• Home
  • Articles
  • [Sep 20, 2022] Reliable 1z0-997-21 Exam Tips Test Pdf Exam Material [Q19-Q41]

[Sep 20, 2022] Reliable 1z0-997-21 Exam Tips Test Pdf Exam Material [Q19-Q41]

Share

[Sep 20, 2022] Reliable 1z0-997-21 Exam Tips Test Pdf Exam Material

New 2022 1z0-997-21 Test Tutorial (Updated 145 Questions)

NEW QUESTION 19
As an administrator you want to give users of ObjectWriters group full access to bucket Bucket-A and its objects in compartment comp-images. You want users of ObjectWriters to not be able to access or modify properties of any other buckets and its objects in the compartment comp-images.
Select the statement(s) below that will best define your IAM policies.

  • A. Allow group ObjectWritexs to read buckets in compartmentcomp-images Allow group ObjectWriters to manage objects in compartment comp- images where target.bucket.name= 'Bucket-A'
  • B. Allow group ObjectWriters to mange buckets in compartment comp- images Allow group ObjectWriters to manage objects in compartment comp-images where target.bucket.name= 'Eucket-A'
  • C. Allow group ObjectWriters to inspect buckets in compartment comp-images Allow group ObjectWriters to read buckets in compartment comp-images where target.bucket.name=' Bucket-A" Allow group ObjectWriters to manage objects in compartment comp-images where target.bucket.name=' Bucket-A'
  • D. Allow group ObjectWriters to manage buckets in compartment comp-images where target.bucket.name=' Bucket-A'

Answer: C

 

NEW QUESTION 20
You are working as a solution architect for an online retail store to create a portal to allow the users to pay for their groceries using credit cards. Since the application is not fully compliant with the Payment Card Industry Data Security Standard (PCI DSS), your company is looking to use a third party payment service to process credit card payments.
The third party service allows a maximum of Spelunk IP addresses 5 public IP addresses at a time However, your website is using Oracle Cloud Infrastructure (OCI) Instance Pool Auto Scaling policy to create up to create up to 15 Instances during peak traffic demand, which are launched In VCN private in VCN private subnets and attached to an OCI public Load Balancer. Upon user payment, the portal connects to the payment service over the Interne! to complete the transaction What solution can you implement to make sure that all compute Instances can connect to the third party system to process the payments aw peak traffic demand?

  • A. Route credit card payment request from the compute instances through the NAT Gateway. On the third-party services, whitelist the public IP associated with the NAT Gateway.
  • B. Route payment request from the compute instances through the OCI Load Balancer, which will then be routed to the third party service.
  • C. Whitelist the Internet Gateway Public IP on the third party service and route all payment requests through the Internet Gateway.
  • D. Create an OCI Command Line Interface (CLI) script to automatically reserve public IP address for the compute instances. On the third-party services, whitelist the Reserved public IP.

Answer: A

Explanation:
https://docs.oracle.com/en-us/iaas/Content/Balance/Concepts/balanceoverview.htm

 

NEW QUESTION 21
You have designed and deployed your Autonomous Data Warehouse (ADW) such that it is accessible from your on-premises data center and servers running on both private and public networks in Oracle Cloud Infrastructure (OCI).

As you are testing the connectivity to your ADW database from the different access paths, you notice that the server running on the private network is unable to connect to ADW. Which two steps do you need to take to enable connectivity from the server on the private network to ADW? (Choose two.)

