OCI Architect Associate Questions #1 Flashcards
Your company has been running several small applications in OCI and is planning a Proof-of-Concept (POC) to deploy PeopleSoft (PSFT). If your existing resources are being maintained in the root compartment, what is the recommended approach for defining security for the upcoming POC?
Create a new compartment for the POC and grant appropriate permissions to create and manage resources within the compartment.
You have been tasked with creating one Virtual Cloud Network (VCN) each for 2 Large Object (LOB) apps.
LOB A and LOB B will need to communicate with each other. To ensure that you can utilize VCN peering, which network Classless Inter-Domain Routing (CIDR) ranges should be used?
VCN A (10.0.0.0/16) and VCN B (10.1.0.0/16)
Which service would you use if your big data workload required shared access and Network File System (NFS) based connectivity?
File Storage
You have hired a new employee to run reports from the ADW and are not confident in their SQL writing ability. Into which consumer group will you assign this individual to minimize the impact of their code?
Low
You deployed a compute instance (VM.Standard2.16) to run a SQL database. After a few weeks, you need to increase disk performance by using Non-Volatile Memory Express (NVMe) disks; the number of Critical Patch Updates (CPUs) will not change. As a first step, you terminate the instance and preserve the boot volume.
What is the next step?
Create a new instance using a VM.DenseIO2.16 shape using the preserved boot volume and move the SQL Database data to NVMe disks.
You have provisioned an ATP database and logged into the ATP service console. What are the three abilities that can be performed from this service console?
Reset the admin password.
Set resource management rules.
Monitor database activity and SQL queries.
Where do you find the tnsnames.ora for your ADW database?
The tnsnames.ora file is included in credentials.zip file that you download from the service console of ADW.
Which statement is true regarding ATP?
A database name cannot be used concurrently for both an ADW and an ATP database.
Which two resources reside exclusively in a single availability domain?
Compute Instance
Block Volume
Which two use the Dynamic Routing Gateway (DRG) for connectivity?
Remote VCN peering across region
Oracle IPSec VPN
You are running a mission-critical DB app in OCI. You take regular backups of your DB system to OCI object storage. Recently, you notice a failed DB backup status in the console.
What two steps can you take to determine the cause of the backup failure?
Ensure that your database host can connect to the OCI object storage.
Restart the dcsagent program if it has a status of stop or waiting.
Which statement is true about OCI FastConnect?
For private peering, FastConnect extends your existing infrastructure to a VCN.
Which two actions will occur when a backend server that is registered with a backend set is marked to drain connections?
It disallows new connections to that backend server.
Keeps the connections to that instance open and attempts to complete any in-flight requests.
Which two statements are true about restoring a block volume from a manual or policy-based block volume backup?
It can be restored as new volumes with different sizes from the backup.
It can be restored as a new volume to any AD in the same region.
In what two ways does OCI File Storage service differ from OCI Object Storage and Block Volume services?
File Storage uses the Network File System (NFS) protocol, whereas block volume uses ISCSI (Small Computer System Interface).
You can move object storage buckets, block volumes and file storage mount targets between compartments.
You have been notified of an application failure indicating that one or more of the OCI resources have become unavailable. After scanning the Compute and Database consoles, you notice that one of the DB Systems is missing.
What would you do to identify the reason for this missing resource?
Navigate to the Audit console and search the previous 24 hours for all Delete actions to get a list of any resource that was deleted in the past 24 hours.
Which two statements are true about adding secondary VNICs to an existing compute instance?
The primary and secondary VNIC association must be in the same availability domain.
The primary and secondary VNIC association can be in different VCNs.
You are designing a high bandwidth, with a redundant connection between your data center and OCI. While researching for OCI FastConnect locations, you notice that you are co-located with Oracle at one of the Oracle FastConnect locations in the Ashburn region.
What is the recommended design in this scenario?
Create a cross-connect group and have at least two or more cross-connects in that group. Create at least two or more virtual circuits in the group.
You have created a VCN with 3 private subnets, 2 of the subnets contain application servers, and the 3rd subnet contains a DB System. The application requires a shared file system, so you have provisioned one using the File Storage Service (FSS). You also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that both app servers and the DB System can access the file system. The security team determines that the DB System should have read-only access to the file system.
What change would you make to satisfy this requirement?
Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet.
Which two OCI database services allow you to dynamically scale CPU and storage?
Autonomous Data Warehouse (ADW)
Autonomous Transaction Processing (ATP)
Your company has decided to move a few applications to OCI, and you have been asked to design a cloud-based DR solution. One of the requirements is to deploy the DR resources at least 300 miles from the home OCI region and minimize the network latency.
What will be the recommended deployment?
Deploy production and DR applications in 2 separate VCNs, each in different regions. Connect them using a VCN remote peering connection.
Which two statements are true about encryption on OCI?
By default, object storage and block storage are encrypted at rest.
By default, DB Systems offers an encrypted database.
Which two options are available when setting up DNS for your bare metal and VM DB Systems?
Custom resolver
Internet and VCN resolver
You are designing a lab exercise for your team that has a large number of graphics with large file sizes. The application becomes unresponsive if the graphics are embedded in the application. You have uploaded the graphics to OCI and only added the URL in the application. You need to ensure these graphics are accessible without requiring any authentication for an extended period of time.
How can you achieve these requirements?
Make the object storage bucket public and use the URL found in the Object “Details”
You are deploying a highly available web application in OCI and have decided to use a public load balancer. The back-end web servers will be distributed across all 3 ADs.
How many subnets should you create to deliver a secure, highly available application?
2 subnets in total; 1 regional private subnet to host your back-end web servers & 1 regional public subnet to host your public load load balancer.