1z0-1072-23 Exam PDF [2023] Tests Free Updated Today with Correct 57 Questions [Q29-Q53]

1z0-1072-23 Exam PDF [2023] Tests Free Updated Today with Correct 57 Questions

Oracle 1z0-1072-23 Exam Preparation Guide and PDF Download

Oracle 1z0-1072-23 Exam Syllabus Topics:

Topic	Details
Topic 1	Configure and manage Object Storage Understand File System usage and metering
Topic 2	Configure Volume Groups, Backups, Clones Implement conditional and advanced policies
Topic 3	Configure Security Lists and Network Security Groups Describe and configure OS Management
Topic 4	Understand Observability and Management platform Configure Dynamic Groups and Tag based access control
Topic 5	Describe public and private IP addresses and virtual NICs Understand Network Command Center Services
Topic 6	Understand File System Snapshots and Cloning Describe and Configure Web Application Firewall and Certificates
Topic 7	Describe OCI compute image options Configure DNS and Traffic Management
Topic 8	Understand Block Volume performance tiers Understand Object Storage replication
Topic 9	Configure Virtual Cloud Network Routing and Gateways Describe and configure a layer-7 Load Balancer

 

NEW QUESTION # 29
Company XYZ is spending $300,000.00 USD per month in egress fees for 7 Petabytes that they consume for Outbound Data Transfer in North America with their current cloud provider. The company is seeking to lower that expense considerably without reducing consumption. You propose migration to OCI because the Gigabyte Outbound Data Transfer in North America costs just $0.0085 USD per month. With OCI, how much will they spend per month for 7 Petabytes of Outbound Data Transfer? (1 Petabyte = 1000 Terabytes)

• A. $59,415.00
• B. $59,500.00
• C. $0.00 (free with OCI)
• D. $150,000.00

Answer: B

Explanation:
$59,415.00 is the amount that Company XYZ will spend per month for 7 Petabytes of Outbound Data Transfer in North America with OCI. This is calculated by multiplying 7 Petabytes by 1000 Terabytes (to convert Petabytes to Terabytes), then multiplying by $0.0085 USD (the cost per Gigabyte Outbound Data Transfer in North America), then dividing by 1000 (to convert Gigabytes to Terabytes). The formula is:
(7 * 1000 * 0.0085) / 1000 = $59,415.00

NEW QUESTION # 30
What should be created before provisioning an Oracle Cloud Infrastructure (OCI) DB System?

• A. Compute Instance
• B. Virtual Cloud Network
• C. Bucket in Object Storage
• D. Compartment

Answer: B

Explanation:
The explanation is that a Virtual Cloud Network (VCN) is a software-defined network that you set up in OCI to connect your cloud resources, such as compute instances and databases. A VCN provides you with complete control over your network environment, including selecting your own IP address range, creating subnets, route tables, gateways, security lists, etc. You need to create a VCN before provisioning an OCI DB System, as you need to specify which subnet in your VCN you want to launch your DB System in.

NEW QUESTION # 31
You are using a custom application with third-party APIs to manage the application and data hosted in an Oracle Cloud Infrastructure (OCI) tenancy. Although your third-party APIs do not support OCI's signature-based authentication, you want them to communicate with OCI resources. Which authentication option should you use to ensure this?

• A. API Signing Key
• B. Auth Tokens
• C. SSH Key Pair with 2048-bit algorithm
• D. OCI Username and Password

Answer: B

Explanation:
Auth Tokens is the authentication option that you should use to ensure that your custom application with third-party APIs can communicate with OCI resources. Auth Tokens are tokens that can be used as an alternative to passwords when making API calls to OCI services. Auth Tokens can be generated and revoked by users in the OCI Console or CLI, and can be used with any API client that supports basic authentication. The other options are not suitable for this scenario, as they either require OCI's signature-based authentication or are not applicable for API calls. Reference: [Auth Tokens]

NEW QUESTION # 32
You have an instance running in Oracle Cloud Infrastructure (OCI) that cannot be live-migrated during an infrastructure maintenance event. OCI schedules a maintenance due date within14 to 16 days and sends you anotification.
What would happen if you choose not to proactively reboot the instance beforethe scheduled maintenance duedate?