  • A. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0./0; target type of internet Gateway, add a stateful egress in the security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols.
  • B. Add an entry in the access table list of ASW for CIDR block 10.2.2.0/24.
  • C. Add an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/: target type of NAT Gateway, add a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0./0 and for all IP protocols.
  • D. Add an entry in the access control list of ADW for IP address 129.146.160.11
  • E. Add an entry in the Security List of the ADW allowing ingress traffic for C10R block 10.2.2.0/24

Answer: C,D

Explanation:
There are 3 connections to ADW
1- Connecting to (ADW) from Public Internet
2- Connecting to ADW (via NAT or Service Gateway) from a server running on a private subnet in OCI (in the same tenancy)
3- Connecting to ADW (via internet Gateway) from a server running on a public subnet in OCI (in the same tenancy

 

NEW QUESTION 22
A retail company runs their online shopping platform entirely on Oracle cloud Infrastructure (OCI). This is a 3-tier web application that Includes a Mbps Load Balancer. Virtual Machine Instances for web and an Oracle DB Systems Virtual Machine Due to unprecedented growth, they noticed an Increase in the Incoming traffic to their website and all users start getting 503 (Service Unavailable) errors.
What is the potential problem in this scenario?

  • A. The Load Balancer health check status Indicates critical situation for half of the backend webservers
  • B. The Traffic Management Policy is not set to load Balancer the traffic to the web servers.
  • C. The Database Is down hence users can not access the web site
  • D. You did not configure a Service Gateway to allow connection between web servers and load Balance
  • E. All the web servers are too busy and not able to answer any request from users.

Answer: E

Explanation:
A 503 Service Unavailable Error is an HTTP response status code indicating that a server is temporarily unable to handle the request. This may be due to the server being overloaded or down for maintenance.

 

NEW QUESTION 23
You are working as a security consultant with a global insurance organization which is using Microsoft Azure Active Directory (AD) as identity provided to manager user login/passwords. When a user logs in to Oracle Cloud infrastructure (OCI) console, it should get authenticated by Azure AD.
Which set of steps are required to configure at OCI side in order to get it enabled

  • A. Setup Azure AD as an Identity Provider, map Azure AD groups to OCI groups, set up the IAM policies to govern access to Azure AD groups
  • B. Setup Azure AD as an Enterprise Application, map Azure AD users and groups and policies to OCI groups and users
  • C. Setup Azure AD as an Identity Provider, Import users and groups from Azure AD to OCI, set up IAM policies to govern access to Azure AD groups
  • D. Setup Azure AD as an Enterprise Application, configure OCI for single sign-on, map Azure AD groups to OCI groups, set up the IAM policies to govern access to Azure AD groups

Answer: A

Explanation:
Federating with Microsoft Azure Active Directory
To federate with Azure AD, you set up Oracle Cloud Infrastructure as a basic SAML single sign-on application in Azure AD. To set up this application, you perform some steps in the Oracle Cloud Infrastructure Console and some steps in Azure AD.
Following is the general process an administrator goes through to set up the federation. Details for each step are given in the next section.
In Oracle Cloud Infrastructure, download the federation metadata document.
In Azure AD, set up Oracle Cloud Infrastructure Console as an enterprise application.
In Azure AD, configure the Oracle Cloud Infrastructure enterprise application for single sign-on.
In Azure AD, set up the user attributes and claims.
In Azure AD, download the Azure AD SAML metadata document.
In Azure AD, assign user groups to the application.
In Oracle Cloud Infrastructure, set up Azure AD as an identity provider.
In Oracle Cloud Infrastructure, map your Azure AD groups to Oracle Cloud Infrastructure groups.
In Oracle Cloud Infrastructure, set up the IAM policies to govern access for your Azure AD groups.
Share the Oracle Cloud Infrastructure sign-in URL with your user

 

NEW QUESTION 24
You work for a retail company and they developed a Microservices based shopping application that needs to access Oracle Autonomous Database from the application. As an Architect, you have been tasked to treat all of the application components as Kubernetes native objects, such as the microservices, Oracle Autonomous database, Kubernetes services, etc.
What should you do to make sure that you can use Kubernetes constructs to manage the life cycle of the application components, including Oracle Autonomous Database? (Choose the best answer.)

