1z0-1072-20 | Update Oracle Cloud Infrastructure 2020 Architect Associate 1z0-1072-20 Test

Top Quality of 1z0-1072-20 exam answers materials and real exam for Oracle certification for IT examinee, Real Success Guaranteed with Updated 1z0-1072-20 pdf dumps vce Materials. 100% PASS Oracle Cloud Infrastructure 2020 Architect Associate exam Today!

Free demo questions for Oracle 1z0-1072-20 Exam Dumps Below:


Which three are capabilities of the dbaascli utility? (Choose three.)

  • A. Patching the primary database deployment
  • B. Open port 1521 in the VCN to allow for traffic to the listener
  • C. Start and open the database instance
  • D. Switchover and failover in an Oracle Guard configuration
  • E. Clone a DB

Answer: ACD

https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html Using the dbaascli utility, you can:
Change the password of a database user. Start and stop a database.
Start and stop the Oracle Net listener
Check the status of the Oracle Data Guard configuration.
Perform switchover and failover in an Oracle Data Guard configuration. Patch the database deployment.
Perform database recovery. Rotate the master encryption key.


Which three methods can you use to manage Oracle Cloud Infrastructure services? (Choose three.)

  • A. Oracle Cloud Infrastructure Desktop Client
  • B. Oracle Cloud Infrastructure Console
  • C. SSH or RDP
  • D. Command-line Interface

Answer: BDE



Which two resources reside exclusively in a single Oracle Cloud Infrastructure Availability Domain? (Choose two.)

  • A. Identity and Access Management Groups
  • B. Object Storage
  • C. Web Application Firewall policy
  • D. Block volume
  • E. Compute instance

Answer: DE

Availability Domain-Specific Resources DB Systems
ephemeral public IPs
instances: They can be attached only to volumes in the same availability domain.
subnets: When you create a subnet, you choose whether it is regional or specific to an availability domain. Oracle recommends using regional subnets.
volumes: They can be attached only to an instance in the same availability domain.


Which two are true for achieving High Availability on Oracle Cloud Infrastructure? (Choose two.)

  • A. Store your database across multiple regions so that half of the data resides in one region and the other half resides in another region.
  • B. Attach your block volume form Availability Domain 1 to a compute instance in Availability Domain 2 (and vice versa) so that they are highly available.
  • C. Configure your database to have Data Guard in another Availability Domain in Sync mode within a region.
  • D. Store your database files on Object Storage so that they are available in all Availability Domains in all regions.
  • E. Distribute your application servers across all Availability Domains within a region.

Answer: CE


What is a “transfer package” when transferring data to OCI via the OCI Data Transfer Service?

  • A. A transfer package is the logical representation of the physical shipment containing the HDD transfer devices that you ship to Oracle to upload to OCI.
  • B. A transfer package is the software Oracle provides for you to prepare transfer devices for shipment to Oracle
  • C. A transfer package contains the physical devices.
  • D. A transfer package is the archive file that the Data Transfer Service Utility (dts) writes to the transfer device.

Answer: A



As a solution architect, you are showcasing the Oracle Cloud Infrastructure (OCI) Object Storage feature about Object Versioning to a customer.
Which statement is true in regards to OCI Object Storage Versioning?

  • A. Object versioning does not provide data protection against accidental or malicious object update,overwrite, or deletion.
  • B. By default, object versioning is disabled on a bucket.
  • C. A bucket that is versioning-enabled can have only and always will have a latest version of the object in the bucket.
  • D. Objects are physically deleted from a bucket when versioning is enabled.

Answer: A

Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Tasks/usingversioning.htm


Which three actions are required to configure a highly available and secure hybrid network between Oracle Cloud and your data center? (Choose three.)

