1z0-1072-22 Practice Exam Questions with Answers Oracle Cloud Infrastructure 2022 Architect Associate Certification

Which is NOT a valid Oracle Cloud Agent plugin name?

A. Compute Instance Run Command

B. OS Management Service Agent

C. Live Migration Agent

D. Bastion

Answer: C

A service gateway lets your virtual cloud network (VCN) privately access specific Oracle services without exposing the data to the public internet. No internet gateway or NAT is required to reach those specific services. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.

The service gateway is regional and enables access only to supported Oracle services in the same region as the VCN.

For traffic to be routed from a subnet in your VCN to a service gateway, you must add a rule accordingly to the subnet's route table. The rule must use the service gateway as the target. For the destination, you must use the service CIDR label that is enabled for the service gateway. This means that you don't have to know the specific public CIDRs, which could change over time.

You can scale up/down your Autonomous Database to scale both in terms of compute (CPU) and storage only when needed, allows people to pay per use.

Oracle allows you to scale compute and storage independently, no need to do it together. these scaling activities fully online (no downtime required)

in Details page Autonomous Database in OCI console, click Scale Up/Down. Click on arrow to select a value for CPU Core Count or Storage (TB).

Or Select auto scaling to allow the system to automatically use up to three times more CPU and IO resources to meet workload demand, compared to the database operating with auto scaling disabled.

When you create your VCN, you assign a contiguous IPv4 CIDR block of your choice. VCN sizes ranging from /16 (65,533 IP addresses) to /30 (1 IP address) are allowed. Example: 10.0.0.0/16, 192.168.0.0/24.

References: https://d ocs.oracle.com/en/cloud/paas/autonomous-data-warehouse-cloud/user/connect-predefined.html#GUID-9747539B-FD46-44F1-8FF8-F5AC650F15BE

A load balancer improves resource utilization, facilitates scaling, and helps ensure high

availability. You can configure multiple load balancing policies and application-specific health

checks to ensure that the load balancer directs traffic only to healthy instances. The load

balancer can reduce your maintenance window by draining traffic from an unhealthy

application server before you remove it from service for maintenance.

The Load Balancing service considers a server marked drain available for existing persisted

sessions. New requests that are not part of an existing persisted session are not sent to that

server.

Edit Drain State: Opens a dialog box in which you can change the drain state.

If you set the server's drain status to true, the load balancer stops forwarding

new TCP connections and new non-sticky HTTP requests to this backend server.

This setting allows an administrator to take the server out of rotation for

maintenance purposes.

e. Edit Offline State: Opens a dialog box in which you can change the offline

status.

If you set the server's offline status to true, the load balance forwards no ingress

traffic to this backend server.

References: https://do cs.cloud.oracle.com/iaas/Content/File/Concepts/filestorageoverview.htm

The File Storage service is designed to meet the needs of applications and users that need an enterprise file system across a wide range of use cases, including the following:

General Purpose File Storage: Access to an unlimited pool of file systems to manage growth of structured and unstructured data.

Big Data and Analytics: Run analytic workloads and use shared file systems to store persistent data.

Lift and Shift of Enterprise Applications: Migrate existing Oracle applications that need NFS storage, such as Oracle E-Business Suite and PeopleSoft.

Databases and Transactional Applications: Run test and development workloads with Oracle, MySQL, or other databases.

Backups, Business Continuity, and Disaster Recovery: Host a secondary copy of relevant file systems from on premises to the cloud for backup and disaster recovery purposes.

MicroServices and Docker: Deliver stateful persistence for containers. Easily scale as your container-based environments grow.

https://docs.cloud.oracle.com/iaas/Content/GSG/Concepts/baremetalintro.htm

VCN resides in a single Oracle Cloud Infrastructure region and covers a single, contiguous IPv4 CIDR block of your choice. The allowable VCN size range is /16 to /30

A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how. A policy simply allows a group to work in certain ways with specific types of resources in a particular compartment

In general, here’s the process an IAM administrator in your organization needs to follow:

Define users, groups, and one or more compartments to hold the cloud resources for your organization.

Create one or more policies, each written in the policy language.