• A. The instance is either reboot-migrated or rebuilt in place for you.
• B. You will receive another notification to reboot within the next 7 days.
• C. You will receive another notification to reboot within the next 14 days.
• D. The instance will get terminated.

Answer: A

Explanation:
Explanation
If you choose not to proactively reboot the instance before the scheduled maintenance due date, the instance is either reboot-migrated or rebuilt in place for you. Reboot-migration is a process where OCI migrates your instance to a new physical host without changing its configuration or public IP address. Rebuild in place is a process where OCI shuts down your instance, performs maintenance on the physical host, and restarts your instance with the same configuration and public IP address. The other options are not correct. References:
[Reboot-Migration], [Rebuild in Place]

NEW QUESTION # 33
You just got a last minute request to create a set of instances in Oracle Cloud Infrastructure (OCI). The configuration and installed software are identical for every instance, and you already have a running instance inyour OCI tenancy. Which image option allows you to achieve this task with the least amount of effort?

• A. Select an image from the OCI Marketplace.
• B. Use Oracle-provided images and customize the installation using a third-party tool.
• C. Bring your own image and use it as a template for the new instances.
• D. Create a custom image and use it as a template for the new instances.

Answer: D

Explanation:
Explanation
Creating a custom image and using it as a template for the new instances is the option that allows you to achieve this task with the least amount of effort. A custom image is a copy of an existing instance that you can use to launch other instances with the same configuration and installed software. The other options are not suitable for this scenario, as they would require more time and effort to create and customize the instances.
References: [Custom Images]

NEW QUESTION # 34
You are using a custom application with third-party APIs to manage the application and data hosted in an OracleCloud Infrastructure (OCI) tenancy. Although your third-party APIs do not support OCI's signature-based authentication, you want them to communicate with OCI resources. Which authentication option should you useto ensure this?

• A. API Signing Key
• B. Auth Tokens
• C. SSH Key Pair with 2048-bit algorithm
• D. OCI Username and Password

Answer: B

Explanation:
Explanation
Auth Tokens is the authentication option that you should use to ensure that your custom application with third-party APIs can communicate with OCI resources. Auth Tokens are tokens that can be used as an alternative to passwords when making API calls to OCI services. Auth Tokens can be generated and revoked by users in the OCI Console or CLI, and can be used with any API client that supports basic authentication.
The other options are not suitable for this scenario, as they either require OCI's signature-based authentication or are not applicable for API calls. References: [Auth Tokens]

NEW QUESTION # 35
You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin groupset up: A-Admins, B-Admins, and C-Admins.
Each admin group has full access over their respective compartments as shown in the graphic below.
Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'.

You want to set up a Test compartment for members of the three projects to share. You also need to provideadmin access to all three of your existing admin groups.
Which policy would you write to accomplish this task?

• A. Allow dynamic-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
• B. Allow all-group to manage all-resources in compartment Test where
  request.principal.group.tag.EmployeeGroup.Role='Admin'
• C. Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
• D. Allow any-user to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'

Answer: B

Explanation:
Explanation
Allow all-group to manage all-resources in compartment Test where
request.principal.group.tag.EmployeeGroup.Role='Admin' is the policy that would accomplish this task. This policy grants admin access to all groups that have the tag EmployeeGroup.Role='Admin' in the compartment Test. The other options are not correct, as they use incorrect terms such as dynamic-group, any-group, or any-user. References: [Tag-Based Authorization]

NEW QUESTION # 36
Which THREE capabilities are available with the Oracle Cloud Infrastructure (OCI) DNS service?

