Download Oracle Cloud Infrastructure 2019 Architect Professional.CertDumps.1Z0-997.2020-06-08.1e.48q.vcex

Download Exam

File Info

Exam Oracle Cloud Infrastructure (OCI) 2019 Architect Professional
Number 1Z0-997
File Name Oracle Cloud Infrastructure 2019 Architect Professional.CertDumps.1Z0-997.2020-06-08.1e.48q.vcex
Size 1017 Kb
Posted June 08, 2020
Downloads 43
Download Oracle Cloud Infrastructure 2019 Architect Professional.CertDumps.1Z0-997.2020-06-08.1e.48q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1

Your organization is planning on using Oracle Cloud Infrastructure (OCI) File Storage Service (FSS). You will be deploying multiple compute instance in Oracle Cloud Infrastructure (OCI) and mounting the file system to these compute instances. 
The file system will hold payment data processed by a Database instance and utilized by compute instances to create a overall inventory report. You need to restrict access to this data for specific compute instances and must be allowed/blocked per compute instance's CIDR block. 
Which option can you use to secure access?

  • A: Use stateless Security List rule to restrict access from known IP addresses only.
  • B: Create a new VCN security list, choose SOURCE TYPE as Service and SOURCE SERVICE as FSS. Add stateless ingress and egress rules for specific P address and CIDR blocks. 
  • C: Use 'Export option' feature of FSS to restrict access to the mounted file systems.
  • D: Create and configure OCI Web Application Firewall service with built in DNS based intelligent routing.

Correct Answer: C

NFS export options enable you to create more granular access control than is possible using just security list rules to limit VCN access. You can use NFS export options to specify access levels for IP addresses or CIDR blocks connecting to file systems through exports in a mount target. Access can be restricted so that each client's file system is inaccessible and invisible to the other, providing better security controls in multi-tenant environments. 
Using NFS export option access controls, you can limit clients' ability to connect to the file system and view or write data. For example, if you want to allow clients to consume but not update resources in your file system, you can set access to Read Only. You can also reduce client root access to your file systems and map specified User IDs (UIDs) and Group IDs (GIDs) to an anonymous UID/GID of your choice. For more information about how NFS export options work with other security layers

Question 2

A customer has a Virtual Machine instance running in their Oracle Cloud Infrastructure tenancy. They realized that they wrongly picked a smaller shape for their compute instance. They are reaching out to you to help them fix the issue. 
Which of the below options is best recommended to suggest to the customer?

  • A: Delete the running instance and spin up a new instance with the desired shape.
  • B: Change the shape of instance without reboot, but stop all the applications running on instance beforehand to prevent data corruption.
  • C: Change the shape of the virtual machine instance using the Change Shape feature available in the console.
  • D: OCI doesn't allow such an operation.

Correct Answer: C

You can change the shape of a virtual machine (VM) instance without having to rebuild your instances or redeploy your applications. This lets you scale up your Compute resources for increased performance, or scale down to reduce cost. 
When you change the shape of an instance, you select a different processor, number of cores, amount of memory, network bandwidth, and maximum number of VNICs for the instance. The instance's public and private IP addresses, volume attachments, and VNIC attachments remain the same.

Question 3

You are responsible for migrating your on premises legacy databases on version to Autonomous Transaction Processing Dedicated (ATP-D) In Oracle Cloud Infrastructure (OCI). As a solution architect, you need to plan your migration approach. Which two options do you need to implement together to migrate your on premises databases to OCI?

  • A: Use Oracle Data Guard to keep on premises database always active during migration
  • B: Retain changes to Oracle shipped privileges, stored procedures or views In the on-premises databases.
  • C: Use Oracle GoldenGate replication to keep on premises database online during migration.
  • D: Convert on-premises databases to PDB, upgrade to 19c, and encrypt Migration.
  • E: Retain all legacy structures and unsupported features (e.g. taw U>Bs) In the onuses databases for migration.

