OCI Architect Associate Questions #2 Flashcards
You have multiple apps installed on a compute instance, and these apps generate a large amount of log files. These log files must reside on the boot volume for a min of 15 days. Any files over 15 days do not have to reside on boot volume but must be retained for at least 60 days. The 60-day retention requirement is causing an issue with available disk space.
What are the two recommended methods to provide additional boot volume space for this compute instance?
Create an object storage bucket and use a script that runs daily to move log files older than 15 days to the bucket.
Create a custom image and launch a new compute instance with a larger boot volume size.
You have an app running on OCI. You identified that the read and write operations are slowing your application down enough to impair user access. The application is currently using a VM.Standard1.2 compute without any block storage attached to it.
Which two options allow you to increase disk performance?
Terminate the compute instance, preserving the boot volume. Create a new compute instance using a VM Dense IO shape using the boot volume preserved.
Terminate the compute instance, preserving the boot volume. Create a new compute instance using a VM Standard shape and attach a new block volume to host your application.
You have created a public subnet in a VCN, and your public subnet has a Route Table, a Security List, and an Internet Gateway. However, none of the compute instances can connect to the Internet.
Which two are possible reasons for the connectivity issue?
The Route Table has no default route for routing traffic to the Internet Gateway
There is no stateful egress rule in the Security List associated with the public subnet.
You have successfully configured the identity federation between OCI and IDCS. A new project manager wants access to OCI for her team and provides the name of an existing group within IDCS to use when granting access.
How do you configure federation to allow the project team access to OCI resources?
Create a new IAM group in OCI and map it to the existing IDCS group.
Create a new IAM policy and reference the name of the IAM group in each policy statement.
Which two statements are true about an OCI VCN?
A VCN covers a single, contiguous IPv4 CIDR block of your choice
The allowable VCN size range is:/16 to /30
Which two options are necessary for achieving high availability on OCI?
Configure your database to have Data Guard in another Availability Domain in Sync mode within a region.
Distribute your application servers across all Availability Domains within a region.
You are designing a two-tier web application in OCI. Your clients want to access the web servers from anywhere, but want to prevent access to the database servers from the Internet.
Which is the recommended way to design the network architecture?
Create public subnets for web servers and private subnets for database servers in your VCN, and associate separate security lists and route tables for each subnet.
Which two statements are true about DB Systems in OCI?
Customers can manage the TDE Wallet after DB Systems are provisioned.
The database and backups are encrypted by default.
A company currently uses Microsoft Active Directory as its identity provider. The company recently purchased OCI to leverage the cloud platform for its test and development operations. As the administrator, you are now tasked with giving access only to developers so that they can start creating resources in their OCI accounts.
Which step will you perform to achieve this requirement?
Create a group for developers on OCI and map the group to a similar group in Microsoft Active Directory during the federation process.