• ホーム
  • ブログ
  • 無料提供される1z0-1072-23問題集と1z0-1072-23リアル試験問題 [Q11-Q31]

無料提供される1z0-1072-23問題集と1z0-1072-23リアル試験問題 [Q11-Q31]

Share

無料提供される1z0-1072-23問題集と1z0-1072-23リアル試験問題

Oracle 1z0-1072-23実際の問題とブレーン問題集

質問 # 11
Which TWO statements about the Oracle Cloud Infrastructure (OCI) File Storage Service are accurate?

  • A. Customer can encrypt data in their file system using their own Vault encryption key.
  • B. Customer can encrypt the communication to a mount target via export options.
  • C. File systems use Oracle-managed keys by default.
  • D. Communication with file systems in a mount target is encrypted via HTTPS.
  • E. Mount targets use Oracle-managed keys by default.

正解:A、C

解説:
Explanation
File systems use Oracle-managed keys by default. Customer can encrypt data in their file system using their own Vault encryption key. The explanation is that File Storage Service encrypts all data at rest using AES-256 encryption algorithm. By default, File Storage Service uses Oracle-managed keys to encrypt and decrypt data.
However, you can also use your own Vault encryption key to encrypt data in your file system. To do so, you need to create a key in Vault and associate it with your file system when you create or update it.


質問 # 12
Which is NOT a valid Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) approach?

  • A. Ensure not all IP addresses are allocated at once within a VCN or subnet; instead reserve some IP addresses for future use.
  • B. Use OCI tags to tag VCN resources so that all resources follow organizational tagging/naming conventions.
  • C. Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or withyour organizations private IPnetwork ranges.
  • D. Private subnets should ideally have individual route tables to control the flowof traffic within and outsideof VCN.

正解:C

解説:
Explanation
Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges. The explanation is that a VCN CIDR prefix is the range of IPv4 addresses that can be used within the VCN and its subnets. The VCN CIDR prefix should not overlap with other VCNs in your tenancy or with your organization's private IP network ranges, as this can cause routing conflicts and connectivity issues. You should choose a VCN CIDR prefix that is large enough to accommodate your current and future needs, but not too large to waste IP addresses. You can use any of the private IPv4 address ranges specified in RFC 1918 for your VCN CIDR prefix.


質問 # 13
What should be created before provisioning an Oracle Cloud Infrastructure (OCI) DB System?

  • A. Bucket in Object Storage
  • B. Compartment
  • C. Compute Instance
  • D. Virtual Cloud Network

正解:D

解説:
The explanation is that a Virtual Cloud Network (VCN) is a software-defined network that you set up in OCI to connect your cloud resources, such as compute instances and databases. A VCN provides you with complete control over your network environment, including selecting your own IP address range, creating subnets, route tables, gateways, security lists, etc. You need to create a VCN before provisioning an OCI DB System, as you need to specify which subnet in your VCN you want to launch your DB System in.


質問 # 14
Which statement is NOT correct regarding the Oracle Cloud Infrastructure (OI) File System snapshots?

  • A. Snapshots are a consistent, point-in-time view of your file systems.
  • B. Even if nothing has changed within the file system since the last snapshot was taken, a new snapshot consumes more storage.
  • C. Before you can clone a file system, at least one snapshot must exist for the file system.
  • D. Snapshots are accessible under the root directory of the file system at .snapshot/name.

正解:B

解説:
Explanation
Even if nothing has changed within the file system since the last snapshot was taken, a new snapshot does not consume more storage. This is because snapshots are incremental and only store the changes made to the file system since the previous snapshot. The other statements are correct regarding the OCI File System snapshots.
References: [Snapshots and Storage Consumption]


質問 # 15
You are a system administrator of your company and you are managing a complex environment consisting of compute instances running Oracle Linux on Oracle Cloud Infrastructure (OCI). It's your task to apply all the latest kernel security updates to all instances.
Which OCI service will allow you to complete this task?

  • A. OCI Registry
  • B. OS Management service
  • C. OCI Streaming service
  • D. OCI Cloud Guard to monitor and install the security updates
  • E. OCI Security Zones to achieve automatic security updates

正解:B

解説:
OS Management service is the OCI service that will allow you to complete this task. OS Management service is a service that helps users automate patching and package management for Oracle Linux and Windows instances in OCI. It can also help users monitor and manage system configuration and compliance across their instances. The other options are not suitable for this task, as they do not provide the functionality of OS Management service. Reference: [OS Management Service]


質問 # 16
You are part of an organization with thousands of users accessing Oracle Cloud Infrastructure (OCI). An unknown user action was executed resulting in configuration errors. You are tasked to quickly identify the details of all users who were active in the last six hours along with any REST API calls that were executed.
Which OCI service would you use?