• A. Creating and managing records
• B. Creating and managing Identity Access Management (IAM) policies
• C. Creating and managing WAF rules
• D. Creating and managing zones
• E. Creating and managing security lists
• F. Viewing all zones

Answer: A,D,F

Explanation:
Creating and managing records, creating and managing zones, and viewing all zones are three capabilities that are available with the OCI DNS service. Records are data elements that map domain names to IP addresses or other information. Zones are collections of records that correspond to a domain name or a subdomain name. The OCI DNS service allows users to create and manage records and zones for their domains or subdomains, as well as view all zones in their tenancy. The other options are not capabilities of the OCI DNS service, but of other OCI services such as WAF, IAM, and Networking. Reference: [DNS Service], [Records], [Zones]

NEW QUESTION # 37
When defining a query for metric data in Monitoring, which field provides the time window for aggregatingmetric data points plotted on the metric chart?

• A. Namespace
• B. Statistic
• C. Interval
• D. Dimension

Answer: C

Explanation:
Explanation
Interval is the field that provides the time window for aggregating metric data points plotted on the metric chart. Interval is a parameter that specifies how often metric data points are collected and aggregated by the Monitoring service. For example, an interval of 5 minutes means that metric data points are aggregated every 5 minutes and displayed on the chart. The other options are not fields that provide the time window for aggregating metric data points, but rather other parameters that define the metric query. References: [Interval]

NEW QUESTION # 38
Which THREE capabilities are available with the Oracle Cloud Infrastructure (OCI) DNS service?

• A. Creating and managing records
• B. Creating and managing Identity Access Management (IAM) policies
• C. Creating and managing WAF rules
• D. Creating and managing zones
• E. Creating and managing security lists
• F. Viewing all zones

Answer: A,D,F

Explanation:
Explanation
Creating and managing records, creating and managing zones, and viewing all zones are three capabilities that are available with the OCI DNS service. Records are data elements that map domain names to IP addresses or other information. Zones are collections of records that correspond to a domain name or a subdomain name.
The OCI DNS service allows users to create and manage records and zones for their domains or subdomains, as well as view all zones in their tenancy. The other options are not capabilities of the OCI DNS service, but of other OCI services such as WAF, IAM, and Networking. References: [DNS Service], [Records], [Zones]

NEW QUESTION # 39
Which Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) policy is invalid?

• A. Allow group A-Admins to manage all-resources in compartment Project-A
• B. Allow group A-Developers to create volumes in compartment Project-A
• C. Allow dynamic-group FrontEnd to manage instance-family in compartment Project-A
• D. Allow any-user to inspect users in tenancy

Answer: B

Explanation:
Allow group A-Developers to create volumes in compartment Project-A is an invalid IAM policy. This is because create is not a valid verb for volumes. The correct verb for creating volumes is attach. The other options are valid IAM policies that use correct verbs and syntax. Reference: [IAM Policies], [Verbs]

NEW QUESTION # 40
Which statement is true about File System Replication in Oracle Cloud Infrastructure (OCI)?

• A. You cannot specify a replication interval when you create the replication resource.
• B. You can replicate the data in one file system to another file system only in the same region.
• C. You can replicate the data in one file system to another file system in the same region or a different region.
• D. Only a file system that has been exported can be used as a target file system.

Answer: C

Explanation:
You can replicate the data in one file system to another file system in the same region or a different region is a true statement about File System Replication in OCI. File System Replication is a feature that allows users to create a copy of a file system in another file system, either within the same region or across regions. This can be useful for disaster recovery, data migration, or data distribution purposes. The other statements are false about File System Replication in OCI. Reference: [File System Replication]

NEW QUESTION # 41
Which Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) policy is invalid?

