1084-21 Oracle Cloud Infrastructure Developer Associate

You encounter an unexpected error when invoking the Oracle Function named "myfunction" in application "myapp". Which can you use to get more information on the error? (Choose the best answer.). fn --debug invoke myapp myfunction. DEBUG=1 fn invoke myapp myfunction. fn --verbose invoke myapp myfunction. Call Oracle support with your error message.

Which two are characteristics of microservices? (Choose two.). Microservices are hard to test in isolation. Microservices can be independently deployed. All microservices share a data store. Microservices can be implemented in limited number of programming languages. Microservices communicate over lightweight APIs.

Which header is NOT required when signing GET requests to Oracle Cloud Infrastructure APIs? (Choose the best answer.). date or x-date. (request-target). content-type. host.

A programmer is developing a Node.js application which will run in a Linux server on their on-premises data center. This application will access various Oracle Cloud Infrastructure (OCI) services using OCI SDKs. What is the secure way to access OCI services with OCI Identity and Access Management (IAM)? (Choose the best answer.). Create a new OCI IAM user associated with a dynamic group and a policy that grants the desired permissions to OCI services. Add the on-premises Linux server in the dynamic group. Create an OCI IAM policy with the appropriate permissions to access the required OCI services and assign the policy to the on-premises Linux server. Create a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services. In the on-premises Linux server, generate the keypair used for signing API requests and upload the public key to the IAM user. Create a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services. In the on-premises Linux server, add the user name and password to a file used by Node.js authentication.

A leading insurance firm is hosting its customer portal in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes with an OCI Autonomous Database. Their support team discovered a lot of SQL injection attempts and cross-site scripting attacks to the portal, which is starting to affect the production environment. What should they implement to mitigate this attack? (Choose the best answer.). Network Security Lists. Network Security Groups. Network Security Firewall. Web Application Firewall.

As a cloud-native developer, you have written a web service for your company. You have used Oracle Cloud Infrastructure (OCI) API Gateway service to expose the HTTP backend. However, your security team has suggested that your web service should handle Distributed Denial-of-Service (DDoS) attack. You are time- constrained and you need to make sure that this is implemented as soon as possible. What should you do in this scenario? (Choose the best answer.). Use OCI virtual cloud network (VCN) segregation to control DDoS. Use a third party service integration to implement a DDoS attack mitigation. Use OCI API Gateway service and configure rate limiting. Re-write your web service and implement rate limiting.

Which testing approaches is a must for achieving high velocity of deployments and releases of cloud-native applications? (Choose the best answer.). Integration testing. A/B testing. Automated testing. Penetration testing.

Which Oracle Cloud Infrastructure (OCI) load balancer shape is used by default in OCI Container Engine for Kubernetes? (Choose the best answer.). 400 Mbps. 8000 Mbps. There is no default. The shape has to be specified. 100 Mbps.

Which two statements are true for service choreography? (Choose two.). Service choreographer is responsible for invoking other services. Services involved in choreography communicate through messages/messaging systems. Service choreography relies on a central coordinator. Service choreography should not use events for communication. Decision logic in service choreography is distributed.

You are a consumer of Oracle Cloud Infrastructure (OCI) Streaming service. Which API should you use to read and process the stream? (Choose the best answer.). ListMessages. GetMessages. GetObject. ReadMessages.

You need to execute a script on a remote instance through Oracle Cloud Infrastructure Resource Manager. Which option can you use? (Choose the best answer.). Use /bin/sh with the full path to the location of the script to execute the script. It cannot be done. Download the script to a local desktop and execute the script. Use remote-exec.

What is the minimum amount of storage that a persistent volume claim can obtain in Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE)? (Choose the best answer.). 50 GB. 10 GB. 1 GB. 1 TB.

You have created a repository in Oracle Cloud Infrastructure Registry in the us-ashburn-1 (iad) region in your tenancy with a namespace called "heyoci". Which three are valid tags for an image named "myapp"? (Choose three.). iad.ocir.io/heyoci/myproject/myapp:0.0.1. us-ashburn-1.ocir.io/heyoci/myapp:0.0.2-beta. us-ashburn-1.ocir.io/heyoci/myproject/myapp:0.0.2-beta. us-ashburn-1.ocir.io/myproject/heyoci/myapp:latest. iad.ocir.io/myproject/heyoci/myapp:latest. iad.ocir.io/heyoci/myapp:0.0.2-beta. iad.ocir.io/heyoci/myapp:latest.