  • A. Notifications
  • B. Audit
  • C. Logging
  • D. Notifications
  • E. Service Connectors

正解:B

解説:
Audit is the OCI service that would help identify the details of all users who were active in the last six hours along with any REST API calls that were executed. Audit is a service that records all API calls and other actions taken by or on behalf of users in OCI. It can be used to track user activity, monitor compliance, and troubleshoot issues. The other options are not suitable for this task. Reference: [Audit]


質問 # 17
You are part of a team that manages a set of workload instances running in an on-premises environment. The Architect team is tasked with designing and configuring Oracle Cloud Infrastructure (OCI) Logging service to collect logs from these instances. There is a requirement to archive Info-level logging data of these instances into the OCI Object Storage.
Which TWO features of OCI can help you achieve this?

  • A. Service Connectors
  • B. ObjectCollectionRule
  • C. Agent Configuration
  • D. Grouping Function
  • E. Cloud Agent Plugin

正解:A、E

解説:
Cloud Agent Plugin and Service Connectors are two features of OCI that can help collect logs from on-premises instances and archive them into OCI Object Storage. Cloud Agent Plugin is a component of the OCI Logging service that can be installed on any Linux or Windows instance to collect logs and send them to OCI. Service Connectors are components of the OCI Service Connector Hub that can transfer data between different OCI services, such as Logging and Object Storage. The other options are not relevant for this requirement. Reference: [Cloud Agent Plugin], [Service Connectors]


質問 # 18
You are backing up your on-premises data to the Oracle Cloud Infrastructure (OCI) Object Storage Service.
Your requirements are:
1. Backups need to be retained for at least full 31 days.
2. Data should be accessible immediately if and when needed after the backup.
Which OCI Object Storage tier is suitable for storing the backup to minimize cost?

  • A. Archive tier
  • B. Infrequent Access tier
  • C. Standard tier
  • D. Auto-Tiering tier

正解:B

解説:
The explanation is that the Infrequent Access tier is suitable for storing data that is accessed less frequently but requires immediate access when needed. The Infrequent Access tier has lower storage costs than the Standard tier, but higher retrieval costs. The Infrequent Access tier also has a minimum storage duration of 30 days, which means that you will be charged for at least 30 days of storage even if you delete or move the data before that period.


質問 # 19
Which is NOT a valid option for an Oracle Cloud Infrastructure (OCI) compute shape?

  • A. Exadata Virtual Machine
  • B. Virtual Machine
  • C. Dedicated Virtual Machine Host
  • D. Bare Metal

正解:A

解説:
Explanation
Exadata Virtual Machine is not a valid option for an OCI compute shape. Exadata Virtual Machine is a deployment option for Exadata Cloud Service or Exadata Cloud@Customer, which are services that provide dedicated Exadata infrastructure for running Oracle databases in OCI. Exadata Virtual Machine allows you to create multiple virtual machines on each Exadata compute node and isolate them from each other using Oracle VM technology. The valid options for OCI compute shapes are:
Bare Metal: A bare metal instance is a physical server that gives you direct access to the underlying hardware and full isolation from other tenants.
Dedicated Virtual Machine Host: A dedicated virtual machine host is a physical server that hosts only your virtual machine instances and no other tenant's instances.
Virtual Machine: A virtual machine instance is a virtual server that runs on a shared physical server with other tenants' instances.
Burstable: A burstable instance is a virtual machine instance that has a baseline utilization of either 12% or 50% of each CPU core and can burst above the baseline when needed.


質問 # 20
You have a block volume created in the US West (Phoenix) region. You enabled Cross Region Replication for the volume and selected US West (San Jose) as the destination region. Now, you would like to create a new volume from the volume replica in the US West (San Jose) region.
What should you do?

  • A. No action required. By default, the replica is available as a block volume.
  • B. Activate the replica.
  • C. Initiate the replica.
  • D. Trigger the replica.

正解:B

解説:
The explanation is that when you enable Cross Region Replication for a block volume, Object Storage creates a replica of the volume in another region of your choice. The replica is not available as a block volume until you activate it. To activate a replica, you need to select the replica from the Block Storage console and click Activate Replica. This will create a new block volume from the replica in the destination region.


質問 # 21
You are a security administrator for your company's Oracle Cloud Infrastructure (OCI) tenancy. Your storage administrator informs you that she cannot associate an encryption key from an existing Vault to a new Object Storage bucket.
What could be a possible reason for this behavior?