Correct Answer: CD

Autonomous Database is an Oracle Managed and Secure environment. A physical database can't simply be migrated to autonomous because:
- Database must be converted to PDB, upgraded to 19c, and encrypted 
- Any changes to Oracle shipped privileges, stored procedures or views must be removed 
- All legacy structures and unsupported features must be removed (e.g. legacy LOBs) GoldenGate replication can be used to keep database online during migration

Question 4

You are working as a solutions architect for an online retail store In Frankfurt which uses multiple compute instance VMs spread among three availability domains In the eu-frankfurt-1 region. 
You noticed the website Is having very high traffic, so you enabled autoscaling to sun tee me no f your application but, you observed that one of the availability domains is not receiving any traffic. 
What could be wrong In this situation?

  • A: Autoscaling only works with single availability domains.
  • B: You have to manually acid all three availability domains to your load balancer configuration.
  • C: Autoscaling can be enabled for multiple availability domains only in uk-london t region.
  • D: Autoscaling is using an Instance Pool configured to create instances in two availability Domains.
  • E: You forgot to attach a load balancer to your instance pool configuration.

Correct Answer: D

Autoscaling lets you automatically adjust the number of Compute instances in an instance pool based on performance metrics such as CPU utilization. This helps you provide consistent performance for your end users during periods of high demand, and helps you reduce your costs during periods of low demand. you can associate a load balancer with an instance pool. If you do this, when you add an instance to the instance pool, the instance is automatically added to the load balancer's backend set . After the instance reaches a healthy state (the instance is listening on the configured port number), incoming traffic is automatically routed to the new instance. 
Instance pools let you provision and create multiple Compute instances based off the same configuration, within the same region. 
By default, the instances in a pool are distributed across all fault Domains in a best-effort manner based on capacity. If capacity isn't available in one fault domain, the instances are placed in other fault domains to allow the instance pool to launch successfully. In a high availability scenario, you can require that the instances in a pool are evenly distributed across each of the fault domains that you specify. When sufficient capacity isn't available in one of the fault domains, the instance pool will not launch or scale successfully, and a work request for the instance pool will return an "out of capacity" error. To fix the capacity error, either wait for capacity to become available, or use the UpdateInstancePool operation to update the placement configuration (the availability domain and fault domain) for the instance pool. during create the instance pool you can select the location where you want to place the instances" In the Availability Domain list, select the availability domain to launch the instances in. If you want the instances in the pool to be placed evenly in one or more fault domains, select the Distribute instances evenly across selected fault domains check box. Then, select the fault domains to place the instances in. 

Question 5

To serve web traffic for a popular product, your cloud engineer has provisioned four BM.Standard2.52 instances, event spread across two availability domains in the us-asburn-1 region:
LoadBalancer is used to deliver the traffic across instances. After several months, the product grows even more popular and you need additional compute capacity. As a result, an engineer provisioned two additional VM.Standard2.8 instances. You register the two VM. Standard2. 8 Instances with your load Balancer Backend sot and quickly find that the VM Standard2.8 Instances running at 100% of CPU utilization but the BM.Standard2 .52 
instances have significant CPU capacity that's unused. Which option is the most cost effective and uses instances capacity most effectively?

  • A: Configure your Load Balance, with weighted round robin policy to distribute traffic to the compute instances, with more weight assigned to bare metal instances.
  • B: Configure Autoscaling instance pool with LoadBalancer to add up to 3 more BM.Standard2.52 Instances when triggered. 
    Shut off VM.Standard2.8 instances.
  • C: Route traffic to BM.Standard2.52 and VM Standard2.8 instances directly using DNS and Health Checks. Shut off the load Balances.
  • D: Configure LoadBalancer with two VM Standard2.8 instances and use Autoscalling Instant pool to add up to two additional VM instances. Shut off BM.Standard2.52 instances.

Correct Answer: A

Customer have 4 BM.Standard2.52 and After several months he need additional compute capacity customer find The VM Standard2.8 Instances running at 100% of CPU utilization but the BM.Standard2 .52 instances have significant CPU capacity that unused. so the customer need to check the Load balance policy to make sure the 4 BM and VM is utilize correctly

Question 6

Multiple departments In your company use a shared Oracle Cloud Infrastructure (OCI) tenancy to Implement their projects. 
You are in charge of managing the cost of OCI resources in the tenancy and need to obtain better Insights Into department's usage. Which three options can you implement together to accomplish this?