You are working on a cloud native e-commerce application on Oracle Cloud Infrastructure (OCI). Your application architecture has multiple OCI services, including Oracle Functions. You need to trigger these functions directly from other OCI services, without having to run custom code. Which OCI service cannot trigger your functions directly? (Choose the best answer.). OCI Events Service. OCI Registry. OCI API Gateway. Oracle Integration.

You are developing a serverless application with Oracle Functions. Your function needs to store state in a database. Your corporate security standards mandate encryption of secret information like database passwords. As a function developer, which approach should you follow to satisfy this security requirement? (Choose the best answer.). Use the Oracle Infrastructure Console and enter the password in the function configuration section in the provided input field. Use Oracle Cloud Infrastructure Key Management to auto-encrypt the password. It will inject the auto-decrypted password inside your function container. Encrypt the password using Oracle Cloud Infrastructure Key Management. Decrypt this password in your function code with the generated key. All function configuration variables are automatically encrypted by Oracle Functions.

In the sample Kubernetes manifest file below, what annotations should you add to create a private load balancer in Oracle Cloud Infrastructure Container Engine for Kubernetes? (Choose the best answer.). service.beta.kubernetes.io/oci-load-balancer-private:"true". service.beta.kubernetes.io/oci-load-balancer-private: "true" service.beta.kubernetes.io/oci-load-balancer-subnet1: "ocid1.subnet.oc1..aaaaa....vdfw". service.beta.kubernetes.io/oci-load-balancer-internal: "true". service.beta.kubernetes.io/oci-load-balancer-internal: "true" service.beta.kubernetes.io/oci-load-balancer-subnet1: "ocid1.subnet.oc1..aaaaa....vdfw".

How do you perform a rolling update in Kubernetes? (Choose the best answer.). kubectl rolling-update. kubectl upgrade <deployment-name> --image=image:v2. kubectl update --c <container>. kubectl rolling-update <deployment-name> --image=image:v2.

You have written a Node.js function and deployed it to Oracle Functions. Next, you need to call this function from a microservice written in Java deployed on Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE). Which can help you to achieve this? (Choose the best answer.). Use the OCI CLI with kubectl to invoke the function from the microservice. Oracle Functions does not allow a microservice deployed on OKE to invoke a function. OKE does not allow a microservice to invoke a function from Oracle Functions. Use the OCI Java SDK to invoke the function from the microservice.

Which two handle Oracle Functions authentication automatically? (Choose two.). Oracle Cloud Infrastructure SDK. cURL. Oracle Cloud Infrastructure CLI. Signed HTTP Request. Fn Project CLI.

Which one of the statements describes a service aggregator pattern? (Choose the best answer.). It is implemented in each service separately and uses a streaming service. It involves implementing a separate service that makes multiple calls to other backend services. It uses a queue on both sides of the service communication. It involves sending events through a message broker.

You are developing a serverless application with Oracle Functions. You have created a function in compartment named prod. When you try to invoke your function, you get the following error: How can you resolve this error? (Choose the best answer.). Create a policy: Allow function-family to use virtual-network-family in compartment prod. Create a policy: Allow any-user to manage function-family and virtual-network-family in compartment prod. Create a policy: Allow service FaaS to use virtual-network-family in compartment prod. Deleting the function and redeploying it will fix the problem.

Your organization uses a federated identity provider to login to your Oracle Cloud Infrastructure (OCI) environment. As a developer, you are writing a script to automate some operation and want to use OCI CLI to do that. Your security team doesn't allow storing private keys on local machines. How can you authenticate with OCI CLI? (Choose the best answer.). Run oci setup keys and provide your credentials. Run oci session refresh --profile <profile_name>. Run oci session authenticate and provide your credentials. Run oci setup oci-cli-rc --file path/to/target/file.

Which concept is NOT -related to Oracle Cloud Infrastructure Resource Manager? (Choose the best answer.). Job. Stack. Queue. Plan.

You are implementing logging in your services that will be running in Oracle Cloud Infrastructure Container Engine for Kubernetes. Which statement describes the appropriate logging approach? (Choose the best answer.). Each service logs to its own log file. All services log to an external logging system. All services log to standard output only. All services log to a shared log file.

As a cloud-native developer, you are designing an application that depends on Oracle Cloud Infrastructure (OCI) Object Storage wherever the application is running. Therefore, provisioning of storage buckets should be part of your Kubernetes deployment process for the application. Which should you leverage to meet this requirement? (Choose the best answer.). OCI Service Broker for Kubernetes. OCI Container Engine for Kubernetes. Open Service Broker API. Oracle Functions.

