• Home
  • Articles
  • [Nov-2023] The Best Oracle Cloud Solutions Infrastructure 1z0-1067-22 Professional Exam Questions [Q19-Q39]

[Nov-2023] The Best Oracle Cloud Solutions Infrastructure 1z0-1067-22 Professional Exam Questions [Q19-Q39]

Share

[Nov-2023] The Best Oracle Cloud Solutions Infrastructure 1z0-1067-22 Professional Exam Questions

Try 100% Updated 1z0-1067-22 Exam Questions [2023]

NEW QUESTION # 19
You are using Oracle Cloud Infrastructure (OCI) services across several regions: us-phoenix-1, us-ashburn-1, uk-london-1 and ap-tokyo-1. You have creates a separateadministrator group for each region: PHX-Admins, ASH-Admins, LHR-Admins and NRT-Admins, respectively.
You want to restrict admin access to a specific region. E.g., PHX-Admins should be able to manage all resources in the us-phoenix-1 region only and not any other OCI regions.
What IAM policy syntax is required to restrict PHX-Admins to manage OCI resources in the us-phoenix-1 region only? (Choose the best answer.)

  • A. Allow group PHX-Admins to manage all-resources in tenancy where request.location= 'phx'
  • B. Allow group PHX-Admins to manage all-resources in tenancy where request.target= 'phx'
  • C. Allow group PHX-Admins to manage all-resources in tenancy where request.region= 'phx'
  • D. Allow group PHX-Admins to manage all-resources in tenancy where request.permission= 'phx'

Answer: C

Explanation:
Explanation
Use conditions to limit access depending on region:
request.regionhttps://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm#General


NEW QUESTION # 20
Security Testing Policy describes when and how you may conduct certain types of security testing of Oracle Cloud Services, including vulnerability and penetration tests, as well as tests involving data scraping tools.
What does Oracle allow as part of this testing? (Choose the best answer.)

  • A. Customers can validate that their network resources are isolated from other customer resources.
  • B. Customers are allowed to use their own testing and monitoring tools.
  • C. Customers are allowed to test Oracle Cloud Infrastructure (OCI) hardware related to resources in their tenancy.
  • D. Customers can simulate DoS attack scenarios as long as it's restricted to the customer's own environment.

Answer: B

Explanation:
Explanation
Using your own monitoring and testing tools, you may conduct penetration and vulnerability tests of your acquired single-tenant Oracle Infrastructure as a Service (IaaS) offerings


NEW QUESTION # 21
You are using the Oracle Cloud Infrastructure Command Line Interface to launch a Linux virtual machine.
You enter the following command (with correct values for all parameters):

The command fails.
Which is NOT a valid parameter in this command? (Choose the best answer.)

  • A. - -subnet-id <subnet_id>
  • B. - -shape "<shape_name>"
  • C. -t <tenancy_id>
  • D. -c<compartment_id>
  • E. - -image-id <image_id>

Answer: C

Explanation:
Explanation
Tenacy is not in the
parametershttps://docs.oracle.com/en-us/iaas/tools/oci-cli/3.0.5/oci_cli_docs/cmdref/compute/instance/launch.htm


NEW QUESTION # 22
You have a Linux compute instance located in a public subnet in a VCN which hosts a web application. The security list attached to subnet containing the compute instance has the following stateful ingress rule.

The Route table attached to the Public subnet is shown below. You can establish an SSH connection into the computeinstance from the internet. However, you are not able to connect to the web server using your web browser.

Which step will resolve the issue? (Choose the best answer.)

  • A. In the security list, remove the ssh rule.
  • B. In the route table, add a rule for your default traffic to be routed to service gateway.
  • C. In the route table, add a rule for your default traffic to be routed to NAT gateway.
  • D. In the security list, add an ingress rule for port 80 (http).

Answer: D

Explanation:
Explanation
You need to add a rule in thesecurity list table to allow access to web application. Web applications are usually exposed over port 80 (HTTP), therefore answer B makes sense here.


NEW QUESTION # 23
You have ordered two FastConnect connections that provide a high availability connection architecture between your on-premises data center and Oracle Cloud Infrastructure (OCI). You want to run these connections in an ACTIVE/PASSIVE architecture.
How can you accomplish this? (Choose the best answer.)

  • A. Decrease the prefix length of AS for the FastConnect you want touse as PASSIVE connection.
  • B. Adjust one of the connections to have a higher ASN.
  • C. Enable BGP on the FastConnect that you want as the ACTIVE connection.
  • D. Use AS PATH prepending with your routes.

Answer: D


NEW QUESTION # 24
You have been asked to review a network design for Oracle Cloud Infrastructure (OCI) by a major client. The client's IT team needs to provision two Virtual Cloud Networks (VCNs) for a major application. The application uses a large number of virtual machine instances. Additionally, in the future, a VCN peering will be required to allow connectivity between the VCNs.
Which of the following are valid IP ranges to consider? (Choose the best answer.)