  • A. Define a non-overlapping IP Address Space between the data center and the cloud.
  • B. Configure each of the CPEs to leverage each of the IPSec Tunnels created by the connection process.
  • C. Create two or more CPEs that map to the private IP addresses of the customer routers used in the IPSec VPN Tunnel.
  • D. Define a default route table entry for the VCN that directs all traffic to the data center network to a single DRG.
  • E. Create dynamic routing gateways in more than one AD within your region.

Answer: ABC



Which two statements are true about policies?

  • A. You can use read, write, manage, and inspect as verbs for defining a policy.
  • B. A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how.
  • C. Users need not do anything but still have to be added to a group with appropriate policies defined.
  • D. You can deny access to a group via policies.

Answer: BC


You deployed a database on a Standard Compute instance in Oracle Cloud Infrastructure (OCI) due to cost concerns. The database requires additional storage with high I/O and you decided to use OCI Block Volume service for it.
With this requirement in mind, which elastic performance option should you choose for the Block Volume?

  • A. Balanced Performance
  • B. Higher performance
  • C. Extreme performance
  • D. Lower cost

Answer: B

Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Concepts/blockvolumeperformance.htm


You have hired a new employee to run reports from the Autonomous Data Warehouse (ADW) and are not confident in their SQL writing ability.
Into which consumer group will you assign this individual to minimize the impact of their code?

  • A. Lowest
  • B. Medium
  • C. Highest
  • D. High
  • E. Low

Answer: E

in ADW, The tnsnames.ora file provided with the credentials zip file contains three database service names identifiable as high, medium, and low. The predefined service names provide different levels of performance and concurrency for Autonomous Data Warehouse.
high: The High database service provides the highest level of resources to each SQL statement resulting in the highest performance, but supports the fewest number of concurrent SQL statements. Any SQL statement in this service can use all the CPU and IO resources in your database. The number of concurrent SQL statements that can be run in this service is 3, this number is independent of the number of OCPUs in your database.
medium: The Medium database service provides a lower level of resources to each SQL statement potentially resulting a lower level of performance, but supports more concurrent SQL statements. Any SQL statement in this service can use multiple CPU and IO resources in your database. The number of concurrent SQL statements that can be run in this service depends on the number of OCPUs in your database.
low: The Low database service provides the least level of resources to each SQL statement, but supports the most number of concurrent SQL statements. Any SQL statement in this service can use a single CPU and multiple IO resources in your database. The number of concurrent SQL statements that can be run in this service can be up to 300 times the number of OCPUs.
The predefined service names provide different levels of performance and concurrency for Autonomous DB Choose whichever database service offers the best balance of performance and concurrency.
Use the low database service name. to minimize the impact of their SQLs to by low consumer group


You have been asked to create an Identity and Access Management (IAM) user that will authenticate to Oracle Cloud Infrastructure (OCI) API endpoints. This user must not be given credentials that would allow them to log into the OCI console.
Which two authentication options can you use? (Choose two.)

  • A. SSL certificate
  • B. API signing key
  • C. SSH key pair
  • D. PEM Certificate file
  • E. Auth token

Answer: BE

Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/managingcredentials.htm


When terminating a compute instance, which statement is true?

  • A. The instance needs to be stopped first, and then terminated.
  • B. The boot volume is always deleted.
  • C. All block volumes attached to the instance are terminated.
  • D. Users can preserve the boot volume associated with the instance.

Answer: D

You can permanently terminate (delete) instances that you no longer need. Any attached VNICs and volumes are automatically detached when the instance terminates. Eventually, the instance's public and private IP addresses are released and become available for other instances. By default, the instance's boot volume is deleted when you terminate the instance, however you can preserve the boot volume associated with the instance, so that you can attach it to a different instance as a data volume, or use it to launch a new instance.


Which two statements are true when Oracle Data Guard is configured (using the Console) between two Virtual Machine DB Systems deployed in Oracle Cloud Infrastructure? (Choose two.)

