1z0-1072 Oracle Cloud Infrastructure 2019 Architect Associate - Practice Questions

Question 1

Which two are true for Oracle Cloud Infrastructure DNS? (Choose two.)

Select all that apply, then click Submit answer.

○
It can function only as a primary DNS.
○
It supports other cloud providers such as AWS and Azure.
○
It supports segregation of traffic by using the private pool.
○
It does not provide DDoS protection.

Question 2

You have created a public subnet in a VCN, and your public subnet has a Route Table, a Security List, and an Internet Gateway. However, none of the compute instances can connect to the Internet.

Which two are possible reasons for the connectivity issue? (Choose two.)

Select all that apply, then click Submit answer.

○
There is no Dynamic Routing Gateway (DRG) associated with the VCN.
○
The Route Table has no default route for routing traffic to the Internet Gateway.
○
There is no stateful ingress rule in the Security List associated with the public subnet.
○
There is no stateful egress rule in the Security List associated with the public subnet.

Reference / correct answer:

The Route Table has no default route for routing traffic to the Internet Gateway.

There is no stateful egress rule in the Security List associated with the public subnet.

An internet gateway as an optional virtual router that connects the edge of the VCN with the internet. To use the gateway, the hosts on both ends of the connection must have public IP addresses for routing. Connections that originate in your VCN and are destined for a public IP address (either inside or outside the VCN) go through the internet gateway. Connections that originate outside the VCN and are destined for a public IP address inside the VCN go through the internet gateway.

Working with Internet Gateways

You create an internet gateway in the context of a specific VCN. In other words, the internet gateway is automatically attached to a VCN. However, you can disable and re-enable the internet gateway at any time.

Compare this with a dynamic routing gateway (DRG), which you create as a standalone object that you

then attach to a particular VCN. DRGs use a different model because they're intended to be modular building blocks for privately connecting VCNs to your on-premises network.

For traffic to flow between a subnet and an internet gateway, you must create a route rule accordingly in the subnet's route table (for example, destination CIDR = 0.0.0.0/0 and target = internet gateway). If the internet gateway is disabled, that means no traffic will flow to or from the internet even if there's a route rule that enables that traffic. For more information, see Route Tables.

For the purposes of access control, you must specify the compartment where you want the internet gateway to reside. If you're not sure which compartment to use, put the internet gateway in the same compartment as the cloud network. For more information, see Access Control.

You may optionally assign a friendly name to the internet gateway. It doesn't have to be unique, and you can change it later. Oracle automatically assigns the internet gateway a unique identifier called an Oracle Cloud ID (OCID). For more information, see Resource Identifiers.

To delete an internet gateway, it does not have to be disabled, but there must not be a route table that lists it as a target.

AS per compute instances can connect to the Internet so you use egress no ingress

Question 3

Which three actions need to be performed before attempting a data transfer service job?

Select all that apply, then click Submit answer.

○
Obtain an available host machine which can run the dts utility on-premise with SATA or USB drives attached for the transfer job.
○
Get access to a high-speed internet connection
○
Data Transfer Service and Storage Service Limits should be checked and raised if required.
○
Set up SSH access to a host on OCI to coordinate the transfer job.
○
Create an object bucket to receive the job.

1z0-1072 – Oracle Cloud Infrastructure 2019 Architect Associate