  • A. There is no Identity and Access Management (IAM) policy that allows the Object Storage service to use the key.
  • B. The Object Storage bucket policy lacks the necessary Access Control List (ACL).
  • C. The secret for the key was not created beforehand
  • D. The storage administrator forgot to select "Encrypt using Oracle managed keys" while creating the bucket.

正解:A

解説:
There is no Identity and Access Management (IAM) policy that allows the Object Storage service to use the key. The explanation is that when you create an Object Storage bucket with encryption using a customer-managed key from Vault, you need to have an IAM policy that allows the Object Storage service to use the key on your behalf. The policy should look like this:
allow service objectstorage-<region> to use key in compartment <compartment-name> where <region> is the region where your bucket resides and <compartment-name> is the compartment where your key resides.


質問 # 22
Oracle Cloud Agent is a lightweight process that manages plugins running on compute instances.
Which is NOT a valid Oracle Cloud Agent plugin name?

  • A. Bastion
  • B. Compute Instance Run Command
  • C. Live Migration Agent
  • D. OS Management Service Agent

正解:A

解説:
Explanation
Bastion is not a valid Oracle Cloud Agent plugin name. Bastion is a service that enables secure and controlled access to compute instances in OCI. The other options are valid plugin names that provide different functionalities for the instances. References: [Bastion], [Cloud Agent Plugins]


質問 # 23
Which TWO statements about the Oracle Cloud Infrastructure (OCI) File Storage Service are accurate?

  • A. Customer can encrypt data in their file system using their own Vault encryption key.
  • B. Customer can encrypt the communication to a mount target via export options.
  • C. File systems use Oracle-managed keys by default.
  • D. Communication with file systems in a mount target is encrypted via HTTPS.
  • E. Mount targets use Oracle-managed keys by default.

正解:A、C

解説:
File systems use Oracle-managed keys by default. Customer can encrypt data in their file system using their own Vault encryption key. The explanation is that File Storage Service encrypts all data at rest using AES-256 encryption algorithm. By default, File Storage Service uses Oracle-managed keys to encrypt and decrypt data. However, you can also use your own Vault encryption key to encrypt data in your file system. To do so, you need to create a key in Vault and associate it with your file system when you create or update it.


質問 # 24
You are using the Oracle Cloud Infrastructure (OCI) Vault service to create and manage Secrets. For your database password, you have created a secret and rotated the secret one time. The secret versions are as follows:
-----------------------------------------
2 (latest) | Current
1 | Previous
You later realize that you have made a mistake in updating the secret content for version 2 and want to rollback to version 1.
What should you do to rollback to version 1?

  • A. Create a new secret version 3 and set to Pending. Copy the content of version 1 into version 3.
  • B. From the version 2 (latest) menu, select "Rollback" and select version 1 when given the option.
  • C. Deprecate version 2 (latest). Create new Secret version 3. Create soft link from version 3 to version 1.
  • D. From the version 1 menu on the OCI console, select "Promote to Current".

正解:D

解説:
From the version 1 menu on the OCI console, select "Promote to Current". The explanation is that when you promote a secret version to current, it becomes the latest version of the secret and is used by default when you access the secret. This way, you can rollback to a previous version of the secret without creating a new version.


質問 # 25
You have a block volume created in the US West (Phoenix) region. You enabled Cross Region Replication for thevolume and selected US West (San Jose) as the destination region. Now, you would like to create a new volumefrom the volume replica in the US West (San Jose) region.
What should you do?

  • A. No action required. By default, the replica is available as a block volume.
  • B. Activate the replica.
  • C. Initiate the replica.
  • D. Trigger the replica.

正解:B

解説:
Explanation
The explanation is that when you enable Cross Region Replication for a block volume, Object Storage creates a replica of the volume in another region of your choice. The replica is not available as a block volume until you activate it. To activate a replica, you need to select the replica from the Block Storage console and click Activate Replica. This will create a new block volume from the replica in the destination region.


質問 # 26
You have objects stored in an OCI Object Storage bucket that you want to share with a partner company. You decide to use pre-authenticated requests to grant access to the objects. Which statement is true about preauthenticated requests?

  • A. Deleting a pre-authenticated request does not revoke user access to the associated bucket or object.
  • B. You need to provide your OCI credentials to the partner company.
  • C. Pre-authenticated requests can be used to delete buckets or objects.
  • D. You cannot edit a pre-authenticated request.