  • A. Primary is a 1-node RAC DB system and Standby is a 2-node RAC DB system.
  • B. Primary is a 2-node RAC DB system and Standby is a 2-node RAC DB system.
  • C. Primary is a 1-node RAC DB system and Standby is a 1-node RAC DB system.
  • D. Primary is a 2-node RAC DB system and Standby is a 1-node RAC DB system.
  • E. Primary is a Bare Metal DB system and Standby is a 1-node RAC DB system.

Answer: AC

Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Database/Concepts/overview.htm


What happens after you successfully run the following command on your Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) using the YAML file defined below?
kubectl create -f definition.yml YAML file – definition.yml
1Z0-1072-20 dumps exhibit

  • A. A single Pod with a single container is created.
  • B. Two Pods with a container each are created.
  • C. A single Pod with two containers is created.
  • D. No Pod gets created.

Answer: C


You are responsible for setting up access for all the cloud users of a large enterprise. You log in to the Phoenix region and start creating users and policies. You then realize that some users might be creating resources in the Ashburn region.
Which step should you perform to enable those users?

  • A. You can assign a region to each of the users at the time of creation.
  • B. IAM users are global and non-admin users can add resources to any region by default.
  • C. You need to log in to each region separately to create users for that particular region.
  • D. IAM users are globa
  • E. As an administrator, make sure that you subscribe to the Ashburn region.

Answer: D


You had an outage in your application caused by the loss of a shared volume provisioned by File Storage Service (FSS). At this point, you need to restore the data from a snapshot you created of the FSS.
What are the steps to restore the data?

  • A. Access the directory where the shared volume is mounted, then cd into .snapshot folder, find the snapshot folder you want to recover and use cp or rsync tool to copy the files to the original location.
  • B. Open OCI Console, select File Storage Service, find the shared storage, then click on snapshot and restore.
  • C. Open OCI Console, select File Storage Service, find the snapshot you created and click restore.
  • D. Access the directory, where you mounted the shared volume, then cd into .snapshot folder and find the snapshot folder you want to recover and rename that folder to the original folder name.

Answer: B


You are responsible for creating and maintaining an enterprise application that consists of multiple storage
volumes across multiple compute instances in Oracle Cloud Infrastructure (OCI).
The storage volumes include boot volumes and block volumes for your data storage. You need to create backups of these storage volumes in the most time-efficient manner.
How can you meet this requirement?

  • A. Create clones of all boot volumes and block volumes one at a time.
  • B. Create on-demand full backups of boot volumes, and copy data in block volumes to Object Storage using OCI CLI.
  • C. Create on-demand full backups of block volumes, and create custom images from the boot volumes.
  • D. Group together multiple storage volumes in a volume group and create volume group backups.

Answer: D

Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Concepts/volumegroups.htm


You are running a mission-critical database application in Oracle Cloud Infrastructure (OCI). You take regular backups of your DB system to OCI object storage. Recently, you notice a failed database backup status in the console.
What step can you take to determine the cause of the backup failure?

  • A. Ensure that your database host can connect to OCI object storage.
  • B. Ensure the database archiving mode is set to NOARCHIVELOG.
  • C. Make sure that the database is not active and running while the backup is in progress.
  • D. Don't restart the dcsagent program even if it has a status of stop/waiting.