  • A. Create an Oracle Cloud Infrastructure (OCI) Service Gateway and connect to the Oracle Autonomous Database using the private IP address from the microservice.
  • B. Create a service from the Kubernetes cluster and point to the Oracle Autonomous Database using its FQDN.
  • C. Provision an Oracle Autonomous Database and then use OCI Service Broker to access the database as a native component to your Kubernetes cluster.
  • D. Install and secure the OCI Service Broker for Kubernetes. Then provision and bind to the required Oracle Cloud Infrastructure services.

Answer: D

Explanation:
OCI Service Broker for Kubernetes is an implementation of the Open Service Broker API. OCI Service Broker for Kubernetes is specifically for interacting with Oracle Cloud Infrastructure services from Kubernetes clusters. It includes three service broker adapters to bind to the following Oracle Cloud Infrastructure services: Object Storage Autonomous Transaction Processing Autonomous Data Warehouse

 

NEW QUESTION 25
All three Data Guard Configuration are fully supported on Oracle Cloud infrastructure (OCI). You want to deploy a maximum availability architecture (MAA) for database workload.
Which option should you consider while designing your Data Guard configuration to ensure best RTO and PRO without causing any data loss?

  • A. Configure ''Maximum Scalability" mode which provides the highest level of scalability without compromising the availability of the primary database.
  • B. Configure ''Maximum Availability" mode in SYNC mode between two availability domains (same region), and use the Maximum Availability mode in SYNC mode between two regions.
  • C. Configure "Maximum Performance" mode In SYNC mode between two availability domains (same region) which provides, the highest level of data protection that is possible without affecting the performance of the primary database.
  • D. Configure "Maximum Protection" mode which provides zero data loss If the primary database fails.

Answer: B

Explanation:
https://docs.cloud.oracle.com/en-us/iaas/Content/Resources/Assets/whitepapers/best-practices-for-dr-on-oci.pdf All three Data Guard configurations are fully supported on Oracle Cloud Infrastructure. However, because of a high risk of production outage, we don't recommend using the maximum protection mode for your Data Guard configuration.
We recommend using the maximum availability mode in SYNC mode between two availability domains (same region), and using the maximum availability mode in ASYNC mode between two regions. This architecture provides you the best RTO and RPO without causing any data loss. We recommend building this architecture in daisy-chain mode: the primary database ships redo logs to the first standby database in another availability domain in SYNC mode, and then the first standby database ships the redo logs to another region in ASYNC mode. This method ensures that your primary database is not doing the double work of shipping redo logs, which can cause performance impact on a production workload.

This configuration offers the following benefits:
No data loss within a region.
No overhead on the production database to maintain standbys in another region.
Option to configure lagging on the DR site if needed for business reasons.
Option to configure multiple standbys in different regions without any additional overhead on the production database. A typical use case is a CDN application Bottom of Form

 

NEW QUESTION 26
Which three scenarios are suitable for the Oracle Infrastructure (OCI) Autonomous transaction Processing Server less (ATP-S) deployment?

  • A. A developer working on an Internal project needs to use a database during work hours but doesn't need It during nights or weekends. the project budget requires her to keep costs low. (Correct)
  • B. A manufacturing company is running Oracle E-Business Suite application on premises. They are looking to move this application to OCI and they want to use a managed database offering for their database tier.
  • C. A midsize company is considering migrating its legacy on premises MongoDB database to Oracle Cloud Infrastructure (OCI). The database has significantly higher workloads on weekends than weekdays
  • D. A small startup is deploying a new application fen eCommerce and it requires database to store customers' transactions the team b of what the load will look like since it is a new application. (Correct)
  • E. well established, online auction marketplace is running an application where there is database usage 24*7 but also has peaks of activity that the hard to predict when the peaks happen, the total activities may reach 3 times the normal activity level (Correct)

Answer: A,D,E

Explanation:
MongoDB is a cross-platform document-oriented database program. Classified as a NoSQL database program, MongoDB uses JSON-like documents with schema, so the best to be migrated to Oracle NoSQL Database.
https://blogs.oracle.com/nosql/migrate-mongodb-data-to-oracle-nosql-database Autonomous transaction Processing Serverless (ATP-S) isn't supported yet for EBS database

 

NEW QUESTION 27
A civil engineering company is running an online portal In which engineers can upload there constructions photos, videos, and other digital files.
There is a new requirement for you to implement: the online portal must offload the digital content to an Object Storage bucket for a period of 72 hours. After the provided time limit has elapsed, the portal will hold all the digital content locally and wait for the next offload period.
Which option fulfills this requirement?