You have been asked to create a stateful application deployed in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) that requires all of your worker nodes to mount and write data to persistent volumes. Which two OCI storage services should you use? (Choose two.). Use OCI File Services as persistent volume. Use GlusterFS as persistent volume. Use OCI Block Volume backed persistent volume. Use open source storage solutions on top of OCI. Use OCI Object Storage as persistent volume.

Your Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) administrator has created an OKE cluster with one node pool in a public subnet. You have been asked to provide a log file from one of the nodes for troubleshooting purpose. Which step should you take to obtain the log file? (Choose the best answer.). ssh into the node using public key. ssh into the nodes using private key. It is impossible since OKE is a managed Kubernetes service. Use the username opc and password to login.

A developer using Oracle Cloud Infrastructure (OCI) API Gateway must authenticate the API requests to their web application. The authentication process must be implemented using a custom scheme which accepts string parameters from the API caller. Which method can the developer use in this scenario? (Choose the best answer.). Create an authorizer function using request header authorization. Create an authorizer function using token-based authorization. Create a cross account functions authorizer. Create an authorizer function using OCI Identity and Access Management based authentication.

You are building a cloud native, serverless travel application with multiple Oracle Functions in Java, Python and Node.js. You need to build and deploy these functions to a single application named travel-app. Which command will help you complete this task successfully? (Choose the best answer.). oci fn function deploy --app travel-app --all. fn deploy --app travel-app --all. oci fn application --application-name travel-app deploy --all. fn function deploy --all --application-name travel-app.

Which two are benefits of distributed systems? (Choose two.). Privacy. Security. Ease of testing. Scalability. Resiliency.

You are developing a distributed application and you need a call to a path to always return a specific JSON content. To fulfill the requirement you deploy an Oracle Cloud Infrastructure API Gateway with the below API deployment specification. What is the correct value for type? (Choose the best answer.). STOCK_RESPONSE_BACKEND. CONSTANT_BACKEND. JSON_BACKEND. HTTP_BACKEND.

You are deploying an API via Oracle Cloud Infrastructure (OCI) API Gateway and you want to implement request policies to control access. Which is NOT available in OCI API Gateway? (Choose the best answer.). Limiting the number of requests sent to backend services. Enabling CORS (Cross-Origin Resource Sharing) support. Providing authentication and authorization. Controlling access to OCI resources.

You are building a container image and pushing it to the Oracle Cloud Infrastructure Registry (OCIR). You need to make sure that these images never get deleted from the repository. Which action should you take? (Choose the best answer.). Create a group and assign a policy to perform lifecycle operations on images. Set global policy of image retention to "Retain All Images". In your compartment, write a policy to limit access to the specific repository. Edit the tenancy global retention policy.

How can you find details of the tolerations field for the sample YAML file below? (Choose the best answer.). kubectl list pod.spec.tolerations. kubectl explain pod.spec.tolerations. kubectl describe pod.spec.tolerations. kubectl get pod.spec.tolerations.

You want to push a new image in the Oracle Cloud Infrastructure (OCI) Registry. Which two actions do you need to perform? (Choose two.). Assign a tag via Docker CLI to the image. Generate an auth token to complete the authentication via Docker CLI. Generate an API signing key to complete the authentication via Docker CLI. Assign an OCI defined tag via OCI CLI to the image. Generate an OCI tag namespace in your repository.

Which is NOT a supported SDK on Oracle Cloud Infrastructure (OCI)? (Choose the best answer.). Go SDK. Java SDK. .NET SDK. Ruby SDK. Python SDK. COBOL SDK.

Which two "Action Type" options are NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition? (Choose two.). Notifications. Functions. Streaming. Email. Slack.

What is one of the differences between a microservice and a serverless function? (Choose the best answer.). Microservices are used for long running operations and serverless functions for short running operations. Microservices always use a data store and serverless functions never use a data store. Microservices are stateless and serverless functions are stateful. Microservices are triggered by events and serverless functions are not.

A pod security policy (PSP) is implemented in your Oracle Cloud Infrastructure Container Engine for Kubernetes cluster. Which rule can you use to prevent a container from running as root using PSP? (Choose the best answer.). NoPrivilege. RunOnlyAsUser. MustRunAsNonRoot. forbiddenRoot.

You created a pod called "nginx" and its state is set to Pending. Which command can you run to see the reason why the "nginx" pod is in the pending state? (Choose the best answer.). kubectl logs pod nginx. kubectl describe pod nginx. kubectl get pod nginx. Through the Oracle Cloud Infrastructure Console.

