1z0-1072-23別格な問題集をダウンロードして無料で最新の(1z0-1072-23テスト問題集をゲット2023年12月03日)
1z0-1072-23問題集は合格保証します合格できる1z0-1072-23試験問題2023年更新
質問 # 20
You are part of an organization with thousands of users accessing Oracle Cloud Infrastructure (OCI). An unknown user action was executed resulting in configuration errors. You are tasked to quickly identify the details of all users who were active in the last six hours along with any REST API calls that were executed.
Which OCI service would you use?
- A. Audit
- B. Logging
- C. Notifications
- D. Notifications
- E. Service Connectors
正解:A
解説:
Audit is the OCI service that would help identify the details of all users who were active in the last six hours along with any REST API calls that were executed. Audit is a service that records all API calls and other actions taken by or on behalf of users in OCI. It can be used to track user activity, monitor compliance, and troubleshoot issues. The other options are not suitable for this task. Reference: [Audit]
質問 # 21
You plan to upload a large file (3 TiB) to Oracle Cloud Infrastructure (OCI) Object Storage. You would like tominimize the impact of network failures while uploading, and therefore you decide to use the multipart upload capability.
Which TWO statements are true about performing a multipart upload using the Multipart Upload API?
- A. You do not have to commit the upload after you have uploaded all the object parts.
- B. You do not need to split the object into parts. Object Storage splits the object into parts and uploads all ofthe parts automatically.
- C. When you split the object into individual parts, each part can be as large as 50 GiB.
- D. While a multipart upload is still active, you can keep adding parts as long asthe total number is less than10,000.
正解:C、D
解説:
Explanation
While a multipart upload is still active, you can keep adding parts as long as the total number is less than
10,000. When you split the object into individual parts, each part can be as large as 50 GiB. The explanation is that a multipart upload allows you to upload a large object in parts, which can improve performance and reliability. You need to split the object into parts yourself and upload each part separately using the Multipart Upload API. You can add parts to an active multipart upload until you reach the maximum number of 10,000 parts per upload. Each part can range from 10 MiB to 50 GiB in size, except for the last part, which can be any size.
質問 # 22
You are in the process of migrating several legacy applications from on-premises to Oracle Cloud Infrastructure (OCI). The current servers are already virtualized. However, you notice that the version of CentOS currentlyrunning does not align with any of the Oracle-provided compute images.How would you migrate your existing virtual server images to OCI?
- A. Export your current image in the VDI format and copy to an Object Storagebucket. Import it as a customimage. Select native modeto ensure the best possible performance.
- B. Export your current image in the QCOW2 format and copy to an Object Storage bucket. Import it as a custom image. Select emulated mode to ensure compatibility with legacy drivers
- C. Export your current image in the VMDK format and copy to an Object Storage bucket. Import it as a custom image. Select native mode to ensure the best possible performance.
- D. Export your current image in the QED format and copy to an Object Storagebucket. Import it as a customimage. Select emulated modeto ensure compatibility with legacy drivers.
正解:B
解説:
Explanation
Export your current image in the QCOW2 format and copy to an Object Storage bucket. Import it as a custom image. Select emulated mode to ensure compatibility with legacy drivers. The explanation is that QCOW2 is one of the supported formats for importing custom images to OCI. Custom images are images that you can create from your own on-premises or cloud servers and use them to launch instances in OCI. To import a custom image, you need to export your current image in a supported format, copy it to an Object Storage bucket, and then import it as a custom image using the OCI console or API. When you import a custom image, you can choose between native mode or emulated mode. Native mode offers better performance but requires compatible drivers and firmware. Emulated mode offers better compatibility but lower performance.
質問 # 23
You have a high-demand web application running on Oracle Cloud Infrastructure (OCI). Your tenancy administrator has set up a schedule-based autoscaling policy on instance pool withan initial size of 5 instancesfor the application.
Policy 1:
Target pool size:10 instances
Execution time:8:30 a.m. on every Monday through Friday, in every month, in every year Cron expression:0 30 8 ? * MON-FRI * Which statement accurately explains the goal of this policy?
