[Aug-2022] The Best Oracle Cloud Infrastructure 1Z0-1084-21 Professional Exam Questions
Try 100% Updated 1Z0-1084-21 Exam Questions [2022]
Oracle 1Z0-1084-21 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
NEW QUESTION 29
You have been asked to create a stateful application deployed in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) that requires all ofyour worker nodes to mount and write data to persistent volumes.
Which two OCI storage services should you use?
- A. Use OCI Block Volume backed persistent volume.
- B. Use GlusterFS as persistent volume.
- C. Use open source storage solutions on top of OCI.
- D. Use OCI File Services as persistent volume.
- E. Use OCI Object Storage as persistent volume.
Answer: A,D
Explanation:
Explanation
A PersistentVolume (PV) is a piece of storage in the cluster that has been provisioned by an administrator.
PVs are volume plugins like Volumes, but have a lifecycle independent of any individual Pod that uses the PV.
A PersistentVolumeClaim (PVC) is a request for storage by a user. It is similar to a Pod. Pods consume node resources and PVCs consume PV resources.
If you intend to create Kubernetespersistent volumes, sufficient block volume quota must be available in each availability domain to meet the persistent volume claim. Persistent volume claims must request a minimum of
50 gigabytes
You can define and apply a persistent volume claim to yourcluster, which in turn creates a persistent volume that's bound to the claim. A claim is a block storage volume in the underlying IaaS provider that's durable and offers persistent storage, enabling your data to remain intact, regardless of whether the containers that the storage is connected to are terminated.
With Oracle Cloud Infrastructure as the underlying IaaS provider, you can provision persistent volume claims by attaching volumes from the Block Storage service
https://oracle.github.io/weblogic-kubernetes-operator/faq/oci-fss-pv/
https://kubernetes.io/docs/concepts/storage/persistent-volumes/
NEW QUESTION 30
Which two statements are true for serverless computing and serverless architectures?
- A. Serverless function state should never be stored externally
- B. Applications running on a FaaS (Functions as a Service) platform
- C. Long running tasks are perfectly suited for serverless
- D. Serverless function execution is fully managed by a third party
- E. Application DevOps team is responsible for scaling
Answer: A,B
Explanation:
Explanation
Oracle Functions is a fully managed,multi-tenant, highly scalable, on-demand, Functions-as-a-Service platform. It is built on enterprise-grade Oracle Cloud Infrastructure and powered by the Fn Project open source engine. Use Oracle Functions (sometimes abbreviated to just Functions) when youwant to focus on writing code to meet business needs.
The serverless and elastic architecture of Oracle Functions means there's no infrastructure administration or software administration for you to perform. You don't provision or maintain compute instances, and operating system software patches and upgrades are applied automatically. Oracle Functions simply ensures your app is highly-available, scalable, secure, and monitored Applications built with a serverless infrastructure will scale automatically asthe user base grows or usage increases. If a function needs to be run in multiple instances, the vendor's servers will start up, run, and end them as they are needed.
Oracle Functions is based on Fn Project. Fn Project is an open source, container native,serverless platform that can be run anywhere - any cloud or on-premises.
Serverless architectures are not built for long-running processes. This limits the kinds of applications that can cost-effectively run in a serverless architecture. Because serverlessproviders charge for the amount of time code is running, it may cost more to run an application with long-running processes in a serverless infrastructure compared to a traditional one.
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Concepts/functionsconcepts.htm
https://www.cloudflare.com/learning/serverless/why-use-serverless/
NEW QUESTION 31
You are developing a serverless application with Oracle Functions. Your function needs to store state in a database. Your corporate security Standards mandate encryption of secret information like database passwords.
As a function developer, which approach should you follow to satisfy this security requirement?
- A. All function configuration variables are automatically encrypted by Oracle Functions.
- B. Encrypt the password using Oracle Cloud Infrastructure Key Management. Decrypt this password in your function code withthe generated key.