  • A. Create a Dynamic Group with matching rule for the portal compute Instance and grant access to the Object Storage bucket for 72 hours.
  • B. Create a pre authenticated URL lot each object that Is uploaded to the Object Storage bucket with an expiration of 72 hours.
  • C. Create a pre-authenticated URL for the entire Object Storage bucket to read and list the content with an expiration of 72 hours.
  • D. Create a pre authenticated URL for the entire Object Storage bucket to write content with an expiration of 72 hours.

Answer: D

Explanation:
Pre-authenticated requests provide a way to let users access a bucket or an object without having their own credentials, as long as the request creator has permission to access those objects.
For example, you can create a request that lets operations support user upload backups to a bucket without owning API keys. Or, you can create a request that lets a business partner update shared data in a bucket without owning API keys.
When creating a pre-authenticated request, you have the following options:
You can specify the name of a bucket that a pre-authenticated request user has write access to and can upload one or more objects to.
You can specify the name of an object that a pre-authenticated request user can read from, write to, or read from and write to.
Scope and Constraints
Understand the following scope and constraints regarding pre-authenticated requests:
Users can't list bucket contents.
You can create an unlimited number of pre-authenticated requests.
There is no time limit to the expiration date that you can set.
You can't edit a pre-authenticated request. If you want to change user access options in response to changing requirements, you must create a new pre-authenticated request.
The target and actions for a pre-authenticated request are based on the creator's permissions. The request is not, however, bound to the creator's account login credentials. If the creator's login credentials change, a pre-authenticated request is not affected.
You cannot delete a bucket that has a pre-authenticated request associated with that bucket or with an object in that bucket.

 

NEW QUESTION 28
Many development engineers are deploying new instances as part of their projects in Oracle Cloud Infrastructure tenancy, but majority of these instances have not been tagged. You as an administrator of this tenancy want to enforce tagging to identify owners who are launching these instances.
Which option below should be used to implement this requirement?

  • A. Create tag variables for each compartment to automatically tag a resource with user name.
  • B. Create an IAM policy to automatically tag a resource with the usemame.
  • C. Create a default tag for each compartment which ensure appropriate tags are allowed at resource creation.
  • D. Create a predefined tag with tag variables to automatically tag a resource with usemame.

Answer: D

 

NEW QUESTION 29
You are working as a solution architect with a global automotive provider who is looking to create a multi-cloud solution. They want to run their application tier in Microsoft Azure while utilizing the Oracle DB Systems in the Oracle Cloud Infrastructure (OCI).
What is the most-fault tolerant and secure solution for this customer? (Choose the best answer.)

  • A. Deploy the Oracle database system into a public subnet in your VCN and assign a public IP address. Connect your application tier running in Azure to the public IP address of the database system over the internet.
  • B. Use an OCI Virtual Cloud Network remote peering connection to create a remote network connection between the application tier running in Microsoft Azure Virtual Network and Oracle Databases running in the OCI Virtual Cloud Network (VCN).
  • C. Create an encrypted, Virtual Private Network connection between the Microsoft Azure Virtual Network that contains the application tier and the OCI Virtual Cloud Network (VCN) that contains the Oracle Databases.
  • D. Create a FastConnect virtual circuit with Microsoft Azure as the provider to establish a private interconnect between the application tier running in the Azure Virtual Network and the OCI VCN that contains the Oracle Databases.

