You have been asked to ensure that in-transit communication between an Oracle Cloud Infrastructure (OCI) compute instance and an on-premises server (192.168.10.10/32) is encrypted. The instances communicate using HTTP. The OCI Virtual Cloud Network (VCN) is connected to the on-premises network by two separate connections: a Dynamic IPsec VPN tunnel and a FastConnect virtual circuit. No static configuration has been added.

What solution should you recommend? (Choose the best answer.)

A. The instances will communicate by default over IPsec VPN, which ensures data is encrypted in-transit.

B. Advertise a 192.168.10.10/32 route over the VPN.

C. Advertise a 192.168.10.10/32 router over the FastConnect.

D. The instances will communicate by default over the FastConnect private virtual circuit, which ensures data is encrypted in-transit.

You have created a group for several auditors. You assign the following policies to the group:

What actions are the auditors allowed to perform within your tenancy? (Choose the best answer.)

A. The Auditors can view resources in the tenancy.

B. Auditors are able to create new instances in the tenancy.

C. The Auditors are able to delete resource in the tenancy.

D. Auditors are able to view all resources in the compartment.

You have a Linux compute instance located in a public subnet in a VCN which hosts a web application. The security list attached to subnet containing the compute instance has the following stateful ingress rule.

The Route table attached to the Public subnet is shown below. You can establish an SSH connection into the compute instance from the internet. However, you are not able to connect to the web server using your web browser.

Which step will resolve the issue? (Choose the best answer.)

A. In the route table, add a rule for your default traffic to be routed to NAT gateway.

B. In the security list, add an ingress rule for port 80 (http).

C. In the security list, remove the ssh rule.

D. In the route table, add a rule for your default traffic to be routed to service gateway.

You have the following compartment structure within your company's Oracle Cloud Infrastructure (OCI) tenancy:

You want to create a policy in the root compartment to allow SystemAdmins to manage VCNs only in CompartmentC.

Which policy is correct? (Choose the best answer.)

A. Allow group SystemAdmins to manage virtual-network-family in compartment CompartmentB:CompartmentC

B. Allow group SystemAdmins to manage virtual-network-family in compartment Root

C. Allow group SystemAdmins to manage virtual-network-family in compartment CompartmentA:CompartmentB:CompartmentC

D. Allow group SystemAdmins to manage virtual-network-family in compartment CompartmentC

Your application is using an Object Storage bucket named app-data in the namespace vision, to store both persistent and temporary data. Every week all the temporary data should be deleted to limit the storage consumption.

Currently you need to navigate to the Object Storage page using the web console, select the appropriate bucket to view all the objects and delete the temporary ones.

To simplify the task you have configured the application to save all the temporary data with /temp prefix. You have also decided to use the Command Line Interface (CLI) to perform this operation.

What is the command you should use to speed up the data cleanup? (Choose the best answer.)

A. oci os object delete –ns vision –bn app–data ––prefix /temp

B. oci os object bulk-delete –ns vision –bn app–data ––prefix /temp ––force

C. oci objectstorage bulk–delete –ns vision –bn app–data ––prefix /temp ––force

D. oci os object delete app-data in vision where prefix = /temp

You are working with Terraform on your laptop and have been tasked with spinning up multiple compute instances in Oracle Cloud Infrastructure (OCI) for a project. In addition, you are also required to collect IP

addresses of provisioned instances and write them to a file and save it in your laptop. Which specific Terraform functionality can help accomplish this task? (Choose the best answer.)

A. Terraform modules

B. Terraform remote state

C. Terraform local-exec

D. Terraform remote-exec

One of your development teams has asked for your help to standardize the creation of several compute instances that must be provisioned each day of the week. You initially write several Command Line Interface (CLI) commands with all appropriate configuration parameters to achieve this task later determining this method lacks flexibility.

Which command generates a JSON-based template that Oracle Cloud Infrastructure (OCI) CLI can use to provision these instances on a regular basis? (Choose the best answer.)

A. oci compute instance create – –generate–cli–skeleton

B. oci compute instance launch – –generate–cli–skeleton

C. oci compute provision–instance – –generate–full–command–json–input

D. oci compute instance launch – –generate–full–command–json–input

Multiple teams are sharing a tenancy in Oracle Cloud Infrastructure (OCI). You are asked to figure out an appropriate method to manage OCI costs.

Which is NOT a valid technique to accurately attribute costs to resources used by each team? (Choose the best answer.)

A. Create a Cost-Tracking tag. Apply this tag to all resources with team information. Use the OCI cost analysis tools to filter costs by tags.

B. Create separate compartment for each team. Use the OCI cost analysis tools to filter costs by compartment.

C. Create an Identity and Access Management (IAM) group for each team. Create an OCI budget for each group to track spending.

D. Define and use tags for resources used by each team. Analyze usage data from the OCI Usage Report which has detailed information about resources and tags.

You have a group pf developers who launch multiple VM.Standard2.2 compute instances every day into the compartment Dev. As a result, your OCI tenancy quickly hit the service limit for this shape. Other groups can no longer create new instances using VM.Standard2.2 shape.

Because of this, your company has issued a new mandate that the Dev compartment must include a quota to allow for use of only 20 VM.Standard2.2 shapes per Availability Domain. Your solution should not affect any other compartment in the tenancy.

Which quota statement should be used to implement this new requirement? (Choose the best answer.)

A. set compute quota vm-standard2–2count to 10 in compartment dev where request.region = usphoenix–1

B. set compute quota vm-standard2–2–count to 20 in compartment dev

C. zero compute quotas in tenancy set compute quota vm–standard2–2–count to 20 in compartment dev

D. zero compute quotas in tenancy set compute quota vm–standard2–2–count to 20 in tenancy dev

An insurance company has contracted you to help automate their application business continuity plan. They have the application running in eu-frankfurt-1 as the primary site and uk-london-1 as a disaster recovery site. Normally they have a DNS A record associated with the IP address of the primary endpoint in eu-frankfurt-1. In the event of a disaster, they use OCI DNS Zone Management to update the A record and replace it with the IP address of the endpoint in uk-londond-1.

How can you automate the failover process? (Choose the best answer.)

A. Create a Health Check that evaluates both regional endpoints. Create a Traffic Management Steering policy with Failover type and associate it with the Health Check.

B. Create a Traffic Management Steering policy with Load Balancer type and add both eu-frankfurt-1 and uk-london-1 endpoints. Attach the Traffic Management Steering policy to the A record.

C. Provision a Load Balancer in Frankfurt and associate it with the A record in DNS. Create a backend set with backend servers from both eu-frankfurt-1 and uk-london-1 regions.

D. Create a Traffic Management Steering policy and attach it to a backend servers from both eu-frankfurt1 and uk-london-1 regions.