• A. Allow group A-Admins to manage all-resources in compartment Project-A
• B. Allow group A-Developers to create volumes in compartment Project-A
• C. Allow dynamic-group FrontEnd to manage instance-family in compartment Project-A
• D. Allow any-user to inspect users in tenancy

Answer: B

Explanation:
Explanation
Allow group A-Developers to create volumes in compartment Project-A is an invalid IAM policy. This is because create is not a valid verb for volumes. The correct verb for creating volumes is attach. The other options are valid IAM policies that use correct verbs and syntax. References: [IAM Policies], [Verbs]

NEW QUESTION # 42
You plan to launch a VM instance with the VM.Standard2.24 shape and Oracle Linux 8 platform image. You wantto protect your VM instance from low-level threats, such as rootkits and bootkits that can infect the firmwareand operating system and are difficult to detect.
What should you do?

• A. Create a burstable instance.
• B. Use Vulnerability Scanning Service.
• C. Use in-transit encryption.
• D. Create a shielded instance.

Answer: D

Explanation:
Explanation
The explanation is that shielded instances are VM instances that have additional security features to protect them from low-level threats, such as rootkits and bootkits that can infect the firmware and operating system and are difficult to detect. Shielded instances use verified boot, which ensures that only trusted software components are executed during the boot process. Shielded instances also use virtual trusted platform module (vTPM), which provides a secure storage for encryption keys and certificates. Shielded instances are available for Oracle Linux 8 platform images with VM.Standard2.* shapes.

NEW QUESTION # 43
Which statement accurately describes the key features and benefits of OCI Confidential Computing?

• A. It provides automatic scalability and load balancing capabilities, which allow seamless integration withother cloud providers.
• B. It enables users to securely store and retrieve data by using distributed file systems, ensuring high availability and fault tolerance.
• C. It optimizes network performance and reduces latency through advancedrouting algorithms and cachingmechanisms.
• D. It encrypts and isolates in-use data and the applications processing that data, thereby preventing unauthorized access or modification.

Answer: D

Explanation:
Explanation
It encrypts and isolates in-use data and the applications processing that data, thereby preventing unauthorized access or modification is an accurate description of the key features and benefits of OCI Confidential Computing. Confidential Computing is a feature that leverages hardware-based Trusted Execution Environments (TEEs) to protect data and applications from unauthorized access or modification while they are in use by the CPU or memory. This adds an extra layer of security to cloud computing, as it protects data not only at rest and in transit, but also in use. The other options are not accurate descriptions of the key features and benefits of OCI Confidential Computing. References: [Confidential Computing]

NEW QUESTION # 44
You want a full-featured Identity-as-a-Service (IDaaS) solution that helps you manage workforce authenticationand access to all of your Oracle and non-Oracle applications, whether they are SaaS apps, on-premises enterpriseapps, or apps that are hosted in the cloud. Which IAM Identity Domain type should you create?

• A. Premium
• B. External User
• C. Free
• D. Oracle Apps Premium

Answer: A

Explanation:
Explanation
Premium is the IAM Identity Domain type that you should create if you want a full-featured IDaaS solution that helps you manage workforce authentication and access to all of your Oracle and non-Oracle applications.
Premium Identity Domain provides users with access to Oracle Identity Cloud Service, which is an IDaaS solution that offers identity management, single sign-on, multifactor authentication, identity governance, and integration with third-party applications. The other options are not IAM Identity Domain types that provide a full-featured IDaaS solution. References: [Identity Domains], [Oracle Identity Cloud Service]

NEW QUESTION # 45
You want to create a policy to allow the NetworkAdmins group to manageVirtual Cloud Network (VCN) incompartment C.
You want to attach this policy to the tenancy. The compartment hierarchy is shown below.

Which policy statement can be used to accomplish this task?

• A. Allow group NetworkAdmins to manage virtual-network-family in compartment C
• B. Allow group NetworkAdmins to manage virtual-network-family in compartment A:B:C
• C. Allow group NetworkAdmins to manage virtual-network-family in compartment B:C
• D. Allow group NetworkAdmins to manage virtual-network-family in tenancy

Answer: B

Explanation:
Explanation
Allow group NetworkAdmins to manage virtual-network-family in compartment A:B:C. The explanation is that when you attach a policy to the tenancy, you need to specify the full path of the compartment where you want to grant permissions. In this case, the compartment C is a sub-compartment of compartment B, which is a sub-compartment of compartment A, which is a sub-compartment of the root compartment (tenancy).
Therefore, the full path of compartment C is A:B:C. The virtual-network-family resource type includes all the resources related to VCN, such as subnets, route tables, security lists, gateways, etc.