Answer: A

Database backups can fail for various reasons. Typically, a backup fails because either the database host cannot access the object store, or there are problems on the host or with the database configuration.
First need to determining the Problem
In the Console, a failed database backup either displays a status of Failed or hangs in the Backup in Progress or Creating state. If the error message does not contain enough information to point you to a solution, you can use the database CLI and log files to gather more data. Then, refer to the applicable section in this topic for a solution.
Database Service Agent Issues
Your Oracle Cloud Infrastructure Database makes use of an agent framework to allow you to manage your database through the cloud platform. Occasionally you might need to restart the dcsagent program if it has the status of stop/waiting to resolve a backup failure.
Object Store Connectivity Issues
Backing up your database to Oracle Cloud Infrastructure Object Storage requires that the host can connect to the applicable Swift endpoint. You can test this connectivity by using a Swift user.
Host Issues
One or more of the following conditions on the database host can cause backups to fail:
- Interactive Commands in the Oracle Profile
- The File System Is Full
- Incorrect Version of the Oracle Database Cloud Backup Module
- Changes to the Site Profile File (glogin.sql)
Database Issues
An improper database state or configuration can lead to failed backups.
- Database Not Running During Backup
- Archiving Mode Set to NOARCHIVELOG (When you provision a new database, the archiving mode is set to ARCHIVELOG by default. This is the required archiving mode for backup operations)
- Stuck Database Archiver Process and Backup Failures
- Temporary Tablespace Errors
- RMAN Configuration and Backup Failures
- RMAN Retention Policy and Backup Failures
- Loss of Objectstore Wallet File and Backup Failures
TDE Wallet and Backup Failures
- Incorrect TDE Wallet Location Specification
- Incorrect State of the TDE Wallet
- Incorrect Configuration Related to the TDE Wallet
- Missing TDE Wallet File
As this is not new provisioned database and already in the ARCHIVELOG , regular backups of DB system to OCI object storage in places, so the best answers are,
- Ensure that your database host can connect to the OCI object storage
- Restart the database service agent


Which two statements are true about Oracle Cloud Infrastructure storage services?

  • A. You can move Object Storage buckets, Block Volumes and File Storage mount targets between compartments.
  • B. File storage mount target does not provide a private IP address, while the Object Storage bucket provides one.
  • C. File Storage uses the network file system (NFS) protocol, whereas Block Volume uses ISCSI.
  • D. Block Volume service scales to Exabytes per Instance, while File Storage service offers unlimited scalability.
  • E. You can take Incremental snapshots of Block Volumes, File Storage file systems and Object Storage buckets.

Answer: AC


boot volume for a minimum of 15 days so you have to increase the boot
You have created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system so you have provisioned one using the file storage service (FSS). You also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that both application servers and the DB System can access the file system. The security team determines that the DB System should have read-only access to the file system.
What change would you make to satisfy this requirement?

  • A. Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet.
  • B. Connect via SSH to one of the application servers where the file system has been mounte
  • C. Use the Unix command chmod to change permissions on the file system directory, allowing the database user read only access.
  • D. Modify the security list associated with the subnet where the mount target reside
  • E. Change the ingress rules corresponding to the DB System subnet to be stateless.
  • F. Create an instance principal for the DB Syste
  • G. Write an Identity and Access Management (IAM) policy that allows the instance principal read-only access to the file storage service.

Answer: A

NFS export options enable you to create more granular access control than is possible using just security list rules to limit VCN access. You can use NFS export options to specify access levels
blocks connecting to file systems through exports in a mount target.


You are a network architect and have designed the network infrastructure of a three-tier application on Oracle Cloud Infrastructure (OCI). In the architecture, back-end DB servers are in a private subnet. One of your DB administrators requests to have access to OCI object storage service.
How can you meet this requirement?

  • A. Add a new route rule to the private subnet route table to route default traffic to the internet gateway.
  • B. Attach a public IP address to the instances in the private subnet, and then add a new route rule to the private subnet route table to route default traffic to the internet gateway.
  • C. Create a dynamic routing gateway (DRG) and attach it to your virtual cloud network (VCN). Add a default route rule to the private subnets route table and set the target as DRG.
  • D. Create a service gateway, add a new route rule to the private subnet route table that uses object storage as target type.

Answer: D

A service gateway lets resources in your VCN privately access specific Oracle services, without exposing the data to an internet gateway or NAT. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic from the VCN to the service of interest travels over the Oracle network fabric and never traverses the internet.
To give your VCN access to a given service CIDR label, you must enable that service CIDR label for the VCN's service gateway. You can do that when you create the service gateway, or later after it's created. You can also disable a service CIDR label for the service gateway at any time.
For traffic to be routed from a subnet in your VCN to a service gateway, you must add a rule accordingly to the subnet's route table. The rule must use the service gateway as the target.