Place users into the appropriate groups depending on the compartments and resources they need to work with.

Provide the users with the one-time passwords that they need in order to access the Console and work with the compartments. For more information,

References: https://cloud.oracle.com/networking/vcn/faq

On autonomous there’s no patching needed. But on the regular DB Cloud services you need to patch the DB and the OS. During the creation on the OCDB the first DB is created automatically

Oracle automatically takes care of Operating system Installation/Configuration,  Grid Infrastructure, ASM diskgroup Creation/Configuration , and database software Installation and first database on the DB System. that's all when Creating DB Systems. and then the customer responsible to apply the patches to the database and OS

References: https://www.terraform.io/docs/extend/writing-custom-providers.html

https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Tasks/resizingavolume.htm

A public IP address is an IPv4 address that is reachable from the internet. If a resource in your tenancy needs to be directly reachable from the internet, it must have a public IP address. Depending on the type of resource, there might be other requirements.

There are two types of public IPs:

Ephemeral: Think of it as temporary and existing for the lifetime of the instance.

Reserved: Think of it as persistent and existing beyond the lifetime of the instance it's assigned to. You can unassign it and then reassign it to another instance whenever you like. Exception: reserved public IPs on public load balancers.

To create a new reserved public IP in your pool

Confirm you're viewing the region and compartment where you want to create the reserved public IP.

Open the navigation menu. Under Core Infrastructure, go to Networking and click Public IPs.

Click Create Reserved Public IP.

Enter the following:

Name: An optional friendly name for the reserved public IP. The name doesn't have to be unique, and you can change it later. Avoid entering confidential information.

Compartment: Leave as is.

Tags:Optionally, you can apply tags. If you have permissions to create a resource, you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you are not sure if you should apply tags, skip this option (you can apply tags later) or ask your administrator.

Click Create Reserved Public IP.

To assign a reserved public IP to a private IP

Prerequisite: The private IP must not have an ephemeral or reserved public IP already assigned to it. If it does, first delete the ephemeral public IP, or unassign the reserved public IP.

Confirm you're viewing the compartment that contains the instance with the private IP you're interested in.

Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.

Click the instance to view its details.

Under Resources, click Attached VNICs.

The primary VNIC and any secondary VNICs attached to the instance are displayed.

Click the VNIC you're interested in.

Under Resources, click IP Addresses.

The VNIC's primary private IP and any secondary private IPs are displayed.

For the private IP you're interested in, click the Actions icon (three dots), and then click Edit.

In the Public IP Address section, for Public IP Type, select the radio button for Reserved Public IP.

Enter the following:

Compartment: The compartment that contains the reserved public IP you want to assign.

Reserved Public IP: The reserved public IP you want to assign. You have three choices:

Create a new reserved public IP. You may optionally provide a friendly name for it. The name doesn't have to be unique, and you can change it later. Avoid entering confidential information.

Assign a reserved public IP that is currently unassigned.

Move a reserved public IP from another private IP.

Click Update.

In ATP Service Console,

In the activity screen allows you to perform some basic monitor database activity and SQL queries

In the administration screen allows you to perform some basic administration of the service, like reset the admin password and  set resource management rules

The File Storage service supports snapshots for data protection of your file system. Snapshots are a consistent, point-in-time view of your file systems. Snapshots are copy-on-write, and scoped to the entire file system. The File Storage service encrypts all file system and snapshot data at rest. You can take as many snapshots as you need.

Data usage is metered against differentiated snapshot data. If nothing has changed within the file system since the last snapshot was taken, the new snapshot does not consume more storage

Snapshots are accessible under the root directory of the file system at .snapshot/name. For data protection, you can use a tool that supports NFSv3 to copy your data to a different availability domain, region, file system, object storage, or remote location.

A mount target is an NFS endpoint that lives in a VCN subnet of your choice and provides network access for file systems. The mount target provides the IP address or DNS name that is used together with a unique export path to mount the file system. A single mount target can export many file systems. Typically, you create your first mount target and export when you create your first file system. The mount target maintains an export set which contains all of the exports for its associated file systems.

Limitations and Considerations

Each availability domain is limited to two mount targets by default. However, you can export up to 100 file systems through each mount target.

See Service Limits for a list of applicable limits and instructions for requesting a limit increase.

Each mount target requires three internal IP addresses in the subnet to function. Two of the IP addresses are used during mount target creation. The third IP address must remain available for the mount target to use for high availability failover.

The File Storage service doesn't "reserve" the third IP address required for high availability failover. Use care when designing your subnets and file systems to ensure that sufficient IP addresses remain available for your mount targets.

a policy statement must specify the compartment for which access is being granted (or the tenancy). Where you create the policy determines who can update the policy. If you attach the policy to the compartment or its parent, you can simply specify the compartment name. If you attach the policy further up the hierarchy, you must specify the path. The format of the path is each compartment name (or OCID) in the path, separated by a colon:

:: . . . 

For example, assume you have a three-level compartment hierarchy, shown here:

You want to create a policy to allow NetworkAdmins to manage VCNs in CompartmentC. If you want to attach this policy to CompartmentC or to its parent, CompartmentB, write this policy statement:

Allow group NewtworkAdmins to manage virtual-network-family in compartment CompartmentC

However, if you want to attach this policy to CompartmentA (so that only administrators of CompartmentA can modify it), write this policy statement that specifies the path:

Allow group NewtworkAdmins to manage virtual-network-family in compartment CompartmentB:CompartmentC

To attach this policy to the tenancy, write this policy statement that specifies the path from CompartmentA to CompartmentC:

Allow group NewtworkAdmins to manage virtual-network-family in compartment CompartmentA:CompartmentB:CompartmentC

You can think of a DRG as a virtual router that provides a path for private traffic (that is, traffic that uses private IPv4 addresses) between your VCN and networks outside the VCN's region.

You use a DRG when connecting your existing on-premises network to your virtual cloud network (VCN) with one (or both) of these:

IPSec VPN

Oracle Cloud Infrastructure FastConnect (Private Only)

You also use a DRG when peering a VCN with a VCN in a different region:

Remote VCN Peering (Across Regions)

Database backups can fail for various reasons. Typically, a backup fails because either the database host cannot access the object store, or there are problems on the host or with the database configuration.

First need to determining the Problem

In the Console, a failed database backup either displays a status of Failed or hangs in the Backup in Progress or Creating state. If the error message does not contain enough information to point you to a solution, you can use the database CLI and log files to gather more data. Then, refer to the applicable section in this topic for a solution.

Database Service Agent Issues

Your Oracle Cloud Infrastructure Database makes use of an agent framework to allow you to manage your database through the cloud platform. Occasionally you might need to restart the dcsagent program if it has the status of stop/waiting to resolve a backup failure.

Object Store Connectivity Issues

Backing up your database to Oracle Cloud Infrastructure Object Storage requires that the host can connect to the applicable Swift endpoint. You can test this connectivity by using a Swift user.

Host Issues

One or more of the following conditions on the database host can cause backups to fail:

- Interactive Commands in the Oracle Profile

- The File System Is Full

- Incorrect Version of the Oracle Database Cloud Backup Module

- Changes to the Site Profile File (glogin.sql)

Database Issues

An improper database state or configuration can lead to failed backups.

- Database Not Running During Backup

- Archiving Mode Set to NOARCHIVELOG (When you provision a new database, the archiving mode is set to ARCHIVELOG by default. This is the required archiving mode for backup operations)

- Stuck Database Archiver Process and Backup Failures

- Temporary Tablespace Errors

- RMAN Configuration and Backup Failures

- RMAN Retention Policy and Backup Failures

- Loss of Objectstore Wallet File and Backup Failures

TDE Wallet and Backup Failures

- Incorrect TDE Wallet Location Specification

- Incorrect State of the TDE Wallet

- Incorrect Configuration Related to the TDE Wallet

- Missing TDE Wallet File

As this is not new provisioned database and already in the ARCHIVELOG , regular backups of DB system to OCI object storage in places, so the best answers are,

- Ensure that your database host can connect to the OCI object storage

- Restart the database service agent