- A. Goal: A recurring monthly schedule. On all days of the month, set the initial pool size to 5 instances. At
8.30 a.m., on every day of the month, scale out to 10 instances. - B. Goal: A one-time schedule with only one scaling out event. At 8:30 a.m., on December 31, 2021, scale theinstance pool to 10 instances from 5.
- C. Goal: A recurring weekly schedule. On all days of the week at 8.30 a.m., scale out the pool to 10 instancesfrom the initial size of 5
- D. Goal: A recurring daily schedule. On weekday mornings at 8.30 a.m., scale out to 10 instances.
正解:D
解説:
Explanation
The explanation is that a schedule-based autoscaling policy allows you to adjust the size of your instance pool based on a cron expression that specifies the date and time of the scaling action. The cron expression consists of six fields: seconds, minutes, hours, day of month, month, and day of week. In this case, the cron expression is 0 30 8 ? * MON-FRI *, which means that the scaling action will occur at 8:30 a.m. on every Monday through Friday, regardless of the day of month or month. Therefore, the goal of this policy is to scale out the instance pool to 10 instances on weekday mornings at 8:30 a.m.
質問 # 24
Which is NOT a valid Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) approach?
- A. Use OCI tags to tag VCN resources so that all resources follow organizational tagging/naming conventions.
- B. Ensure not all IP addresses are allocated at once within a VCN or subnet; instead reserve some IP addresses for future use.
- C. Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or withyour organizations private IPnetwork ranges.
- D. Private subnets should ideally have individual route tables to control the flowof traffic within and outsideof VCN.
正解:C
解説:
Explanation
Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges. The explanation is that a VCN CIDR prefix is the range of IPv4 addresses that can be used within the VCN and its subnets. The VCN CIDR prefix should not overlap with other VCNs in your tenancy or with your organization's private IP network ranges, as this can cause routing conflicts and connectivity issues. You should choose a VCN CIDR prefix that is large enough to accommodate your current and future needs, but not too large to waste IP addresses. You can use any of the private IPv4 address ranges specified in RFC 1918 for your VCN CIDR prefix.
質問 # 25
When defining a query for metric data in Monitoring, which field provides the time window for aggregating metric data points plotted on the metric chart?
- A. Statistic
- B. Dimension
- C. Namespace
- D. Interval
正解:D
解説:
Interval is the field that provides the time window for aggregating metric data points plotted on the metric chart. Interval is a parameter that specifies how often metric data points are collected and aggregated by the Monitoring service. For example, an interval of 5 minutes means that metric data points are aggregated every 5 minutes and displayed on the chart. The other options are not fields that provide the time window for aggregating metric data points, but rather other parameters that define the metric query. Reference: [Interval]
質問 # 26
You are backing up your on-premises data to the Oracle Cloud Infrastructure (OCI) Object Storage Service.
Your requirements are:
1. Backups need to be retained for at least full 31 days.
2. Data should be accessible immediately if and when needed after the backup.
Which OCI Object Storage tier is suitable for storing the backup to minimize cost?
- A. Standard tier
- B. Infrequent Access tier
- C. Archive tier
- D. Auto-Tiering tier
正解:B
解説:
The explanation is that the Infrequent Access tier is suitable for storing data that is accessed less frequently but requires immediate access when needed. The Infrequent Access tier has lower storage costs than the Standard tier, but higher retrieval costs. The Infrequent Access tier also has a minimum storage duration of 30 days, which means that you will be charged for at least 30 days of storage even if you delete or move the data before that period.
質問 # 27
Your DevOps team needs to interconnect the on-premises network to the Oracle Cloud Infrastructure (OCI) resources, such as a managed database that resides in a private subnet. They indicate that they have a low budget and their bandwidth requirements are minimal, so you decide that a site-to-site VPN is the best option.
They provide you with their router public IP address. You need to create an object in OCI that represents this router. Which object would you create?
- A. Customer Premises Equipment (CPE)
- B. Dynamic Routing Gateway (DRG)
- C. Internet Gateway
- D. Bastion Host
- E. Virtual Network Interface Card (vNIC)
- F. IPSec Tunnel
正解:A
解説:
Customer Premises Equipment (CPE). The explanation is that CPE is an object in OCI that represents your on-premises router or VPN device that connects to your VCN via a site-to-site VPN. A site-to-site VPN is a secure and encrypted connection between your on-premises network and your VCN over the public internet. To set up a site-to-site VPN, you need to create a CPE object with your router's public IP address and other information, such as vendor and platform. You also need to create a Dynamic Routing Gateway (DRG) object in your VCN and attach it to your VCN. Then, you need to create an IPSec connection between your CPE and DRG, which will create two redundant VPN tunnels for high availability.