You are developing a serverless application with Oracle Functions and Oracle Cloud Infrastructure Object Storage. Your function needs to read a JSON file object from an Object Storage bucket named "input-bucket" in compartment "qa-compartment". Your corporate security standards mandate the use of Resource Principals for this use case. Which two statements are needed to implement this use case? (Choose two.). Set up a policy with the following statement to grant read access to the bucket: allow dynamic-group read-file-dg to read objects in compartment qa-compartment where target.bucket.name= "˜input-bucket'. Set up the following dynamic group for your function's OCID: Name: read-file-dg Rule: resource.id = "˜ocid1.fnfunc.oc1.phx.aaaaaaaakeaobctakezjz5i4ujj7g25q7sx5mvr55pms6f4da'. Set up a policy to grant all functions read access to the bucket: allow all functions in compartment qa-compartment to read objects in target.bucket.name= "˜input-bucket'. Set up a policy to grant your user account read access to the bucket: allow user XYZ to read objects in compartment qa-compartment where target.bucket.name= "˜input-bucket'. No policies are needed. By default, every function has read access to Object Storage buckets in the tenancy.

Given a service deployed on Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE), which annotation should you add in the sample manifest file below to specify a 400 Mbps load balancer? (Choose the best answer.). service.beta.kubernetes.io/oci-load-balancer-kind: 400Mbps. service.beta.kubernetes.io/oci-load-balancer-value: 400Mbps. service.beta.kubernetes.io/oci-load-balancer-shape: 400Mbps. service.beta.kubernetes.io/oci-load-balancer-size: 400Mbps.

A service you are deploying to Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) uses a docker image from a private repository in OCI Registry (OCIR). Which configuration is necessary to provide access to this repository from OKE? (Choose the best answer.). Add a generic secret on the cluster containing your identity credentials. Then specify a registryCredentials property in the deployment manifest. Create a docker-registry secret for OCIR with API key credentials on the cluster, and specify the imagePullSecret property in the application deployment manifest. Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the imagePullSecret property in the application deployment manifest. Create a dynamic group for nodes in the cluster, and a policy that allows the dynamic group to read repositories in the same compartment.

You are using Oracle Cloud Infrastructure (OCI) Resource Manager to manage your infrastructure lifecycle and wish to receive an email each time a Terraform action begins. How should you use the OCI Events service to do this without writing any code? (Choose the best answer.). Create an OCI Notifications topic and email subscription with the destination email address. Then create an OCI Events rule matching "Resource Manager Stack "" Update" condition, and select the notification topic for the corresponding action. Create an OCI Notifications topic and email subscription with the destination email address. Then create an OCI Events rule matching "Resource Manager Job "" Create" condition, and select the notification topic for the corresponding action. Create a rule in OCI Events service matching the "Resource Manager Stack "" Update" condition. Then, select "Action Type: Email" and provide the destination email address. Create an OCI Email Delivery configuration with the destination email address. Then create an OCI Events rule matching "Resource Manager Job "" Create" condition, and select the email configuration for the corresponding action.

You are processing millions of files in an Oracle Cloud Infrastructure (OCI) Object Storage bucket. Each time a new file is created, you want to send an email to the customer and create an order in a database. The solution should perform and minimize cost. Which action should you use to trigger this email? (Choose the best answer.). Schedule a cron job that monitors the OCI Object Storage bucket and emails the customer when a new file is created. Use OCI Events service and OCI Notification service to send an email each time a file is created. Schedule an Oracle Function that checks the OCI Object Storage bucket every minute and emails the customer when a file is found. Schedule an Oracle Function that checks the OCI Object Storage bucket every second and emails the customer when a file is found.

Which two statements accurately describe an Oracle Functions application? (Choose two.). A small block of code invoked in response to an Oracle Cloud Infrastructure (OCI) Events service. A Docker image containing all the functions that share the same configuration. An application based on Oracle Functions, Oracle Cloud Infrastructure (OCI) Events and OCI API Gateway services. A common context to store configuration variables that are available to all functions in the application. A logical group of functions.

You are developing a polyglot serverless application using Oracle Functions. Which language cannot be used to write your function code? (Choose the best answer.). PL/SQL. Python. Node.js. Go. Java.

Which is NOT a valid option to execute a function deployed on Oracle Functions? (Choose the best answer.). Send a signed HTTP requests to the function's invoke endpoint. Invoke from Oracle Cloud Infrastructure CLI. Invoke from Docker CLI. Trigger by an event in Oracle Cloud Infrastructure Events service. Invoke from Fn Project CLI.

