← Back to exam page

1z0-997-20 Oracle Cloud Infrastructure 2020 Architect Professional

Loading demo links...

Showing 4–6 of 10 questions

Question 4

You work for a bank as the lead Oracle Cloud Infrastructure architect. You designed a highly scalable solution for your company’s banking application. The architecture includes a load balancer, application servers with autoscaling configuration based on CPU utilization, and an Autonomous Database with Transaction Processing workload type running in a Virtual Cloud Network (VCN).

During the peak utilization period, the application users complain that the application runs slow.

What are two possible reasons for the application running slow at times? (Choose two.)

Select all that apply, then click Submit answer.

  • The VCN does not have a Network Security Group configured to allow traffic from the load balancer to all the application servers in the backend set.

  • Instance pool in autoscaling configuration for the application servers did not scale out due to compartment quota breach of the VM shapes used by the application servers.

  • The load balancer is not configured correctly to send traffic to all the listeners of the application servers in the backend set.

  • Instance pool in autoscaling configuration for the Autonomous Database did not scale out due to misconfigured scaling policy.

  • Instance pool in autoscaling configuration for the application servers did not scale out due to service limit breach of the VM shapes used by the application servers.
Question 5

You work for a large bank where security and compliance are critical. As part of the security overview meeting, your company decided to minimize the installation of local tools on your laptop. You have been running Ansible and kubectl to spin up Oracle Container Engine for Kubernetes (OKE) clusters and deployed your application.

For authentication, you are using an Oracle Cloud Infrastructure (OCI) CLI config file that contains OCIDs, Fingerprint, and a locally stored PEM file. Your security team doesn’t want you to store any local API key and certificate, or any other local tools.

Which two actions should you perform to spin up the OKE cluster and interact with it? (Choose two.)

Select all that apply, then click Submit answer.

  • Create a developer workstation on OCI. Install Ansible and kubectl on it. Use resource principal to authenticate against OCI API and create the OKE Cluster.

  • Develop your own code using OCI SDK to deploy the OKE cluster.

  • Work on OCI Cloud Shell to use built-in Ansible and kubectl to deploy the OKE cluster. Use OCI_CLI_AUTH=instance_obo_user environment variable to authenticate using built-in token.

  • Work on OCI Cloud Shell to use built-in Ansible and kubectl to deploy the OKE cluster. Bring in your own config file and certificate to authenticate against OCI API.

  • Create a developer workstation on OCI. Install Ansible and kubectl on it. Use instance principal to authenticate against OCI API and create the OKE Cluster.
Question 6

An Oracle Cloud Infrastructure (OCI) Public Load Balancer’s SSL certificate is expiring soon. You noticed the Load Balancer is configured with SSL Termination only. When the certificate expires, data traffic can be interrupted and security compromised.

What steps do you need to take to prevent this situation? (Choose the best answer.)

Select an option, then click Submit answer.

  • Add the new SSL certificate to the Load Balancer and update backend servers to use the new certificate bundle.

  • Add the new SSL certificate to the Load Balancer and update listeners to use the new certificate bundle.

  • Add the new SSL certificate to the Load Balancer, update listeners and backend sets so they can use the new certificate bundle.

  • Add the new SSL certificate to the Load Balancer, update backend servers to work with a new certificate and edit listeners so they can use the new certificate bundle.

  • Add the new SSL certificate to the Load Balancer and implement end to end SSL so it can encrypt the traffic from clients all the way to the backend servers.