NEW QUESTION # 46
When defining a query for metric data in Monitoring, which field provides the time window for aggregating metric data points plotted on the metric chart?

• A. Namespace
• B. Statistic
• C. Interval
• D. Dimension

Answer: C

Explanation:
Interval is the field that provides the time window for aggregating metric data points plotted on the metric chart. Interval is a parameter that specifies how often metric data points are collected and aggregated by the Monitoring service. For example, an interval of 5 minutes means that metric data points are aggregated every 5 minutes and displayed on the chart. The other options are not fields that provide the time window for aggregating metric data points, but rather other parameters that define the metric query. Reference: [Interval]

NEW QUESTION # 47
You have objects stored in an OCI Object Storage bucket that you want to share with a partner company. You decide to use pre-authenticated requests to grant access to the objects. Which statement is true about preauthenticated requests?

• A. You need to provide your OCI credentials to the partner company.
• B. You cannot edit a pre-authenticated request.
• C. Pre-authenticated requests can be used to delete buckets or objects.
• D. Deleting a pre-authenticated request does not revoke user access to the associated bucket or object.

Answer: B

Explanation:
You cannot edit a pre-authenticated request is a true statement about pre-authenticated requests. Pre-authenticated requests are URLs that allow users to access objects or buckets in OCI Object Storage without requiring additional authentication or authorization. Pre-authenticated requests can be created with an expiration date and time, and can be used for read or write operations. However, once created, pre-authenticated requests cannot be edited, but can only be deleted or extended. The other statements are false about pre-authenticated requests. Reference: [Pre-Authenticated Requests]

NEW QUESTION # 48
You created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain applicationservers and the third subnet contains a DB System. The application requires a shared file system, therefore youhave provisioned one using the file storage service (FSS).
You have also created the corresponding mount target in one of the application subnets. The VCN security listsare properly configured so that the application servers can access FSS. The securityteam changed the settings forthe DB System to have read-only access to the file system. However when they testit, they are unable to accessFSS.
How would you allow access to FSS?

• A. Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DBSystem subnet.
• B. Modify the security list associated with the subnet where the mount target resides.
• C. Modify the security list associated with the subnet where the mount target resides. Change the ingressrules corresponding to the DB System subnet to be stateless.
• D. Change the ingress rules corresponding to the DB System subnet to be stateful.
• E. Create an instance principal for the DB System. Write an Identity andAccess Management (IAM) policythat allows the instance principal read-only access to the file storage service.

Answer: A

Explanation:
Explanation
Creating an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet is the correct answer. This is because NFS export options are used to control the level of access that clients have to file systems. By creating an NFS export option with READ_ONLY access for the DB System subnet, you can allow the DB System to read data from the file system, but not write or modify it.
The other options are not correct, as they do not address the requirement of read-only access for the DB System. References: [NFS Export Options]

NEW QUESTION # 49
You are part of a team that manages a set of workload instances running in an on-premises environment. The Architect team is tasked with designing and configuring Oracle Cloud Infrastructure (OCI) Logging service to collect logs from these instances. There is a requirement to archive Info-level logging data of these instances into the OCI Object Storage.
Which TWO features of OCI can help you achieve this?

• A. ObjectCollectionRule
• B. Grouping Function
• C. Service Connectors
• D. Agent Configuration
• E. Cloud Agent Plugin

Answer: C,E

Explanation:
Cloud Agent Plugin and Service Connectors are two features of OCI that can help collect logs from on-premises instances and archive them into OCI Object Storage. Cloud Agent Plugin is a component of the OCI Logging service that can be installed on any Linux or Windows instance to collect logs and send them to OCI. Service Connectors are components of the OCI Service Connector Hub that can transfer data between different OCI services, such as Logging and Object Storage. The other options are not relevant for this requirement. Reference: [Cloud Agent Plugin], [Service Connectors]

NEW QUESTION # 50
Which is NOT a valid option for an Oracle Cloud Infrastructure (OCI) compute shape?

• A. Bare Metal
• B. Exadata Virtual Machine
• C. Virtual Machine
• D. Dedicated Virtual Machine Host

Answer: B

Explanation:
Explanation
Exadata Virtual Machine is not a valid option for an OCI compute shape. Exadata Virtual Machine is a deployment option for Exadata Cloud Service or Exadata Cloud@Customer, which are services that provide dedicated Exadata infrastructure for running Oracle databases in OCI. Exadata Virtual Machine allows you to create multiple virtual machines on each Exadata compute node and isolate them from each other using Oracle VM technology. The valid options for OCI compute shapes are:
Bare Metal: A bare metal instance is a physical server that gives you direct access to the underlying hardware and full isolation from other tenants.
Dedicated Virtual Machine Host: A dedicated virtual machine host is a physical server that hosts only your virtual machine instances and no other tenant's instances.
Virtual Machine: A virtual machine instance is a virtual server that runs on a shared physical server with other tenants' instances.
Burstable: A burstable instance is a virtual machine instance that has a baseline utilization of either 12% or 50% of each CPU core and can burst above the baseline when needed.

NEW QUESTION # 51
You have a high-demand web application running on Oracle Cloud Infrastructure (OCI). Your tenancy administrator has set up a schedule-based autoscaling policy on instance pool with an initial size of 5 instances for the application.
Policy 1:
Target pool size:10 instances
Execution time:8:30 a.m. on every Monday through Friday, in every month, in every year Cron expression:0 30 8 ? * MON-FRI * Which statement accurately explains the goal of this policy?

• A. Goal: A one-time schedule with only one scaling out event. At 8:30 a.m., on December 31, 2021, scale the instance pool to 10 instances from 5.
• B. Goal: A recurring daily schedule. On weekday mornings at 8.30 a.m., scale out to 10 instances.
• C. Goal: A recurring weekly schedule. On all days of the week at 8.30 a.m., scale out the pool to 10 instances from the initial size of 5
• D. Goal: A recurring monthly schedule. On all days of the month, set the initial pool size to 5 instances. At
  8.30 a.m., on every day of the month, scale out to 10 instances.

Answer: B

Explanation:
The explanation is that a schedule-based autoscaling policy allows you to adjust the size of your instance pool based on a cron expression that specifies the date and time of the scaling action. The cron expression consists of six fields: seconds, minutes, hours, day of month, month, and day of week. In this case, the cron expression is 0 30 8 ? * MON-FRI *, which means that the scaling action will occur at 8:30 a.m. on every Monday through Friday, regardless of the day of month or month. Therefore, the goal of this policy is to scale out the instance pool to 10 instances on weekday mornings at 8:30 a.m.

NEW QUESTION # 52
Which THREE protocols are supported by the Oracle Cloud Infrastructure (OCI) Network Load Balancer?

• A. HTTP
• B. ICMP
• C. TCP
• D. iSCSI
• E. UDP
• F. BGP

Answer: B,C,E

Explanation:
The explanation is that the OCI Network Load Balancer supports three protocols: UDP, TCP, and ICMP. These protocols are used to distribute traffic across multiple backend servers based on different criteria, such as source and destination IP addresses, ports, and ICMP types and codes.

NEW QUESTION # 53
......

Verified & Correct 1z0-1072-23 Practice Test Reliable Source Dec 29, 2023 Updated: https://vcecollection.trainingdumps.com/1z0-1072-23-valid-vce-dumps.html