You are working on a serverless DevSecOps application using Oracle Functions. You have deployed a Python function that uses the Oracle Cloud Infrastructure (OCI) Python SDK to stop any OCI Compute instance that does not comply with your corporate security standards. There are 3 non-compliant OCI Compute instances. However, when you invoke this function none of the instances were stopped. How should you troubleshoot this? (Choose the best answer.). There is no way to troubleshoot a function running on Oracle Functions. Enable function logging in the OCI console, include some print statements in your function code and use logs to troubleshoot this. Enable function remote debugging in the OCI console, and use your favorite IDE to inspect the function running on Oracle Functions. Enable function tracing in the OCI console, and go to OCI Monitoring console to see the function stack trace.

You are tasked with developing an application that requires the use of Oracle Cloud Infrastructure (OCI) APIs to POST messages to a stream in the OCI Streaming service. Which statement is incorrect? (Choose the best answer.). The request must include an authorization signing string including (but not limited to) x-content-sha256, content-type, and content-length headers. The Content-Type header must be set to application/json. An HTTP 401 will be returned if the client's clock is skewed more than 5 minutes from the server's. The request does not require an Authorization header.

In order to effectively test your cloud-native applications, you might utilize separate environments (development, testing, staging, production, etc.) Which Oracle Cloud Infrastructure (OCI) service can you use to create and manage your infrastructure? (Choose the best answer.). OCI Compute. OCI Container Engine for Kubernetes. OCI Resource Manager. OCI API Gateway.

You have a containerized app that requires an Autonomous Transaction Processing (ATP) Database. Which option is not valid for connecting to ATP from a container in Kubernetes? (Choose the best answer.). Enable Oracle REST Data Services for the required schemas and connect via HTTPS. Create a Kubernetes secret with contents from the instance Wallet files. Use this secret to create a volume mounted to the appropriate path in the application deployment manifest. Use Kubernetes secrets to configure environment variables on the container with ATP instance OCID, and OCI API credentials. Then use the CreateConnection API endpoint from the service runtime. Install the Oracle Cloud Infrastructure Service Broker on the Kubernetes cluster and deploy ServiceInstance and ServiceBinding resources for ATP. Then use the specified binding name as a volume in the application deployment manifest.

Which two are required to enable Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) cluster access from the kubectl CLI? (Choose two.). An SSH key pair with the public key added to cluster worker nodes. Install and configure the OCI CLI. OCI Identity and Access Management Auth Token. Tiller enabled on the OKE cluster. A configured OCI API signing key pair.

With the volume of communication that can happen between different components in cloud-native applications, it is vital to not only test functionality, but also service resiliency. Which statement is true with regards to service resiliency? (Choose the best answer.). Resiliency is about recovering from failures without downtime or data loss. A goal of resiliency is not to bring a service to a functioning state after a failure. Resiliency testing can be only done in a test environment. Resiliency is about avoiding failures.

Which statement is incorrect with regards to the Oracle Cloud Infrastructure (OCI) Notifications service? (Choose the best answer.). Notification topics may be assigned as the action performed by an OCI Events configuration. OCI Alarms can be configured to publish to a notification topic when triggered. An OCI function may subscribe to a notification topic. A subscription can forward notifications to an HTTPS endpoint. A subscription can integrate with PagerDuty events. It may be used to receive an email each time an OCI Autonomous Database backup is completed.

In a Linux environment, what is the default location of the configuration file that Oracle Cloud Infrastructure CLI uses for profile information? (Choose the best answer.). /etc/.oci/config. /usr/local/bin/config. $HOME/.oci/config. /usr/bin/oci/config.

You have two microservices, A and B running in production. Service A relies on APIs from service B. You want to test changes to service A without deploying all of its dependencies, which includes service B. Which approach should you take to test service A? (Choose the best answer.). Test against production APIs. Test using API mocks. There is no need to explicitly test APIs. Test the APIs in private environments.

Per CAP theorem, in which scenario do you NOT need to make any trade-off between the guarantees? (Choose the best answer.). When the are no network partitions. When the system is running in the cloud. When the system is running on-premise. When you are using load balancers.

Which statement accurately describes Oracle Cloud Infrastructure (OCI) Load Balancer integration with OCI Container Engine for Kubernetes (OKE)? (Choose the best answer.). OKE service provisions an OCI Load Balancer instance for each Kubernetes service with LoadBalancer type in the YAML configuration. OCI Load Balancer instance provisioning is triggered by OCI Events service for each Kubernetes service with LoadBalancer type in the YAML configuration. OCI Load Balancer instance must be manually provisioned for each Kubernetes service that requires traffic balancing. OKE service provisions a single OCI Load Balancer instance shared with all the Kubernetes services with LoadBalancer type in the YAML configuration.