  • A: Create a budget that matches your commitment amount and an alert at 100 percent of the forecast
  • B: Set up a consolidated budget tracking lags to analyze costs in ,1 granular manner
  • C: Set up different compartments for each department then track and analyze cost per compartment
  • D: Use the billing cost tracking report to analyze costs
  • E: Set up a tag default that automatically applies tags to all specified resources created In a compartment then use these tags for cost analysis. 

Correct Answer: ACE

You can use budgets to track costs in your tenancy. After creating a budget for a compartment, you can set up alerts that will notify you if a budget is forecast to be exceeded or if spending surpasses a certain amount. 
OCI Cost Analysis 
Visualization tools Help understand spending patterns at a glance 
Filter costs by Date, Tags and Compartments 
Trend lines show how spending patterns are changing 
To use Cost Analysis you must be a member of the Administrators group 


Question 7

Your company will soon start moving critical systems Into Oracle Cloud Infrastructure (OCI) platform. These systems will reside in the us-phoenix-1and us-ashburn 1 regions. As part of the migration planning, you are reviewing the company's existing security policies and written guidelines for the OCI platform usage within the company. you have to work with the company managed key. 
Which two options ensure compliance with this policy?

  • A: When you create a new compute instance through OCI console, you use the default options for "configure boot volume" to speed up the process to create this compute instance.
  • B: When you create a new block volume through OCI console, select Encrypt using Key Management checkbox and use encryption keys generated and stored in OCI Key Management Service.
  • C: When you create a new compute instance through OCI console, you use the default shape to speed up the process to create this compute instance.
  • D: When you create a new OCI Object Storage bucket through OCI console, you need to choose "ENCRYPT USING CUSTOMER-MANAGED KEYS" option.
  • E: You do not need to perform any additional actions because the OCI Block Volume service always encrypts all block volumes, boot volumes, and volume backups at rest by using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption.

Correct Answer: BD

Block Volume Encryption 
By default all volumes and their backups are encrypted using the Oracle-provided encryption keys. Each time a volume is cloned or restored from a backup the volume is assigned a new unique encryption key. 
You have the option to encrypt all of your volumes and their backups using the keys that you own and manage using the Vault service.If you do not configure a volume to use the Vault service or you later unassign a key from the volume, the Block Volume service uses the Oracle-provided encryption key instead. 


This applies to both encryption at-rest and in-transit encryption. Object Storage Encryption Object Storage employs 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on the server. Each object is encrypted with its own data encryption key. Data encryption keys are always encrypted with a master encryption key that is assigned to the bucket. Encryption is enabled by default and cannot be turned off. By default, Oracle manages the master encryption key. However, you can optionally configure a bucket so that it's assigned an Oracle Cloud Infrastructure Vault master encryption key that you control and rotate on your own schedule. Encryption: Buckets are encrypted with keys managed by Oracle by default, but you can optionally encrypt the data in this bucket using your own Vault encryption key. To use Vault for your encryption needs, select Encrypt Using Customer-Managed Keys. Then, select the Vault Compartment and Vault that contain the master encryption key you want to use. Also select the Master Encryption Key Compartment and Master Encryption Key. 


Question 8

You have provisioned a new VM.DenseIO2.24 compute instance with local NVMe drives. The compute instance is running production application. This is a write heavy application, with a significant Impact to the business it the application goes down. What should you do to help maintain write performance and protect against NVMe devices failure.

  • A: NVMe drive have built in capability to recover themself so no other actions are required
  • B: Configure RAID 6 for NVMe devices.
  • C: Configure RAID 1 for NVMe devices.
  • D: Configure RAID 10 for NVMe devices.