Answer: D

Explanation:
https://docs.oracle.com/en/solutions/learn-azure-oci-interconnect/index.html#GUID-FBE38C70-A4CF-40C5-A37A-121241D21199

 

NEW QUESTION 30
You have to migrate your application to Oracle Cloud Infrastructure (OCI). The database is constantly being updated and needs to be online without interruptions. How can you transition the database to OCI without interrupting its use?

  • A. It is impossible to migrate without interruption.
  • B. Use an on-premises database with one-way synchronization to a cloud-based database and allow clients to connect only to the cloud database.
  • C. Use an on-premises database with one-way synchronization to a cloud-based database and allow clients to connect only to the on-premises database until it is synchronized.
  • D. Use an on-premises database with two-way synchronization to a cloud-based database and allow clients to connect to either databases.

Answer: C

 

NEW QUESTION 31
A fast growing E-commerce company has deployed their online shopping application on Oracle Cloud Infrastructure. The application was deployed on compute instances with Autoscaling configuration for application servers fronted by a load balancer and OCI Autonomous Transaction Processing (ATP) in the backend. In order to promote their e-commerce platform 50% discount was announced on all the products for a limited period. During the day 1 of promotional period it was observed that the application is running slow and company's hotline is flooded with complaints.
What could be two possible reasons for this situation?

  • A. The health check on some of the backend servers has failed and the load balancer was rebooting these servers.
  • B. The health check on some of the backend servers has failed and the load balancer has taken those servers temporarily out of rotation.
  • C. As part of Autoscaling, the load balancer shape has dynamically changed to a larger shape to handle more incoming traffic and the system was slow for a short time during this change.
  • D. Autoscaling has already scaled to the maximum number of instances specified in the configuration and there is no room for scaling further.

Answer: B,D

 

NEW QUESTION 32
After performing maintenance on an Oracle Linux compute instance the system is returned to a running state You attempt to connect using SSH t to do so. You decide to create an instance console connection to troubleshoot the issue.
Which three tasks would enable you to connect to the console connection and begin troubleshooting?

  • A. edit the Linux boot menu to enable access to console.
  • B. Use SSH to connect to the service endpoint of the console connection service
  • C. Stop the compute Instance using the Oracle cloud Infrastructure (OCI) Command Line interface (CLI).
  • D. Use SSH to connect to the public: IP address of the compute Instance and provide the console connection OCID as the username.
  • E. Reboot the compute instance using the Oracle Cloud Infrastructure (OCI) Management Console
  • F. Upload an API signing key for console connection authentication.

Answer: A,B,E

Explanation:
The Oracle Cloud Infrastructure Compute service provides console connections that enable you to remotely troubleshoot malfunctioning instances, such as:
An imported or customized image that does not complete a successful boot.
A previously working instance that stops responding.
the steps to connect to console and troubleshoot the OS Issue
1- Before you can connect to the serial console you need to create the instance console connection.
Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
Click the instance that you're interested in.
Under Resources, click Console Connections.
Click Create Console Connection.
Upload the public key (.pub) portion for the SSH key. You can browse to a public key file on your computer or paste your public key into the text box.
Click Create Console Connection.
When the console connection has been created and is available, the status changes to ACTIVE.
2- Connecting to the Serial Console
you can connect to the serial console by using a Secure Shell (SSH) connection to the service endpoint of the console connection service Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
Click the instance that you're interested in.
Under Resources, click Console Connections.
Click the Actions icon (three dots), and then click Copy Serial Console Connection for Linux/Mac.
Paste the connection string copied from the previous step to a terminal window on a Mac OS X or Linux system, and then press Enter to connect to the console.
If you are not using the default SSH key or ssh-agent, you can modify the serial console connection string to include the identity file flag, -i , to specify the SSH key to use. You must specify this for both the SSH connection and the SSH ProxyCommand, as shown in the following line:
ssh -i /<path>/<ssh_key> -o ProxyCommand='ssh -i /<path>/<ssh_key> -W %h:%p -p 443...
Press Enter again to activate the console.
3- Troubleshooting Instances from Instance Console Connections
To boot into maintenance mode
Reboot the instance from the Console.
When the reboot process starts, switch back to the terminal window, and you see Console messages start to appear in the window. As soon as you see the GRUB boot menu appear, use the up/down arrow key to stop the automatic boot process, enabling you to use the boot menu.
In the boot menu, highlight the top item in the menu, and type e to edit the boot entry.
In edit mode, use the down arrow key to scroll down through the entries until you reach the line that starts with either linuxefi for instances running Oracle Autonomous Linux 7.x or Oracle Linux 7.x, or kernel for instances running Oracle Linux 6.x.
At the end of that line, add the following:
init=/bin/bash
Reboot the instance from the terminal window by entering the keyboard shortcut CTRL+X.