Which statement Is true about Data Guard implementation in Oracle Cloud Infrastructure (OCI) bare metal and virtual machine database systems?

  • A. Primary and standby databases must be in the same OCI region.
  • B. Both database systems must be in the same compartment.
  • C. Database systems need not be the same shape type (e.g, primary database can be a virtual machine, and standby database a bare metal shape, and vice versa).
  • D. Primary and standby database versions and editions need not be Identical.

Answer: B

Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Database/Tasks/exausingdataguard.htm


You created a public subnet and an internet gateway in your virtual cloud network (VCN) of Oracle Cloud Infrastructure. The public subnet has an associated route table and security list. However, after creating several compute instances in the public subnet, none can reach the Internet.
Which two are possible reasons for the connectivity issue? (Choose two.)

  • A. The route table has no default route for routing traffic to the internet gateway.
  • B. There is no stateful egress rule in the security list associated with the public subnet.
  • C. There is no dynamic routing gateway (DRG) associated with the VCN.
  • D. There is no stateful ingress rule in the security list associated with the public subnet.
  • E. A NAT gateway is needed to enable the communication flow to internet.

Answer: AB

An internet gateway as an optional virtual router that connects the edge of the VCN with the internet. To use the gateway, the hosts on both ends of the connection must have public IP addresses for routing. Connections that originate in your VCN and are destined for a public IP address (either inside or outside the VCN) go through the internet gateway. Connections that originate outside the VCN and are destined for a public IP address inside the VCN go through the internet gateway.
Working with Internet Gateways
You create an internet gateway in the context of a specific VCN. In other words, the internet gateway is automatically attached to a VCN. However, you can disable and re-enable the internet gateway at any time.
Compare this with a dynamic routing gateway (DRG), which you create as a standalone object that you
then attach to a particular VCN. DRGs use a different model because they're intended to be modular building blocks for privately connecting VCNs to your on-premises network.
For traffic to flow between a subnet and an internet gateway, you must create a route rule accordingly in the subnet's route table (for example, destination CIDR = and target = internet gateway). If the internet gateway is disabled, that means no traffic will flow to or from the internet even if there's a route rule that enables that traffic. For more information, see Route Tables.
For the purposes of access control, you must specify the compartment where you want the internet gateway to reside. If you're not sure which compartment to use, put the internet gateway in the same compartment as the cloud network. For more information, see Access Control.
You may optionally assign a friendly name to the internet gateway. It doesn't have to be unique, and you can change it later. Oracle automatically assigns the internet gateway a unique identifier called an Oracle Cloud ID (OCID). For more information, see Resource Identifiers.
To delete an internet gateway, it does not have to be disabled, but there must not be a route table that lists it as a target.
AS per compute instances can connect to the Internet so you use egress no ingress


You have setup your environment as shown below with the Mount Target "MT" successfully mounted on both compute instances CLIENT-X and CLIENT-Y.
For security reasons you want to control the access to the File System A in such a way that CLIENT-X has READ/WRITE and CLIENT-Y has READ only permission.
1Z0-1072-20 dumps exhibit
What you should do?

  • A. Update the OS firewall in CLIENT-X to allow READ/WRITE access.
  • B. Update the security list TWO to restrict CLIENT-Y access to read-only.
  • C. Update the mount target export options to restrict CLIENT-Y access to read-only.
  • D. Update the security list ONE to restrict CLIENT-Y access to read only.

Answer: D


P.S. Easily pass 1z0-1072-20 Exam with 238 Q&As 2passeasy Dumps & pdf Version, Welcome to Download the Newest 2passeasy 1z0-1072-20 Dumps: https://www.2passeasy.com/dumps/1z0-1072-20/ (238 New Questions)