質問 # 28
Which is NOT a valid Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) approach?
- A. Use OCI tags to tag VCN resources so that all resources follow organizational tagging/naming conventions.
- B. Ensure not all IP addresses are allocated at once within a VCN or subnet; instead reserve some IP addresses for future use.
- C. Private subnets should ideally have individual route tables to control the flow of traffic within and outside of VCN.
- D. Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges.
正解:D
解説:
Ensure VCN CIDR prefix overlaps with other VCNs in your tenancy or with your organizations private IP network ranges. The explanation is that a VCN CIDR prefix is the range of IPv4 addresses that can be used within the VCN and its subnets. The VCN CIDR prefix should not overlap with other VCNs in your tenancy or with your organization's private IP network ranges, as this can cause routing conflicts and connectivity issues. You should choose a VCN CIDR prefix that is large enough to accommodate your current and future needs, but not too large to waste IP addresses. You can use any of the private IPv4 address ranges specified in RFC 1918 for your VCN CIDR prefix.
質問 # 29
You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin group set up: A-Admins, B-Admins, and C-Admins.
Each admin group has full access over their respective compartments as shown in the graphic below.
Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'.
You want to set up a Test compartment for members of the three projects to share. You also need to provide admin access to all three of your existing admin groups.
Which policy would you write to accomplish this task?
- A. Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
- B. Allow dynamic-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
- C. Allow any-user to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
- D. Allow all-group to manage all-resources in compartment Test where
request.principal.group.tag.EmployeeGroup.Role='Admin'
正解:C
解説:
Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin' is the policy that would accomplish this task. This policy grants admin access to all groups that have the tag EmployeeGroup.Role='Admin' in the compartment Test. The other options are not correct, as they use incorrect terms such as dynamic-group, any-group, or any-user. Reference: [Tag-Based Authorization]
質問 # 30
You are using the Oracle Cloud Infrastructure (OCI) Vault service to create and manage Secrets. For your database password, you have created a secret and rotated the secret one time. The secret versions are as follows:
-----------------------------------------
2 (latest) | Current
1 | Previous
You later realize that you have made a mistake in updating the secret content for version 2 and want to rollback to version 1.
What should you do to rollback to version 1?
- A. Deprecate version 2 (latest). Create new Secret version 3. Create soft link from version 3 to version 1.
- B. From the version 2 (latest) menu, select "Rollback" and select version 1 when given the option.
- C. Create a new secret version 3 and set to Pending. Copy the content of version 1 into version 3.
- D. From the version 1 menu on the OCI console, select "Promote to Current".
正解:D
解説:
From the version 1 menu on the OCI console, select "Promote to Current". The explanation is that when you promote a secret version to current, it becomes the latest version of the secret and is used by default when you access the secret. This way, you can rollback to a previous version of the secret without creating a new version.
質問 # 31
Which TWO components are optional while creating the Monitoring Query Language (MQL) expressions in the Oracle Cloud Infrastructure (OCI) Monitoring service?
- A. Interval
- B. Metric
- C. Statistic
- D. Dimensions
- E. Grouping Function
正解:D、E
解説:
Dimensions and Grouping Function are two optional components while creating the Monitoring Query Language (MQL) expressions in the OCI Monitoring service. Dimensions are key-value pairs that provide additional information about a metric, such as region, compartment, or resource type. Grouping Function is a function that aggregates metric data across one or more dimensions, such as sum, count, or average. The other options are required components for MQL expressions. Reference: [Dimensions], [Grouping Function]
質問 # 32
Which statement is TRUE about delegating an existing domain to the OracleCloud Infrastructure (OCI) DNS service?
- A. All domains can be retrieved to OCI DNS via DYN.
- B. Domains can be delegated to OCI DNS via FastConnect partners.