 

NEW QUESTION 33
You work for a bank as the lead Oracle Cloud Infrastructure architect. You designed a highly scalable solution for your company's banking application. The architecture includes a load balancer, application servers with autoscaling configuration based on CPU utilization, and an Autonomous Database with Transaction Processing workload type running in a Virtual Cloud Network (VCN).
During the peak utilization period, the application users complain that the application runs slow.
What are two possible reasons for the application running slow at times? (Choose two.)

  • A. Instance pool in autoscaling configuration for the Autonomous Database did not scale out due to misconfigured scaling policy.
  • B. The VCN does not have a Network Security Group configured to allow traffic from the load balancer to all the application servers in the backend set.
  • C. Instance pool in autoscaling configuration for the application servers did not scale out due to service limit breach of the VM shapes used by the application servers.
  • D. Instance pool in autoscaling configuration for the application servers did not scale out due to compartment quota breach of the VM shapes used by the application servers.
  • E. The load balancer is not configured correctly to send traffic to all the listeners of the application servers in the backend set.

Answer: C,D

 

NEW QUESTION 34
A retail company has recently adopted a hybrid architecture. They have the following requirements for their end-to-end Connectivity model between their on-premises data center and Oracle Cloud Infrastructure (OC1) region
* Highly available connection with service level redundancy
* Dedicated network bandwidth with low latency
Which connectivity setup is the most cost effective solution for this scenario?

  • A. Setup FastConnect virtual circuit as your primary connection, and an IPSec VPN as a backup connection. Use separate edge devices in your on-premises data center for each connection. From your edge devices, advertise more specific routes through FastConnect virtual circuit, and more specific routes through the backup IPSec VPN path.
  • B. Setup FastConnect virtual circuit as your primary connection, and a second FastConnect virtual circuit as a backup connection. Use separate edge devices in your FastConnect physical connectivity is redundant Use a single edge device in your on premises data center for each connection From yc device, advertise more specific routes via primary FastConnect virtual circuit, and less specific routes through t backup FastConnect circuit.
  • C. Setup IPsec VPN as your primary connection, and a FastConnect virtual circuit as a backup connection. Use separate edge devices in your on-premises data canter for each connection from your edge devices, advertise more specific routes IPSec VPN, and specific routes through the backup FastConnect virtual circuit.
  • D. Setup IPSec VPN as your primary connection, and a second IPSec VPN as a backup connection. Use separate edge devices in your on p data center for each connection. From your edge devices, advertise more specific routes via primary IPSec VPN. and less specific rod the backup IPSec VPN.

Answer: D

Explanation:
there are two main requirements for this Customer
First Highly available connection with service level redundancy and that can achieve by

3- Redundant FastConnect

 

NEW QUESTION 35
You want to automate the processing of new Image files to generate thumbnails. the expected rate is 10 new files every hour.
Which of the following is the most cost effective option to meet this requirement in Oracle Cloud Infrastructure (OCI)?