正解:D

解説:
Explanation
You cannot edit a pre-authenticated request is a true statement about pre-authenticated requests.
Pre-authenticated requests are URLs that allow users to access objects or buckets in OCI Object Storage without requiring additional authentication or authorization. Pre-authenticated requests can be created with an expiration date and time, and can be used for read or write operations. However, once created, pre-authenticated requests cannot be edited, but can only be deleted or extended. The other statements are false about pre-authenticated requests. References: [Pre-Authenticated Requests]


質問 # 27
You are a system administrator of your company and you are managing a complex environment consisting of compute instances running Oracle Linux on Oracle Cloud Infrastructure (OCI). It's your task to apply all the latestkernel security updates to all instances.
Which OCI service will allow you to complete this task?

  • A. OCI Registry
  • B. OS Management service
  • C. OCI Streaming service
  • D. OCI Cloud Guard to monitor and install the security updates
  • E. OCI Security Zones to achieve automatic security updates

正解:B

解説:
Explanation
OS Management service is the OCI service that will allow you to complete this task. OS Management service is a service that helps users automate patching and package management for Oracle Linux and Windows instances in OCI. It can also help users monitor and manage system configuration and compliance across their instances. The other options are not suitable for this task, as they do not provide the functionality of OS Management service. References: [OS Management Service]


質問 # 28
You want a full-featured Identity-as-a-Service (IDaaS) solution that helps you manage workforce authentication and access to all of your Oracle and non-Oracle applications, whether they are SaaS apps, on-premises enterprise apps, or apps that are hosted in the cloud. Which IAM Identity Domain type should you create?

  • A. External User
  • B. Oracle Apps Premium
  • C. Premium
  • D. Free

正解:C

解説:
Premium is the IAM Identity Domain type that you should create if you want a full-featured IDaaS solution that helps you manage workforce authentication and access to all of your Oracle and non-Oracle applications. Premium Identity Domain provides users with access to Oracle Identity Cloud Service, which is an IDaaS solution that offers identity management, single sign-on, multifactor authentication, identity governance, and integration with third-party applications. The other options are not IAM Identity Domain types that provide a full-featured IDaaS solution. Reference: [Identity Domains], [Oracle Identity Cloud Service]


質問 # 29
Company XYZ is spending $300,000.00 USD per month in egress fees for 7 Petabytes that they consume for Outbound Data Transfer in North America with their current cloud provider. The company is seeking to lower that expense considerably without reducing consumption. You propose migration to OCI because the Gigabyte Outbound Data Transfer in North America costs just $0.0085 USD per month. With OCI, how much will they spend per month for 7 Petabytes of Outbound Data Transfer? (1 Petabyte = 1000 Terabytes)

  • A. $59,500.00
  • B. $150,000.00
  • C. $0.00 (free with OCI)
  • D. $59,415.00

正解:A

解説:
$59,415.00 is the amount that Company XYZ will spend per month for 7 Petabytes of Outbound Data Transfer in North America with OCI. This is calculated by multiplying 7 Petabytes by 1000 Terabytes (to convert Petabytes to Terabytes), then multiplying by $0.0085 USD (the cost per Gigabyte Outbound Data Transfer in North America), then dividing by 1000 (to convert Gigabytes to Terabytes). The formula is:
(7 * 1000 * 0.0085) / 1000 = $59,415.00


質問 # 30
You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin groupset up: A-Admins, B-Admins, and C-Admins.
Each admin group has full access over their respective compartments as shown in the graphic below.
Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'.

You want to set up a Test compartment for members of the three projects to share. You also need to provideadmin access to all three of your existing admin groups.
Which policy would you write to accomplish this task?

  • A. Allow dynamic-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  • B. Allow any-user to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  • C. Allow all-group to manage all-resources in compartment Test where
    request.principal.group.tag.EmployeeGroup.Role='Admin'
  • D. Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'

正解:C

解説:
Explanation
Allow all-group to manage all-resources in compartment Test where
request.principal.group.tag.EmployeeGroup.Role='Admin' is the policy that would accomplish this task. This policy grants admin access to all groups that have the tag EmployeeGroup.Role='Admin' in the compartment Test. The other options are not correct, as they use incorrect terms such as dynamic-group, any-group, or any-user. References: [Tag-Based Authorization]


質問 # 31
......

1z0-1072-23合格させる問題集でOracle24時間で試験合格できます:https://www.passtest.jp/Oracle/1z0-1072-23-shiken.html

最新問題を使おう1z0-1072-23試験問題と解答PDFで一年間無料更新:https://drive.google.com/open?id=1_Xwf7Ni4Bz9JuPzblxDNOlFBJNWQ6t34

関するブログ

もっと
1z0-1072-23 無料問題集