  • A. 10.0.0.0/8 and 11.0.0.0/8
  • B. 10.0.8.0/21 and 10.0.16.0/22
  • C. 10.0.0.0/30 and 192.168.0.0/30
  • D. 10.0.0.0/16 and 10.0.64.0/24

Answer: D


NEW QUESTION # 25
You have been asked to ensure that in-transit communication between an OracleCloud Infrastructure (OCI) compute instance and an on-premises server (192.168.10.10/32) is encrypted. The instances communicate using HTTP. The OCI Virtual Cloud Network (VCN) is connected to the on-premises network by two separate connections: a DynamicIPsec VPN tunnel and a FastConnect virtual circuit. No static configuration has been added.
What solution should you recommend? (Choose the best answer.)

  • A. Advertise a 192.168.10.10/32 router over the FastConnect.
  • B. The instances will communicate by default over the FastConnect private virtual circuit, which ensures data is encrypted in-transit.
  • C. Advertise a 192.168.10.10/32 route over the VPN.
  • D. The instances will communicate by default over IPsec VPN, which ensures data is encrypted in-transit.

Answer: C

Explanation:
Explanation
https://www.oracle.com/uk/cloud/networking/fastconnect-faq.html


NEW QUESTION # 26
You launched a Linux compute instance to host the new version of your company website via Apache Httpd server on HTTPS (port 443). The instance is created in a public subnet along with other instances. The default security list associated to the subnet is:

You want to allow access to the company website from public internet without exposing websites eventually hosted on the other instances in the public subnet.
Which actionwould you take to accomplish the task? (Choose the best answer.)

  • A. Create a network security group, add a stateful rule to allow ingressaccess on port 443 and associate it to the instance that hosts the company website.
  • B. Create a network security group, add a stateful rule to allow ingress access on port 443 and associate it to the public subnet that hosts the company website.
  • C. Create a new security list with a stateful rule to allow ingress access on port 443 and associate it to the public subnet.
  • D. In default security list,add a stateful rule to allow ingress access on port 443.

Answer: A

Explanation:
Explanation
Since we want to avoid exposing other instances in the same public subnet to the internet, Network Security Groups (NSG) must be used instead of Security Lists. NSG are attached to the vnic of the instance and not to the subnet


NEW QUESTION # 27
You have created a group for several auditors. You assign the following policies tothe group:

What actions are the auditors allowed to perform within your tenancy? (Choose the best answer.)

  • A. Auditors are able to create new instances in the tenancy.
  • B. The Auditors can view resources in the tenancy.
  • C. Auditors are able to view all resources in the compartment.
  • D. The Auditors are able to delete resource in the tenancy.

Answer: B

Explanation:
Explanation
https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policies.htm#Verbs


NEW QUESTION # 28
Which two statements are TRUE about Object Storage data security and encryption in Oracle Cloud Infrastructure (OCI)? (Choose two.)

  • A. A VPN connection to OCI is required to ensure secure data transfer to an object storage bucket.
  • B. Client-side encryption is managed by the customer.
  • C. OCI Vault Management is used by default to provide data security.
  • D. All traffic to and from Object Storage service is encrypted using TLS.
  • E. Data needs to be decrypted on the client side before retrieving it.

Answer: B,D


NEW QUESTION # 29
You have been asked to update the lifecycle policy for object storage using the Oracle Cloud Infrastructure (OCI) Command Line Interface (CLI).
Which command can successfully update the policy? (Choose the bestanswer.)

  • A. oci os object-lifecycle-policy delete -ns <object_storage_namespace> -bn <bucket_name>
  • B. oci os object-lifecycle-policy put -ns <object_storage_namespace> -bn <bucket_name> - -items
    <json_formatted_lifecycle_policy>
  • C. oci os object-lifecycle-policy get -ns <object_storage_namespace> -bn <bucket_name>
  • D. oci os object-lifecycle-policy put -ns <object_storage_namespace> -bn <bucket_name>

Answer: B

Explanation:
Explanation
https://docs.oracle.com/en-us/iaas/Content/Object/Tasks/usinglifecyclepolicies.htm#cli
https://docs.oracle.com/en-us/iaas/tools/oci-cli/2.17.0/oci_cli_docs/cmdref/os/object-lifecycle-policy/put.html


NEW QUESTION # 30
Which two statements about the OracleCloud Infrastructure (OCI) Command Line Interface (CLI) are TRUE?
(Choose two.)

  • A. You can filter CLI output using the JMESPath query option for JSON.
  • B. The CLI provides an automatic way to connect with instances provisioned on OCI.
  • C. You can run CLI commands from inside OCI Regions only.
  • D. The CLI provides the same core functionality as the Console, plus additional commands.
  • E. The CLI allows you to use the Python language to interact with OCI APIs.

