Online Access Free 1Z1-1067 Practice Test

You have been asked to provision a new production environment on Oracle Cloud Infrastructure (OCI). After working with the solution architect you dockte that you are going to automate this process.
Which OCI service can help automate the provisioning of this new environment?

• A.OCI Streaming Service
• B.Oracle Functions
• C.OCI Resource Manager
• D.Oracle Container Engine for Kubernetes

Your team Implemented a SaaS application that requires a whole system deployment for each new customer. The Infrastructure provisioning is already automated via Terraform, and now you have been asked to develop an Ansible playbook to centralize configuration file management and deployment.
What Is the most effective way to ensure your playbooks are utilizing up-to-date and accurate Inventory?

• A.Export an inventory list using Terraform apply command.
• B.Export an inventory list from the Oracle Cloud Infrastructure Web console.
• C.Download the dynamic inventory script provided by Oracle Cloud Infrastructure and include It in the playbook Invocation command.
• D.Implement a Command Line Interface script to list all the resources and run it within Ansible to generate a dynamic inventory list.

You set up a bastion host in your VCN to only allow your IP address (140.19.2.140) to establish SSH connections to your Compute instances that are deployed private subnet. The Compute instances have an attached Network Security Group with a Source Type: Network security Group (NSG) , Source NSG: -050504. To secure the bastion host, you added the following ingress rules to its Network Security Group:

However, after checking the bastion host logs, you discovered that there are IP addresses other than your own that can access your bastion host.
What is the root cause of this issue?

• A.All compute instances associated with NSG-050504 are also able to connect to the bastion host.
• B.The Security List allows access to all IP address which overrides the Network Security Group ingress rules.
• C.A netmask of /32 allows all IP address in the 140.19.2.0 network, other than your IP 110.19.2.140
• D.The port 22 provides unrestricted access to 140.19.2.140 and to other IP address

You launched a Linux compute Instance to host the new version of your company website via Apache HTTPS server on HTTPS (port 443).
The Instance is created in a public subnet along with other Instances. The default security list associated to the subnet is:

You want to allow access to the company website from public Internet without exposing websites eventually hosted on the other instances In the public subnet.
Which two actions should you do?

• A.Create a network security group, add a stateful rule to allow ingress access on port 443 and associate it to the instance that host the company website.
• B.In default security list, add a stateful rule to allow ingress access on port 443.
• C.Create a new security list with a stateful rule to allow ingress access on port 443 and associate it to the public subnet.
• D.Access the Linux instance via SSH and configure Iptables to allow HTTPS access on port 443.
• E.Create a network security group, add a stateful rule to allow ingress access on port 443 and associate It to the public subnet that host the company website.

What is a key benefit of using Oracle Cloud Infrastructure's Resource Manager for your Terraform provisioning and management activities?

• A.Resource Manager has administrative privileges by design. Even if your IAM user does not have access, you can leverage Resource Manage provision new resources to any compartment in the Tenancy.
• B.You can use Resource Manager to identify and maintain an Inventory of all Compute and Database Instances across your tenancy.
• C.Resource Manager manages the Terraform state file for your infrastructure and locks the file so that only one Job at a time can run on a given stack.
• D.You can use Resource Manager to apply patches to all existing Oracle Linux Instances In a specified compartment.