What are the possible ways to invoke a function that is deployed to Oracle Functions? Select THREE correct answers. Oracle Cloud Insfrastructure CLI. Fn Project CLI. Kubernetes CLI. Signed HTTP request to the function’s invoke endpoint.

With regard to Oracle Functions, What is the maximum memory threshold?. 512 MB. 1024 MB. 10 GB. 50 GB.

What are the advantages of Distributed Systems? Select THREE correct answers. Scalability. Transparency. Privacy. Resiliency.

Which pattern can help you minimize the probability of cascading failures in your system during partial loss of connectivity or complete service failure?. Compensating transaction pattern. Anti-corruption layer pattern. Retry pattern. Circuit breaker pattern.

Which is mapped to HTTP methods using REST conventions?. Services. Applications. Operations. Resources.

Which protocol is used by REST-based resources as a transport layer?. SOAP. TCP. HTTP. FTP.

Which web service interaction pattern operation accepts requests and performs a callback to the original consumer?. Synchronous. Asynchronous two-way. Asynchronous one-way. Bilateral.

Which of these is an advantage of microservices?. Heterogenous implementations. Data reconciliation. Point-to-point interactions. Fault tolerance.

Which aspect of a service is used to fulfill the service contract?. Services Interface. Service Policy. Service Implementation. Service API.

Identify three correct statements when configuring API gateway in OCI?. API gateway instance placement is controlled by user during provisioning. VCN must exists before creating an API gateway. VCN is created when you create an API gateway. API gateway instances can run on separate Availability domain. API gateway instances can run on separate Fault domains.

What two statements are true when you upgrade the OKE cluster with a new version?. The worker nodes are upgraded by the customer. The control plane is updated by oracle. The Control plane and worker nodes are updated by the customer. The Control plane and worker nodes are automatically updated by Oracle.

Which three can be used to push docker images to OCIR?. Docker CLI. Oracle Functions Service. Data Pump. Docker v2 API. SQL Plus.

Identify the two correct statements for deleting a docker image from OCIR?. Only Manual deletes are possible. There is time limit to undelete the image. Tagged images cannot be deleted. You can use OCI CLI to perform the delete.

Identify the correct statement after you edit the configuration of a Node Pool in OKE cluster?. No Nodes are affected with the edits till you restart the entire OKE cluster. The new configuration effects only existing nodes in the pool. The new configuration effects existing nodes and the new nodes created after edit. The configuration changes only effects new nodes created after edit.

On which two options is Oracle Cloud Infrastructure Budget set? (Choose two). Free-form tags. Cost-tracking tags. Tenancy. Virtual Cloud Network. Compute Instances. Compartments.

Which components are part of OCI Identity and Access Management service? (Choose three). Users. Policies. Roles. Virtual Cloud Networks. Compute instances. Dynamic Groups. Regional Subnets.

What would you use to form Oracle Cloud Infrastructure Identity and Access Management to govern resources in a tenancy?. Groups. Policies. Users. Dynamic Groups.

You have created a new compartment "apps" to host some production apps and you have created an apps_group and added users to it. What would you do ensure the users access to the apps compartment?. Add an IAM policy to attach tenancy to the apps group. Add an IAM Policy for the individual users to access the apps compartment. Add an IAM Policy for apps_group granting access to the apps compartment. No action required.

You want to make API calls against other OCI Services from your instance without configuring user credentials. How would you achieve this?. No configuration required for making API calls. Create a group and add a policy. Create Dynamic Group and add your instance. Create Dynamic Group and add a policy.

Which of the following DevOps project resources allows you to clone your local repo to OCI?. Environments. External Connections. Triggers. Code Repositories.

Choose the practice which helps you speed up the release of code. Continuous integration. Continuous Deployment. Continuous Development. Continuous Delivery.

In which of the below practices, do developers merge their code changes into a central repository?. Continuous Integration. Continuous Deployment. Continuous Development. Continuous Delivery.

Which of the following DevOps project resources is used to automate a build based on code updates?. Triggers. External Connections. Artifacts. Deployment Pipelines.

Choose the correct order of phases in the DevOps approach. 1. 2. 3. 4. 5.

Which type of testing is run continuously and can be costly to maintain?. Canary. Chaos. Performance. Component.

Which type of testing represents the base and biggest percentage of the test automation pyramid?. Unit. Component. Canary. UI.