Answer: A,D

Explanation:
Explanation
https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliusing.htm
https://blogs.oracle.com/cloud-infrastructure/post/exploring-the-search-and-query-features-of-oracle-cloud-infras


NEW QUESTION # 31
You have created an Autonomous Data Warehouse (ADW) service in your company's Oracle Cloud Infrastructure (OCI) tenancy and you now have to load historical data into it. You have already extracted this historical data from multiple data marts and data warehouses. This data is stored in multiple CSV text files and these files are ranging in size from 25 MB to 20 GB.
Which is the most efficient and error tolerant method for loading data into ADW? (Choose the best answer.)

  • A. Create Auth token, useit to create an object storage credential by executing DBMS_CLOUD.CREATE_CREDENTIAL, using OCI CLI upload the CSV files to an OCI object storage bucket, create the tables in the ADW database and then execute Data Pump Import for each CSV file to copy the contents into the corresponding ADW database table.
  • B. Create Auth token, use it to create an object storage credential by executing DBMS_CLOUD.CREATE_CREDENTIAL, using OCI CLI upload the CSV files to an OCI object storage bucket, create the tables in the ADW database and then execute DBMS_CLOUD.COPY_DATA for each CSV file to copy the contents into the corresponding ADW database table.
  • C. Create the tables in the ADW database and then execute SQL*Loader for each CSV file to load the contents into the corresponding ADW database table.
  • D. CreateAuth token, use it to create an object storage credential by executing DBMS_CLOUD.CREATE_CREDENTIAL, using the web console upload the CSV files to an OCI object storage bucket, create the tables in the ADW database and then execute DBMS_CLOUD.COPY_DATA foreach CSV file to copy the contents into the corresponding ADW database table.

Answer: B

Explanation:
Explanation
Using Object Storage and COPY_DATA is the standard recommended method for fetching data into ADW.
Furthermore using CLI over web has the benefit of multipart upload, that is chunk upload of large files, thus reducing the chance of a transfer failure


NEW QUESTION # 32
An insurance company has contracted you to help automate their application business continuity plan. They have the application running in eu-frankfurt-1 asthe primary site and uk-london-1 as a disaster recovery site.
Normally they have a DNS A record associated with the IP address of the primary endpoint in eu-frankfurt-1.
In the event of a disaster, they use OCI DNS Zone Management to update the A record and replace it with the IP address of the endpoint in uk-londond-1.
How can you automate the failover process? (Choose the best answer.)

  • A. Provision a Load Balancer in Frankfurt and associate it with the A record in DNS. Create a backend set with backend servers from both eu-frankfurt-1 and uk-london-1 regions.
  • B. Create a Traffic Management Steering policy and attach it to a backend servers from both eu-frankfurt-1 and uk-london-1 regions.
  • C. Create a Traffic Management Steering policy with Load Balancer type and add both eu-frankfurt-1 and uk- london-1 endpoints. Attach the Traffic Management Steering policy to the A record.
  • D. Create a Health Check that evaluates both regional endpoints. Create a Traffic Management Steering policy with Failover type and associate it with the Health Check.

Answer: D


NEW QUESTION # 33
Which technique does NOT help you get the optimal performance out of the Oracle Cloud Infrastructure (OCI) File Storage service? (Choose the best answer.)

  • A. Right size compute instances from where file system is accessed based on their network capacity.
  • B. Limit access to the same Availability Domain (AD) as the File Storageservice where possible.
  • C. Increase concurrency by using multiple threads, multiple clients, and multiple mount targets.
  • D. Serialize operations to the file system to access consecutive blocks as much as possible.

Answer: C

Explanation:
Explanation
"File Storage performance increases with parallelism. Increase concurrency by using multiple threads, multiple clients, and multiple mount targets."


NEW QUESTION # 34
You are asked to implement the disaster recovery (DR) and business continuity requirements for Oracle Cloud Infrastructure (OCI) Block Volumes. Two OCI regions being used: a primary/source region and a DR/destination region. The requirements are:
* There should be a copy of data in the destination region to use if a region-wide disaster occurs in the source region
* Minimize costs
Which design will help you meet these requirements? (Choose the best answer.)

  • A. Back up block volumes. Copy block volume backups from source region to destination region at regular intervals.
  • B. Clone block volumes. Use Object Storage lifecycle management to automatically move clone objects to Archive Storage. Copy Archive Storage buckets from source region to destination at regular intervals.
  • C. Clone block volumes. Copy block volume clonesfrom source region to destination region at regular intervals.
  • D. Back up block volumes. Use Object Storage lifecycle management to automatically move backup objects to Archive Storage. Copy Archive Storage buckets from source region to destination at regular intervals.