- C. Domains can be delegated to OCI DNS from the Domain Registrar's self-service portal.
- D. Domains can be self-delegated to OCI DNS from its own service portal.
- E. Domains can be delegated to OCI DNS from the OCI Marketplace.
正解:C
解説:
Explanation
Domains can be delegated to OCI DNS from the Domain Registrar's self-service portal. The explanation is that delegating a domain to OCI DNS means that you are transferring the authority to resolve DNS queries for your domain from your current DNS provider to OCI DNS. To delegate a domain to OCI DNS, you need to create a zone in OCI DNS that matches your domain name and add any records that you want to serve from OCI DNS. Then, you need to update the name servers for your domain at your Domain Registrar's self-service portal with the name servers provided by OCI DNS. This will point your domain to OCI DNS and allow it to resolve DNS queries for your domain.
質問 # 33
Which tool provides a diagram of the implemented topology of all Virtual Cloud Networks (VCNs) in a selected region and tenancy?
- A. Network Visualizer
- B. Traffic Analytics
- C. Network Watcher
- D. VCN Flow Logs
正解:A
解説:
Network Visualizer is the tool that provides a diagram of the implemented topology of all VCNs in a selected region and tenancy. Network Visualizer is a feature of the OCI Networking service that allows users to view and manage their network resources in a graphical interface. It can help users understand their network topology, troubleshoot issues, and optimize performance. The other options are not tools that provide a diagram of the VCN topology, but rather other features or services of OCI Networking. Reference: [Network Visualizer]
質問 # 34
What should be created before provisioning an Oracle Cloud Infrastructure (OCI) DB System?
- A. Bucket in Object Storage
- B. Virtual Cloud Network
- C. Compartment
- D. Compute Instance
正解:B
解説:
The explanation is that a Virtual Cloud Network (VCN) is a software-defined network that you set up in OCI to connect your cloud resources, such as compute instances and databases. A VCN provides you with complete control over your network environment, including selecting your own IP address range, creating subnets, route tables, gateways, security lists, etc. You need to create a VCN before provisioning an OCI DB System, as you need to specify which subnet in your VCN you want to launch your DB System in.
質問 # 35
You have an instance running in Oracle Cloud Infrastructure (OCI) that cannot be live-migrated during an infrastructure maintenance event. OCI schedules a maintenance due date within 14 to 16 days and sends you a notification.
What would happen if you choose not to proactively reboot the instance before the scheduled maintenance due date?
- A. You will receive another notification to reboot within the next 14 days.
- B. The instance is either reboot-migrated or rebuilt in place for you.
- C. You will receive another notification to reboot within the next 7 days.
- D. The instance will get terminated.
正解:B
解説:
If you choose not to proactively reboot the instance before the scheduled maintenance due date, the instance is either reboot-migrated or rebuilt in place for you. Reboot-migration is a process where OCI migrates your instance to a new physical host without changing its configuration or public IP address. Rebuild in place is a process where OCI shuts down your instance, performs maintenance on the physical host, and restarts your instance with the same configuration and public IP address. The other options are not correct. Reference: [Reboot-Migration], [Rebuild in Place]
質問 # 36
Oracle Cloud Agent is a lightweight process that manages plugins running on compute instances.
Which is NOT a valid Oracle Cloud Agent plugin name?
- A. Bastion
- B. Compute Instance Run Command
- C. Live Migration Agent
- D. OS Management Service Agent
正解:A
解説:
Explanation
Bastion is not a valid Oracle Cloud Agent plugin name. Bastion is a service that enables secure and controlled access to compute instances in OCI. The other options are valid plugin names that provide different functionalities for the instances. References: [Bastion], [Cloud Agent Plugins]
質問 # 37
You want to distribute DNS traffic to different endpoints based on the locationof the end user. Which TrafficManagement Steering Policy would you use?
- A. IP Prefix
- B. Geolocation
- C. Load Balancer
- D. Failover
正解:B
解説:
Explanation
The explanation is that geolocation is a type of Traffic Management Steering Policy that allows you to distribute DNS traffic to different endpoints based on the location of the end user. Geolocation steering policies use geolocation data from third-party providers to map end user IP addresses to geographic regions.