What is the correct sequence for leveraging and synchronizing test environments?. Dev -> Test -> Staging -> Production. Dev -> Staging -> Test -> Production. Test -> Dev -> Staging -> Production. Staging -> Test -> Dev -> Production.

Which type of test is created manually by hand as a working implementation of a class interface with fixed data and no logic?. Fake. Mock. Stub. Smoke.

You want to set up an alarm for CPU usage and disk read for a compute instance, so that you can determine when to launch new instances to handle increased load Which service would you use?. Analytics Cloud. Health Checks. Monitoring. Logging Analytics. Instance Pool.

You want to reduce millions of log entries into a small set of log signatures to make it easy to review. By using which would you achieve this?. Data Catalog. Monitoring. Logging Analytics. Logging. Data Flow.

Which statements are true about the Logging service? (Choose two). Searches, analyzes, and monitors log data from applications and system infrastructure. Analyzes critical diagnostic information that describes how resources are performing and being accessed. Monitors cloud resources using metrics and alarms. Single pane of glass for all the logs in a tenancy.

You want to aggregate, search, and monitor all log data from your applications and system infrastructure. Which service would you use for this?. Data Catalog. Monitoring. Analytics Cloud. Logging. Logging Analytics.

Which types of logs are used by the Logging service? (Choose three). Custom Logs. Archive Logs. Trace Logs. Audit Logs. Service Logs. Alert Logs.

When starting a container to run a Oracle Function, the container runs processes as which user?. Oracle Function doesn't use any default user. It is a responsibility of the Admin to specify one. Oracle Function uses fn user to run the processes with no added privileges. Oracle Function uses root to run any processes inside the container. Oracle Function uses the same oci user to run the processes with no added privileges.

What is the maximum memory threshold for a Oracle Function?. 2048 MB. 1024 MB. 4096 MB. 512 MB.

Your Organization has built a web based application that has a REST API endpoint. You have been asked to expose the REST endpoint using an appropriate service on Oracle Cloud Infrastructure (OCI). OCI API Gateway. OCI Container Engine for Kubernetes (OKE). OCI Service Gateway. Oracle Functions.

Your application team has developed an Oracle Function that generates static pages during the function call. They want to use it for all the regions of your company, in such a way that every regional URL will hit the same application endpoint. You have been asked by the application to use Oracle Cloud Infrastructure (OCI) API Gateway to expose it. How would you achieve this?. Create a OCI API Gateway, Create a deployment and expose the app with exact route path. Create a OCI API Gateway, Create a deployment adding HTTPS URL of the app. Create a OCI API Gateway, Create a deployment and add Context Variables to Policies & HTTP Back End Definitions. Create a OCI API Gateway, Create a deployment and add Path Parameters & Wildcards to Route Paths.

What is the maximum execution timeout of Oracle Functions?. 1 hour. 60 Seconds. 120 Minutes. 5 Minutes.

What does Rolling Update deployment strategy do in your Kubernetes environment?. Rolling Update create two replica of each Pod that you have deployed. Rolling update shift user traffic from one application pod to another. Rolling updates allow Deployments' update to take place with zero downtime by incrementally updating Pods instances with new ones. Rolling update is a means to test the functionality of your deployed app.

As a Kubernetes Administrator you need to make sure that the deployed application maintains the desired replica state at all times while updating the application with a new image. What should you do?. Apply --replicacount when doing the rolling update. Apply --record option during rolling update. Apply maxSurge and maxUnavailable parameter in deployment spec. Apply --min & --max in rolling update command.

Which Oracle Cloud Infrastructure (OCI) service is NOT supported using OCI Service Broker for Kubernetes?. OCI Autonomous Transaction Processing. OCI Events Service. OCI Streaming Service. OCI Autonomous Data Warehouse. OCI Object Storage.

As a Kubernetes Administrator, you see that Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) has released a new version of the image running on Worker Node. You application owners have mentioned that they use label selectors for the deployment. You need to make sure that you upgrade to the latest image of the node pool without disrupting the existing deployment strategy. What should you do?. Run kubectl cordon on all of the existing nodes. Do not create any new node pool and run kubectl drain. Create a new node pool and let the deployments choose the best worker node. Create a new node pool and run kubectl label nodes to attach the same label as the existing nodes.

You are using Oracle Cloud Infrastructure (OCI) Registry to store the Container Images for your application. You have been asked to adopt OCI Container Engine for Kubernetes for Container Orchestration and you should use OCI Registry as the image store. How do you use OCI Registry in your OKE environment as Container Store?. Create a Docker Registry Secret in OKE and use that as ImagePullSecrets in Pod Spec. Use encoded credential to pull image in Pod Spec. Create a configmap in OKE and use it in Pod Spec. Use standard username and password in Pod Spec.