Answer: A

Explanation:
Explanation
https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/copyingvolumebackupcrossregion.htm


NEW QUESTION # 35
You set up a bastion host in your VCN to only allow your IP address (140.19.2.140) to establish SSH connections to your Compute Instances that are deployed in a private subnet. The Compute Instances have an attached Network Security Group with a Source Type: Network Security Group (NSG), Source NSG:
NSG-050504. To secure the bastion host, you added the following ingress rules to its Network Security Group:

However, after checking the bastion host logs, you discovered that there areIP addresses other than your own that can access your bastion host.
What is the root cause of this issue? (Choose the best answer.)

  • A. The port 22 provides unrestricted access to 140.19.2.140 and to other IP address.
  • B. The Security List allows access to all IP address which overrides the Network Security Group ingress rules.
  • C. A netmask of /32 allows all IP address in the 140.19.2.0 network, other thanyour IP 140.19.2.140
  • D. Allcompute instances associated with NSG-050504 are also able to connect to the bastion host.

Answer: D


NEW QUESTION # 36
Your customer is running a set of compute instances inside a private subnet to manage their workloads on Oracle Cloud Infrastructure(OCI) tenancy. You have set up auto scaling feature to provide consistent performance to their end users during period of high demand.
Which step should be met for auto scaling to work? (Choose the best answer.)

  • A. Audit logs for the instances should be enabled.
  • B. OS Management Service agent (osms) mustbe installed on the instances.
  • C. Monitoring for the instances should not be enabled.
  • D. Service gateway should be setup to allow instances to send metrics to monitoring service.

Answer: D

Explanation:
Explanation
https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/enablingmonitoring.htm#Enabling_Monitoring_for_C Service gateways or public IP addresses: The compute instance must have either a public IP address or a service gateway to be able to send compute instance metrics to the Monitoring service.
For metric-based autoscaling, monitoring is enabled on the instances in the instance pool, and the Monitoring service is receiving metrics that are emitted by the instance. When you initially create an instance pool using instances that support monitoring, monitoring is enabled by default, regardless of the settingsin the pool's instance configuration.


NEW QUESTION # 37
Here is a partial code from a Terraform template written for Oracle Cloud Infrastructure (OCI):

What operation(s) does it perform? (Choose the best answer.)

  • A. Creates a lifecycle policy for an OCI Object Storage bucket for moving data to Archival storage at a specified time.
  • B. Provides objectread and write access for an OCI Object Storage bucket.
  • C. Creates a pre-authenticated request for objects in an OCI Object Storage bucket.
  • D. Creates a URL to provide access to an OCI Object Storage bucket for managing objects.

Answer: C


NEW QUESTION # 38
You have been contracted by a local e-commerce company to assistwith enhancing their online shopping application. The application is currently deployed in a single Oracle Cloud Infrastructure (OCI) region. The application utilizes a public load balancer, application servers in a private subnet, and a database in a separate, private subnet.
The company would like to deploy another set of similar infrastructure in a different OCI region that will act as standby site. In the event of a failure at the primary site, all customers should be routed to the failover site automatically.
After deploying the additional infrastructure within the second region, how should you configure automated failover requirements? (Choose the best answer.)

  • A. Deploy a new load balancer in the primary region. Create one backend set for theprimary application servers and a second backend set for the standby application servers. Create a listener for the primary backend set with a timeout of 3 minutes. Create a listener for the secondary backend set with a timeout of 10 minutes.
  • B. Create a new A record in DNS that points to the public load balancer at the secondary site. Create a CNAME for the sub-domain failover that will resolve to the new A record. Inform customers to prepend the website URL with failover if the primary site is unavailable.
  • C. Create a failover policy in the Traffic Management service. Set the IP address of the public load balancerfor the primary site in answer pool 1. Set the IP address of the public load balancer for the secondary site in answer pool 2. Define a health check to monitor both sites.
  • D. Create a load balancer policy in the Traffic Management service. Configure one answerfor each site. Set the answer for the primary site with a weight of 10 and the answer for the secondary site with a weight of 100.

Answer: C


NEW QUESTION # 39
......


Oracle 1z0-1067-22 exam is an important certification for professionals who work in cloud operations. 1z0-1067-22 exam validates the individual's skills and knowledge in the area of cloud infrastructure management and maintenance. To prepare for 1z0-1067-22 exam, individuals should have experience with Oracle Cloud Infrastructure and study the exam topics in detail. Successful completion of 1z0-1067-22 exam will demonstrate the individual's expertise in cloud operations and enhance their career prospects in this field.

 

1z0-1067-22 Exam Questions Get Updated [2023] with Correct Answers: https://pass4sure.dumpstorrent.com/1z0-1067-22-exam-prep.html

Related Articles

more
Oracle 1z0-1067-22 Certification Practice Exam

Copyright © 2026 DumpsTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy