Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Oracle 1z0-1072-23

Oracle 1z0-1072-23 Exam Practice Questions (P. 5)

  • Full Access (59 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin group set up: A-Admins, B-Admins, and C-Admins.
Each admin group has full access over their respective compartments as shown in the graphic below.
Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'.

You want to set up a Test compartment for members of the three projects to share. You also need to provide admin access to all three of your existing admin groups.
Which policy would you write to accomplish this task?
  1. A
    Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  2. B
    Allow dynamic-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  3. C
    Allow any-user to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  4. D
    Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'

Correct Answer:
A

Question #22
You need to set up instance principals so that an application running on an instance can call Oracle Cloud Infrastructure (OCI) public services, without the need to configure user credentials or a configuration file.
A developer in your team has already configured the application built using an OCI SDK to authenticate using the instance principals provider.
Which is NOT a necessary step to complete this set up?
  1. A
    Create a policy granting permissions to the dynamic group to access services in your compartment or tenancy.
  2. B
    Generate Auth Tokens to enable instances in the dynamic group to authenticate with APIs.
  3. C
    Create a dynamic group with matching rules to specify which instances can make API calls against services.
  4. D
    Deploy the application and the SDK to all the instances that belong to the dynamic group.

Correct Answer:
B

Question #23
Which TWO statements about the Oracle Cloud Infrastructure (OCI) File Storage Service are accurate? (Choose two.)
  1. A
    File systems use Oracle-managed keys by default.
  2. B
    Customer can encrypt data in their file system using their own Vault encryption key.
  3. C
    Mount targets use Oracle-managed keys by default.
  4. D
    Communication with file systems in a mount target is encrypted via HTTPS.
  5. E
    Customer can encrypt the communication to a mount target via export options.

Correct Answer:
AB

Question #24
You created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system, therefore you have provisioned one using the file storage service (FSS).
You have also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that the application servers can access FSS. The security team changed the settings for the DB System to have read-only access to the file system. However, when they test it, they are unable to access FSS.
How would you allow access to FSS?
  1. A
    Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet.
  2. B
    Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateless.
  3. C
    Create an instance principal for the DB System. Write an Identity and Access Management (IAM) policy that allows the instance principal read-only access to the file storage service.
  4. D
    Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateful.

Correct Answer:
A

Question #25
Which Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) policy is invalid?
  1. A
    Allow group A-Developers to create volumes in compartment Project-A
  2. B
    Allow group A-Admins to manage all-resources in compartment Project-A
  3. C
    Allow any-user to inspect users in tenancy
  4. D
    Allow dynamic-group FrontEnd to manage instance-family in compartment Project-A

Correct Answer:
C

Previous Questions Next Questions

All Pages