Your application team wants to use configuration variable for their Application Pods and wants to inject it before the Pod creation. As a Kubernetes Administrator, you have been tasked to come up with the option to achieve this. What should you do?. Use secrets at the pod spec. Use PodPreset to create the config outside of Pod. Use configmap in the pod spec. Use Init Containers.

Your DBA has mentioned that they have a shared service instance of Oracle Autonomous Transaction Processing (ATP) Database that many applications can use. What is the drawback if you want to bring in the existing ATP instance to the Oracle Service Broker?. You can unbind an existing Oracle ATP Instance. You can deprovision an Oracle Service Broker. You can delete an existing ATP instance using Oracle Service Broker. You can't manage the lifecycle of the ATP Instance.

You want to allow applications running on an Oracle Cloud Infrastructure (OCI) compute instance leveraging OCI SDKs to call other OCI services. What should you use to accomplish this?. Configure Service Principals. Create a certificate and copy the certificate to the compute instance. Configure Instance Principals. Configure federated identity.

What are the supported SDKs on Oracle Cloud Infrastructure (OCI)? Choose all that apply. .NET SDK. Python SDK. PHP SDK. Ruby SDK. Go SDK. Java SDK. C++ SDK.

What are the different ways to get authenticated using Oracle Cloud Infrastructure (OCI) SDK? Select all that apply. Using resource Principal. Using OCI CLI Config file. Using Security Token. Using Instance Principal. Using Service Principal. Using Username and Password on standard tty.

You are using a Windows Laptop to write a script using oci cli. But when you ran the script, you got this error "The oci cli is not found". What should you do to make sure that you are able to run oci from the Windows Laptop?. Make sure that the oci.exe location is in your path. Reinstall Python on your Windows Laptop. Upgrade the oci cli version. Make sure that the Scripts directory in your Python installation is not hidden.

During the deployment of Infrastructure using Infrastructure as Code, you have been asked to run a script within the deployed Oracle Cloud Infrastructure (OCI) Instances, so that during the deployment, few configurations can also be achieved. What should you do to achieve this?. Use auth module in Terraform code to send the script to the OCI Instances. Use "local-exec" provisioner to send the script to the OCI Instances. Use Instance Principal auth type to send the script to the OCI Instances. Use "remote-exec" provisioner to send the script to the OCI Instances.

Your priority is to use Infrastructure as a Code (laC) in a team environment, where you and your team both need to have access to the deployed infrastructure state data. What should you do to have access to the state file for all of the team members?. Use Target files. Use Instance Principal. Use a copy of the Local State File on each Team Member's workstation. Use Remote State File.

What should you use to authenticate yourself before doing docker image pull or push from Oracle Cloud Infrastructure (OCI) Registry?. You must have an OCI username and an auth token. You must have an OCI API Signing Key. You must have OCI username and Fingerprint. You must have a docker hub username and password.

You have created the manifest fire that Kubernetes uses when deploying an application to an OKE cluster in Oracle Cloud Infrastructure. If the Docker image is stored in a private OCIR repository, with three parameters need to be present int the manifest file?. Image path. Public Key. Secret. Container port number. Auth Token. Private key.

An application needs to make an API call against another OCI service. What should you do to accomplish this?. Tag the compute instance. Create a group with no users. Make sure the correct policy is applied. Configure instance principals. Write a script to pass in your credentials when required.

What is the difference between blue/green and canary deployment strategies. In blue/green, application is deployed in minor increments to a select group of people. In canary, both old and new applications are simultaneously in production. In blue/green both old and new applications are in production at the same time. In canary, application is deployed incrementally to a select group of people. In blue/green, current applications are slowly replaced with new ones. In <MW y, Application II deployed incrementally to a select group of people. In blue/green, current applications are slowly replaced with new ones. In canary, both old and new applications are in production at the same time.

What can you use to dynamically make Kubernetes resources discoverable to public DNS servers?. ExternalDNS. CoreDNS. DynDNS. kubeDNS.

Which two statements are true for serverless computing and serverless architectures?. Long running tasks are perfectly suited for serverless. Serverless function state should never be stored externally. Application DevOps team is responsible for scaling. Serverless function execution is fully managed by a third party. Applications running on a FaaS (FunctioNETns as a Service) platform.

What are two of the main reasons you would choose to implement a serverless architecture?. No need for integration testing. Reduced operational cost. Improved In-function state management. Automatic horizontal scaling. Easier to run long-running operations.