  • A. Upload files to an OCI Object storage bucket. Every time a file is uploaded, trigger an event with an action to provision a compute instance with a cloud-init script to access the file, process it and store it back in an Object storage bucket. Terminate the instance using Autoscaling policy after the processing is finished.
  • B. Upload all files to an Oracle Streaming Service (OSS) stream. Set up a cron job to invoke a function in Oracle Functions to fetch data from the stream. Invoke another function to process the image files and generate thumbnails. Store thumbnails in another OSS stream.
  • C. Build a web application to ingest the files and save them to a NoSQL Database. Configure OCI Events service to trigger a notification using Oracle Notification Service (ONS). ONS invokes a custom application to process the image files to generate thumbnails. Store thumbnails in a NoSQL Database table.
  • D. Upload files to an OCI Object storage bucket. Every time a file is uploaded, an event is emitted. Write a rule to filter these events with an action to trigger a function in Oracle Functions. The function processes the image in the file and stores the thumbnails back in an Object storage bucket.

Answer: D

Explanation:
You can invoke a function that you've deployed to Oracle Functions by triggered by an event in the Events service when update the Object storage to fetch the data then the function can process the File and store back to Object storage

 

NEW QUESTION 36
You have deployed a web application targeting a global audience across multiple Oracle Cloud Infrastructure (OCI) regions.
You decide to use Traffic Management Geo-Location based Steering Policy to serve web requests to users from the region closets to the user. Within each region you have deployed a public load balancer with 4 servers in a backend set. During a DR test disable all web servers in one of the regions however, traffic Management does not automatically direct all users to the other region.
Which two are possible causes?

  • A. You did not correctly setup the Load Balancer HTTP health check policy associated with backend set
  • B. You did not setup an HTTP Health Check associated with Load Balancer public IP in the disabled region.
  • C. One of the two working web servers In the other region did not pass Its HTTP health check
  • D. Rather than using Geo-Location based Steering Policy, you should use Failover Policy Type to serve traffic.
  • E. You did not setup a Route Table associated with load Balancer's subnet

Answer: A,B

Explanation:
Managing Traffic Management GEOLOCATION Steering Policies
Geolocation steering policies distribute DNS traffic to different endpoints based on the location of the end user. Customers can define geographic regions composed of originating continent, countries or states/provinces (North America) and define a separate endpoint or set of endpoints for each region.
The Health Checks service allows you to monitor the health of IP addresses and hostnames, as measured from geographic vantage points of your choosing, using HTTP and ping probes. After configuring a health check, you can view the monitor's results. The results include the location from which the host was monitored, the availability of the endpoint, and the date and time the test was performed.
Also you can Combine Managing Traffic Management GEOLOCATION Steering Policies with Oracle Health Checks to fail over from one region to another The Load Balancing service provides health status indicators that use your health check policies to report on the general health of your load balancers and their components.
if you misconfigure the health check Protocol between the Load balancer and backend set that can lead to not get an accurate response as example below If you run a TCP-level health check against an HTTP service, you might not get an accurate response. The TCP handshake can succeed and indicate that the service is up even when the HTTP service is ly configured or having other issues. Although the health check appears good customers might experience transaction failures.

 

NEW QUESTION 37
Your customer has gone through a recent departmental re structure. As part of this change, they are organizing their Oracle Cloud Infrastructure (OCI) compartment structure to align with the company's new organizational structure.
They have made the following change:
Compartment x Is moved, and its parent compartment is now compartment c.

Policy defined in compartment A: Allow group networkadmins to manage subnets in compartment X Policy defined in root compartment: Allow group admins to read subnets in compartment Finance:A:X After you move the compartment, which two IAM policies would be required to ensure both groups retain the same permissions to compartment X that they had before? (Choose two.)

