Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. Oracle
  5. 1Z0-997

Free Oracle 1Z0-997 Exam Questions

You are the Solution Architect that designed this Oracle Cloud Infrastructure (OCI) compartment layout for your organization:



The development team has deployed quite a few instances under 'Compute' Compartment and the operations team needs to list the Instances under the same compartment for their testing. Both teams, development and operations are part of a group called 'Eng-group'

You have been looking for an option to allow the operations team to list the instances without access any confidential information or metadata of resources.


Which IAM policy should you write based on these requirements?

  1. Allow group Eng-group to inspect instance-family in compartment Dev-Team:Compute and attach the policy to `Engineering' Compartment
  2. Allow group Eng-group to inspect instance-family in compartment Dev-Team: Compute and attach the policy to 'SysTest Team' Compartment
  3. Allow group Eng-group to read instance-family in compartment Compute and attach the policy to 'Engineering' Compartment.
  4. Allow group Eng-group to read instance-family in compartment Dev-Team-.Compute and attach the policy to'Dev-Team'

Answer(s): A

Explanation:

Policy Attachment

When you create a policy you must attach it to a compartment (or the tenancy, which is the root compartment). Where you attach it controls who can then modify it or delete it. If you attach it to the tenancy (in other words, if the policy is in the root compartment), then anyone with access to manage policies in the tenancy can then change or delete it. Typically that's the Administrators group or any similar group you create and give broad access to. Anyone with access only to a child compartment cannot modify or delete that policy.

When you attach a policy to a compartment, you must be in that compartment and you must indicate directly in the statement which compartment it applies to. If you are not in the compartment, you'll get an error if you try to attach the policy to a different compartment. Notice that attachment occurs during policy

creation, which means a policy can be attached to only one compartment.

Policies and Compartment Hierarchies

A policy statement must specify the compartment for which access is being granted (or the tenancy).

Where you create the policy determines who can update the policy. If you attach the policy to the compartment or its parent, you can simply specify the compartment name. If you attach the policy further up the hierarchy, you must specify the path. The format of the path is each compartment name (or OCID) in the path, separated by a colon:

<compartment_level_1>:<compartment_level_2>: . . . <compartment_level_n>

to allow action to compartment Compute so you need to set the compartment PATH as per where you attach the policy as below examples

if you attach it to Root compartment you need to specify the PATH as following

Engineering: Dev-Team Compute :

if you attach it to Engineering compartment you need to specify the PATH as following


Dev-Team:Compute

if you attach it to Dev-Team or Compute compartment you need to specify the PATH as following Compute

Note : in the Policy inspect verb that give the Ability to list resources, without access to any confidential information or user-specified metadata that may be part of that resource.



To serve web traffic for a popular product, your cloud engineer has provisioned four BM.Standard2.52 instances, event spread across two availability domains in the us-asburn-1 region: LoadBalancer is used to deliver the traffic across instances.

After several months, the product grows even more popular and you need additional compute capacity. As a result, an engineer provisioned two additional VM.Standard2.8 instances.

You register the two VM. Standard2. 8 Instances with your load Balancer Backend sot and quickly find that the VM Standard2.8 Instances running at 100% of CPU utilization but the BM.Standard2 .52 instances have significant CPU capacity that's unused.

Which option is the most cost effective and uses instances capacity most effectively?

  1. Configure your Load Balance, with weighted round robin policy to distribute traffic to the compute instances, with more weight assigned to bare metal instances.
  2. Configure Autoscaling instance pool with LoadBalancer to add up to 3 more BM.Standard2.52 Instances when triggered. Shut off VM.Standard2.8 instances.
  3. Route traffic to BM.Standard2.52 and VM Standard2.8 instances directly using DNS and Health Checks. Shut off the load Balances.
  4. Configure LoadBalancer with two VM Standard2.8 instances and use Autoscalling Instant pool to add up to two additional VM instances. Shut off BM.Standard2.52 instances.

Answer(s): A

Explanation:

Customer have 4 BM.Standard2.52 and After several months he need additional compute capacity customer find The VM Standard2.8 Instances running at 100% of CPU utilization but the BM.Standard2 .52 instances have significant CPU capacity that unused.

So the customer need to check the Load balance policy to make sure the 4 BM and VM is utilize correctly.



An online registration system Is currently hosted on one large Oracle Cloud Infrastructure (OCT) Bare metal compute Instance with attached block volume to store of the users' data. The registration system accepts the:

Information from the user, Including documents and photos then performs automated verification and processing to check it the user is eligible for registration.

The registration system becomes unavailable at tunes when there is a surge of users using the system the existing architecture needs improvement as it takes a long time for the system to complete the processing and the attached block volumes are not large enough to use data being uploaded by the users.

Which Is the most effective option to achieve a highly scalable solution?

  1. Attach more Block volumes as the data volume increase, use Oracle Notification Service (ONS) to distribute tasks to a pool of compute instances working In parallel, and Auto Scaling to dynamically size the pool of Instances depending on the number of notifications received from the Notification Service.
    Use Resource Manager stacks to replicate your architecture to another region.
  2. Change your architecture to use an OCI Object Storage standard tier bucket, replace the single bare metal instance with a Oracle Streaming Service (OSS) to ingest the Incoming requests and distribute the tasks to a group of compute Instances with Auto Scaling
  3. Upgrade your architecture to use a pool of Bare metal servers and configure them to use their local SSDs for faster data access Set up Oracle Streaming Service (OSS) to distribute the tasks to the pool of Bare metal Instances with Auto Scaling to dynamically increase or decrease the pool of compute instances depending on the length of the Streaming queue.
  4. Upgrade your architecture to use more Block volumes as the data volume Increases. Replace the single bare metal instance with a group of compute instances with Auto Scaling to dynamically increase or decrease the compute instance pools depending on the traffic.

Answer(s): D



An Oracle Cloud Infrastructure (OCI) Public Load Balancer's SSL certificate is expiring soon. You noticed the Load Balancer is configured with SSL Termination only. When the certificate expires, data traffic can be interrupted and security compromised.

What steps do you need to take to prevent this situation?

  1. Add the new SSL certificate to the Load Balancer, update backend servers to work with a new certificate and edit listeners so they can use the new certificate bundle.
  2. Add the new SSL certificate to the Load Balancer, update listeners and backend sets so they can use the new certificate bundle.
  3. Add the new SSL certificate to the Load Balancer and implement end to end SSL so it can encrypt the traffic from clients all the way to the backend servers.
  4. Add the new SSL certificate to the Load Balancer and update backend servers to use the new certificate bundle.
  5. Add the new SSL certificate to the Load Balancer and update listeners to use the new certificate bundle.

Answer(s): A



Viewing page 10 of 19



Post your Comments and Discuss Oracle 1Z0-997 exam prep with other Community members:

1Z0-997 Exam Discussions & Posts