You can create rules that specify which endpoints to serve for each region or country, or use a default endpoint for unspecified regions.
質問 # 38
As a solution architect, you are showcasing the Oracle Cloud Infrastructure (OCI) Object Storage feature aboutObject Versioning to a customer.
Which statement is true regarding OCI Object Storage Versioning?
- A. A bucket that is versioning-enabled can and will always have the latest version of the object in the bucket.
- B. Object Versioning is disabled on a bucket by default.
- C. Objects are physically deleted from a bucket when versioning is enabled.
- D. Object Versioning does not provide data protection against accidental or malicious object update, overwrite, or deletion.
正解:B
解説:
Explanation
Object Versioning is disabled on a bucket by default is a true statement regarding OCI Object Storage Versioning. Object Versioning is a feature that allows users to preserve, retrieve, and restore every version of every object stored in a bucket. Object Versioning is disabled on a bucket by default, but can be enabled or suspended by the user at any time. The other statements are false regarding OCI Object Storage Versioning.
References: [Object Versioning]
質問 # 39
You want to distribute DNS traffic to different endpoints based on the location of the end user. Which Traffic Management Steering Policy would you use?
- A. IP Prefix
- B. Geolocation
- C. Load Balancer
- D. Failover
正解:B
解説:
The explanation is that geolocation is a type of Traffic Management Steering Policy that allows you to distribute DNS traffic to different endpoints based on the location of the end user. Geolocation steering policies use geolocation data from third-party providers to map end user IP addresses to geographic regions. You can create rules that specify which endpoints to serve for each region or country, or use a default endpoint for unspecified regions.
質問 # 40
As a network architect you have deployed a public subnet on your Virtual Cloud Network (VCN) with this security list:
You have also created a network security group (NSG) as shown in the table here, and assigned it to your bastion host:
You have confirmed that routing is correct but when you SSH to the VM from your home over the Internet youare unable to connect.
What could be the problem?
- A. Internet traffic should be allowed only on the NSG.
- B. Public subnet does not have a route rule to the Internet Gateway.
- C. User will be able to SSH to the VM from the Internet as SSH is open on the NSG.
- D. SSH traffic is not allowed in the security list nor on the NSG from the Internet.
正解:D
解説:
Explanation
SSH traffic is not allowed in the security list nor on the NSG from the Internet is the correct answer. This is because the security list only allows ingress traffic from 10.0.0.24 on port 22, and the NSG only allows ingress traffic from 10.0.0.0/16 on port 22. Neither of them allows ingress traffic from 0.0.0.0/0 (the Internet) on port
22, which is required for SSH access. The other options are not correct, as they do not explain why SSH access is not possible. References: [Security Lists], [Network Security Groups]
質問 # 41
In which two ways can Oracle Security Zones assist with the cloud security shared responsibility model?
- A. Deny public access to Oracle Cloud Infrastructure resources, such as databases and object storage buckets.
- B. Add or move a standard compartment to a highly secured security zone compartment.
- C. Encrypt storage resources with a customer-managed key.
- D. Allow access to an unsecured compartment, which is moved from a standard compartment.
正解:A、C
解説:
Oracle Security Zones is a service that helps you enforce best practices and prevent misconfigurations on your OCI resources by applying predefined policies and controls. Some of the benefits of using Security Zones are:
Encrypt storage resources with a customer-managed key: Security Zones require that all storage resources, such as block volumes, boot volumes, file systems, and object storage buckets, are encrypted with a customer-managed key from Vault. This ensures that you have full control over the encryption and decryption of your data at rest.
Deny public access to OCI resources, such as databases and object storage buckets: Security Zones prevent you from creating or updating OCI resources that have public access enabled, such as databases and object storage buckets that are accessible from the internet. This reduces the risk of unauthorized access or data leakage.
質問 # 42
......
Oracle 1z0-1072-23 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
| トピック 8 |
|
検証済みの1z0-1072-23問題集で問題と解答で合格保証試験問題集テストエンジン:https://www.passtest.jp/Oracle/1z0-1072-23-shiken.html
検証済みの1z0-1072-23問題集57格別な問題:https://drive.google.com/open?id=1xLrD5ZnGDESVlZ5L_ICOHr4j2C3AYKFi