  • A. Define a policy in compartment HR as follows: Allow group networkadmins to manage subnets in compartment C:X.
  • B. Define a policy in compartment C as follows: Allow group networkadmins to read subnets in compartment X
  • C. Define a policy in the root compartment as follows: Allow group admins to read subnets in compartment HR:C:X
  • D. Define a policy in the root compartment as follows: Allow group admins to manage subnets in compartment Finance:A:X

Answer: A,C

 

NEW QUESTION 38
A company has an application that processes confidential dat
a. The data is currently stored in an on-premises data center. A solution architect needs to move this data to Oracle Cloud Infrastructure (OCI) Object Storage and ensure data is encrypted in-transit to OCI.
Which two steps should the solution architect perform to set up the most cost-effective connection between on-premises data center and OCI?

  • A. Attach an Internet Gateway to Virtual Cloud network(VCN).
  • B. Configure a private peering connection on the Oracle FastConnect
  • C. Set up an IPsec tunnel between the customer equipment and software VPN on an oci instance
  • D. Set up private end point for accessing Object Storage.
  • E. Set up VPN Connect between the customer equipment and the Dynamic Routing Gateway.
  • F. Configure a service gateway accessing Object Storage.

Answer: E,F

 

NEW QUESTION 39
Give this compartment structure:

You want to move a compute instance that is in 'Compute' compartment to 'SysTes-Team'.
You login to your Oracle Cloud Infrastructure (OCI)account and use the 'Move Resource' option.
What will happen when you attempt moving the compute resource?

  • A. The move will be successful though Compute Instance and its Public and Private IP address will stay the same. The Compute instance VNIC will need to be moved separately. The Compute instance will still be associated with the original VCN.
  • B. The move will be successful though Compute Instance Public and Private IP address changed, and it will be associated to the VCN in target compartment.
  • C. The move will fail and you will be prompted to move the VCN first. Once VCN is moved to the target compartment, the Compute instance can be moved.
  • D. The move will be successful though Compute Instance and its Public and Private IP address will stay the same. The Compute instance VNIC will still be associated with the original VCN.

Answer: D

Explanation:
Moving Resources to a Different Compartment
Most resources can be moved after they are created. There are a few resources that you can't move from one compartment to another. Some resources have attached resource dependencies and some don't.
Not all attached dependencies behave the same way when the parent resource moves.
For some resources, the attached dependencies move with the parent resource to the new compartment.
The parent resource moves immediately, but in some cases attached dependencies move asynchronously and are not visible in the new compartment until the move is complete.
For other resources, the attached resource dependencies do not move to the new compartment. You can move these attached resources independently.
You can move Compute resources such as instances, instance pools, and custom images from one compartment to another. When you move a Compute resource to a new compartment, associated resources such as boot volumes and VNICs are not moved.
You can move a VCN from one compartment to another. When you move a VCN, its associated VNICs, private IPs, and ephemeral IPs move with it to the new compartment.

 

NEW QUESTION 40
An online gaming application is deployed to multiple Availability Domains in the Oracle Cloud Infrastructure (OCI) us-ashburn-1 region. Considering the high volume of traffic that the gaming application handles, the company has hired you to ensure that the data stored by the application is scalable, highly available, and disaster resilient. In the event of failure, the Recovery Time Objective (RTO) and Recovery Point Objective (RPO) must be less than 2 hours.
Which Disaster Recovery strategy should be used to achieve the RTO and RPO requirements in the event of a system failure?

  • A. Configure hourly block volumes backups using the OCI Command Line Interface (CLI).
  • B. Create a user defined backup policy with a schedule of generating hourly backups for block volumes.
  • C. Configure hourly block volumes backups through the OCI Storage Gateway service.
  • D. Create a user defined backup policy with a schedule of generating daily backups for block volumes.

Answer: A

 

NEW QUESTION 41
......

1z0-997-21 Cert Guide PDF 100% Cover Real Exam Questions: https://testking.practicedump.com/1z0-997-21-exam-questions.html

Related Articles

more
Oracle 1z0-997-21 Certification Practice Exam

Copyright © 2026 PracticeDump NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy