing items from their shopping carts when they navigate to different pages.
How should you implement a solution to this problem?
- A. Set up a Traffic Management Steering Policy to redirect traffic to a different backend set that is deployed exclusively for the purpose of holding all Items placed in the shopping cart.
- B. Set up session persistence at the Load Balancer backend set.
- C. Configure a set of path route rules that will route to different backend sets based on the URI requested by the customer's browser.
- D. Replace the round robin policy with least connections policy at the backend set.
Answer: D
NEW QUESTION 79
A cloud consultant is working on a implementation project on Oracle Cloud Infrastructure (OCI). As part of the compliance requirements, the objects placed in OCI Object Storage should be automatically archived first and then deleted. He is testing a lifecycle policy on Object Storage and created a policy as below:
What will happen after this policy is applied?
- A. All the objects with names starting with "doc" will be archived 5 days after object creation and will be deleted 5 days after archival.
- B. All objects with names starting with "doc" will be deleted after 5 days of object creation.
- C. All the objects having file extension "doc" will be archived 5 days after object creation.
- D. All the objects having file extension "doc" will be archived for 5 days and will be deleted 10 days after object creation.
Answer: B
NEW QUESTION 80
After performing maintenance on an Oracle Linux compute instance the system is returned to a running state You attempt to connect using SSH but are unable to do so. You decide to create an instance console connection to troubleshoot the issue.
Which three tasks would enable you to connect to the console connection and begin troubleshooting?
- A. edit the Linux boot menu to enable access to console.
- B. Upload an API signing key for console connection authentication.
- C. Reboot the compute instance using the Oracle Cloud Infrastructure (OCI) Management Console
- D. Use SSH to connect to the public: IP address of the compute Instance and provide the console connection OCID as the username.
- E. Use SSH to connect to the service endpoint of the console connection service
- F. Stop the compute Instance using the Oracle cloud Infrastructure (OCI) Command Line interface (CLI).
Answer: A,C,E
Explanation:
The Oracle Cloud Infrastructure Compute service provides console connections that enable you to remotely troubleshoot malfunctioning instances, such as:
An imported or customized image that does not complete a successful boot.
A previously working instance that stops responding.
the steps to connect to console and troubleshoot the OS Issue
1- Before you can connect to the serial console you need to create the instance console connection.
Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
Click the instance that you're interested in.
Under Resources, click Console Connections.
Click Create Console Connection.
Upload the public key (.pub) portion for the SSH key. You can browse to a public key file on your computer or paste your public key into the text box.
Click Create Console Connection.
When the console connection has been created and is available, the status changes to ACTIVE.
2- Connecting to the Serial Console
you can connect to the serial console by using a Secure Shell (SSH) connection to the service endpoint of the console connection service Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
Click the instance that you're interested in.
Under Resources, click Console Connections.
Click the Actions icon (three dots), and then click Copy Serial Console Connection for Linux/Mac.
Paste the connection string copied from the previous step to a terminal window on a Mac OS X or Linux system, and then press Enter to connect to the console.
If you are not using the default SSH key or ssh-agent, you can modify the serial console connection string to include the identity file flag, -i , to specify the SSH key to use. You must specify this for both the SSH connection and the SSH ProxyCommand, as shown in the following line:
ssh -i /<path>/<ssh_key> -o ProxyCommand='ssh -i /<path>/<ssh_key> -W %h:%p -p 443...
Press Enter again to activate the console.
3- Troubleshooting Instances from Instance Console Connections
To boot into maintenance mode
Reboot the instance from the Console.
When the reboot process starts, switch back to the terminal window, and you see Console messages start to appear in the window. As soon as you see the GRUB boot menu appear, use the up/down arrow key to stop the automatic boot process, enabling you to use the boot menu.
In the boot menu, highlight the top item in the menu, and type e to edit the boot entry.
In edit mode, use the down arrow key to scroll down through the entries until you reach the line that starts with either linuxefi for instances running Oracle Autonomous Linux 7.x or Oracle Linux 7.x, or kernel for instances running Oracle Linux 6.x.
At the end of that line, add the following:
init=/bin/bash
Reboot the instance from the terminal window by entering the keyboard shortcut CTRL+X.
NEW QUESTION 81
An Oracle Cloud Infrastructure (OCI) Public Load Balancer's SSL certificate is expiring soon. You noticed the Load Balancer is configured with SSL Termination only. When the certificate expires, data traffic can be interrupted and security compromised.
What steps do you need to take to prevent this situation?
- A. Add the new SSL certificate to the Load Balancer and implement end to end SSL so it can encrypt the traffic from clients all the way to the backend servers.
- B. Add the new SSL certificate to the Load Balancer, update backend servers to work with a new certificate and edit listeners so they can use the new certificate bundle.
- C. Add the new SSL certificate to the Load Balancer, update listeners and backend sets so they can use the new certificate bundle.
- D. Add the new SSL certificate to the Load Balancer and update listeners to use the new certificate bundle.
- E. Add the new SSL certificate to the Load Balancer and update backend servers to use the new certificate bundle.
Answer: B
Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/Balance/Tasks/managingcertificates.htm
NEW QUESTION 82
You are working for a Travel company and your travel portal application is a collection of microservices that run on Oracle Cloud Infrastructure Container Engine for Kubernetes. As per the recent security overview, you have noticed that Oracle has published a newer image of the Operating System used by the worker nodes. You want to make sure that your application doesn't face any downtime but at the same time the worker nodes gets upgraded to the latest version of the Operating System.
What should you do to get this upgrade done without application downtime? (Choose the best answer.)
- A. 1. Run kubectl cordon <node name> against all the worker nodes in the old pool to stop any new application pods to get scheduled 2. Run kubectl drain <node name> """"delete""local""data """"force """"ignore""daemonsets to evict any Pods that are running 3. Download the patches for the new Operating System image 4. Patch the worker nodes to the latest Operating System image
- B. 1. Shutdown the worker nodes 2. Create a new node pool 3. Manually schedule the pods on the newly built node pool
- C. 1. Create a new node pool using the latest available Operating System image 2. Run kubectl taint nodes """"all node""role.kubernetes.io/master"" 3. Delete the old node pool
- D. 1. Create a new node pool using the latest available Operating System image. 2. Run kubectl cordon <node name> against all the worker nodes in the old pool to stop any new application pods to get scheduled 3. Run kubectl drain <node name> """"delete""local""data """"force """"ignore""daemonsets to evict any Pods that are running 4. Delete the old node pool
Answer: D
Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengupgradingk8sworkernode.htm
NEW QUESTION 83
An upcoming e-commerce company has deployed their online shopping application on OCI. The application was deployed on compute instances with autoscaling configuration for application servers fronted by a load balancer and OCI Autonomous Transaction Processing (ATP) in the backend.
In order to promote their e-commerce platform 50% discount was announced on all the products for a limited period. During the day 1 of promotional period it was observed that the application is running slow and company's hotline is flooded with complaints.
What could be two possible reasons for this situation?
- A. The health check on some of the backend servers has failed and the load balancer has taken those servers temporarily out of rotation
- B. The health check on some of the backend servers has failed and the load balancer was rebooting these servers.
- C. The autoscaling has already scaled to the maximum number of instances specified in the configuration and there is no room of scaling
- D. As part of autoscaling, the load balancer shape has dynamically changed to a larger shape to handle more incoming traffic and the system was slow for a short time during this change
Answer: A,C
NEW QUESTION 84
You are designing the network infrastructure for an application consisting of a web server (server-1) and a Domain Name Server (server-2) running in two different subnets inside the same Virtual Cloud Network (VCN) in Oracle Cloud Infrastructure (OCI). You have a requirement where your end users will access server-1 from the internet and server-2 from your customer's on-premises network. The on-premises network is connected to your VCN over a FastConnect virtual circuit.
How should you design your routing configuration to meet these requirements?
- A. Configure a single routing table with two set of rules: one that has route to internet via an Internet Gateway and another that propagate specific routes to the on-premises network via a Dynamic Routing Gateway. Associate the routing table with all the VCN subnets.
- B. Configure two routing tables that have rules to route all traffic via a Dynamic Routing Gateway. Associate the two routing tables with all the VCN subnets.
- C. Configure two routing tables: first one with a route to internet via an Internet gateway; associate this route table to the subnet containing server-1 .Configure the second route table to propagate specific routes to the on-premises network via a Dynamic Routing Gateway; associate this route table to subnet containing server-2.
- D. Configure a single routing table with two set of rules: one that has route to internet via an Internet Gateway and another that propagates specific routes for the on-premises network via a Dynamic Routing Gateway. Don't associate this routing table with any of the subnets in the VCN.
Answer: C
NEW QUESTION 85
Your customer has gone through a recent departmental re structure. As part of this change, they are organizing their Oracle Cloud Infrastructure (OCI) compartment structure to align with the company's new organizational structure.
They have made the following change:
Compartment x Is moved, and its parent compartment is now compartment c.
Policy defined in compartment A: Allow group networkadmins to manage subnets in compartment X Policy defined in root compartment: Allow group admins to read subnets in compartment Finance:A:X After you move the compartment, which two IAM policies would be required to ensure both groups retain the same permissions to compartment X that they had before? (Choose two.)
- A. Define a policy in compartment HR as follows: Allow group networkadmins to manage subnets in compartment C:X.
- B. Define a policy in the root compartment as follows: Allow group admins to read subnets in compartment HR:C:X
- C. Define a policy in the root compartment as follows: Allow group admins to manage subnets in compartment Finance:A:X
- D. Define a policy in compartment C as follows: Allow group networkadmins to read subnets in compartment X
Answer: A,B
NEW QUESTION 86
......
Pass Your Oracle Exam with 1z0-997-21 Exam Dumps: https://www.fast2test.com/1z0-997-21-premium-file.html