Correct Answer: D

VM.DeselO2.24 compute instance include locally attached NVMe devices. These devices provide extremely low latency, high performance block storage that is ideal for big data, OLTP, and any other workload that can benefit from high-performance block storage. A protected RAID array is the most recommended way to protect against an NVMe device failure. There are three RAID levels that can be used for the majority of workloads: RAID 1: An exact copy (or mirror) of a set of data on two or more disks; a classic RAID 1 mirrored pair contains two disks RAID 10: Stripes data across multiple mirrored pairs. As long as one disk in each mirrored pair is functional, data can be retrieved RAID 6: Block-level striping with two parity blocks distributed across all member disks If you need the best possible performance and can sacrifice some of your available space, then RAID 10 array is an option.

Question 9

You are working as a solution architect with a global automotive provider who is looking to create a multi-cloud solution They want to run their application tier in Microsoft Azure while utilizing the Oracle DB Systems In the Oracle Cloud Infrastructure (OCI). What is the most fault tolerant and secure solution for this customer?

  • A: Create an Oracle database in OCI Virtual Cloud Network (VCN) and connect to the application tier running In Microsoft Azure over the Internet.
  • B: Create a FastConnect virtual circuit and choose Microsoft Azure from the list of providers available to setup Network connectivity between application tier running in Microsoft Azure Virtual Network and Oracle Databases running In OCI Virtual Cloud (VCN)
  • C: Use OCI Virtual Cloud Network remote peering connection to create connectivity among application tier running in Microsoft Azure Virtual Network and Oracle Databases running in OCI Virtual Cloud Network (VCN).
  • D: Create a VPN connection between the application tie, running in Azure Virtual Network and Oracle Databases running In OCI Virtual Cloud Network (VCN).

Correct Answer: B

Oracle and Microsoft have created a cross-cloud connection between Oracle Cloud Infrastructure and Microsoft Azure in certain regions. This connection lets you set up cross-cloud workloads without the traffic between the clouds going over the internet. 
you can connect your VNet and VCN so that traffic that uses private IP addresses goes over the crosscloud connection. 
For example, the following diagram shows a VNet that is connected to a VCN. Resources in the VNet are running a .NET application that access an Oracle database that runs on Database service resources in the VCN. The traffic between the application and database uses a logical circuit that runs on the cross-cloud connection between Azure and Oracle Cloud Infrastructure. The two virtual networks must belong to the same company and not have overlapping CIDRs. The connection requires you to create an Azure ExpressRoute circuit and an Oracle Cloud Infrastructure FastConnect virtual circuit.

Question 10

A retail company has recently adopted a hybrid architecture. They have the following requirements for their end-to-end Connectivity model between their on-premises data center and Oracle Cloud Infrastructure (OC1) region 
Highly available connection with service level redundancy 
Dedicated network bandwidth with low latency 
Which connectivity setup is the most cost effective solution for this scenario?

  • A: Setup IPsec VPN as your primary connection, and a FastConnect virtual circuit as a backup connection. Use separate edge devices in your on-premises data canter for each connection from your edge devices, advertise more specific routes IPSec VPN, and specific routes through the backup FastConnect virtual circuit.
  • B: Setup FastConnect virtual circuit as your primary connection, and a second FastConnect virtual circuit as a backup connection. Use separate edge devices in your FastConnect physical connectivity is redundant Use a single edge device in your on premises data center for each connection From yc device, advertise more specific routes via primary FastConnect virtual circuit, and less specific routes through t backup FastConnect circuit.
  • C: Setup FastConnect virtual circuit as your primary connection, and an IPSec VPN as a backup connection. Use separate edge devices in your on-premises data center for each connection. From your edge devices, advertise more specific routes through FastConnect virtual circuit, and more specific routes through the backup IPSec VPN path.
  • D: Setup IPSec VPN as your primary connection, and a second IPSec VPN as a backup connection. Use separate edge devices in your on p data center for each connection. From your edge devices, advertise more specific routes via primary IPSec VPN. and less specific rod the backup TPSec VPN.

Correct Answer: C

there are two main requirements for this Customer 
First Highly available connection with service level redundancy and that can achieve by 

3- Redundant FastConnect 






You can buy ProfExam with a 20% discount!


Use ProfExam Simulator to open VCEX and EXAM files