- C. Use the Oracle Cloud Infrastructure Console and enter the password in the function configuration section in the provided input field.
- D. Use Oracle Cloud Infrastructure Key Management to auto-encrypt the password. It will inject the auto-decrypted password inside your function container.
Answer: B
NEW QUESTION 32
Which header is NOT required when signing GET requests to Oracle Cloud Infrastructure APIs?
- A. content-type
- B. date or x-date
- C. (request-target)
- D. host
Answer: A
Explanation:
Explanation
Authorization Header
The Oracle Cloud Infrastructure signature uses the "Signature"Authentication scheme (with an Authorization header), and not the Signature HTTP header.
This section describes the headers that must be included in the signing string:
For GET and DELETE requests (when there's no content in the request body), the signingstring must include at least these headers:
(request-target)
host
date or x-date (if both are included, Oracle uses x-date)
For PUT and POST requests (when there's content in the request body), the signing string must include at least these headers:
(request-target)
host
date or x-date (if both are included, Oracle uses x-date)
x-content-sha256 (except for Object Storage PUT requests; see the next section) content-type content-length References:
https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/signingrequests.htm
NEW QUESTION 33
Given a service deployed on Oracle Cloud infrastructure Container Engine for Kubernetes (OKE), which annotation should you add in the sample manifest file to specify a 400 Mbps load balancer?
- A. service . beta. kubernetes . lo/oci-load-balancer-shape: 400Mbps
- B. service . beta . kubernetes . lo/oci-load-balancer-size: 400Mbps
- C. service, beta, kubernetes. lo/oci-load-balancer-value: 4 00Mbps
- D. service.beta, kubernetes. lo/oci-load-balancer-kind: 400Mbps
Answer: A
Explanation:
Explanation
The shape of an Oracle Cloud Infrastructure load balancer specifies its maximum total bandwidth (that is, ingress plus egress). By default, load balancers are created with a shape of 100Mbps. Other shapes are available, including400Mbps and 8000Mbps.
To specify an alternative shape for a load balancer, add the following annotation in the metadata section of the manifest file:
service.beta.kubernetes.io/oci-load-balancer-shape: <value>
where value is the bandwidth of the shape (for example, 100Mbps, 400Mbps, 8000Mbps).
For example:
apiVersion: v1
kind: Service
metadata:
name: my-nginx-svc
labels:
app: nginx
annotations:
service.beta.kubernetes.io/oci-load-balancer-shape: 400Mbps
spec:
type: LoadBalancer
ports:
-port: 80
selector:
app: nginx
https://github.com/oracle/oci-cloud-controller-manager/blob/master/docs/load-balancer-annotations.md
NEW QUESTION 34
As a cloud-native developer, you have written a web service for your company. You have used Oracle Cloud Infrastructure (OCI) API Gateway service to expose the HTTP backend. However, your security team has suggested that your web service should handle Distributed Denial-of-Service (DDoS) attack. You are time-constrained and you need to make sure that this is implemented as soon as possible.
What should you do in this scenario?
- A. Use OCI virtual cloud network (VCN) segregation to control DDoS.
- B. Use OCI API Gateway service and configure rate limiting.
- C. Use a third party service integration to implement a DDoS attack mitigation,
- D. Re-write your web service and implement rate limiting.
Answer: B
Explanation:
Explanation
Having created an API gateway and deployed one or more APIs on it, you'll typically want to limit the rate at which front-end clients can make requests to back-end services. For example, to:
- maintain high availability and fair use of resources by protecting back ends from being overwhelmed by too many requests
- prevent denial-of-service attacks
- constrain costs of resource consumption
- restrict usage of APIs by your customers'users in order to monetize APIs You apply a rate limit globally to all routes in an API deployment specification.
If a request is denied because the rate limit has been exceeded, the response header specifies when the request can be retried.
You can add arate-limiting request policy to an API deployment specification by:
using the Console
editing a JSON file
{
"requestPolicies": {
"rateLimiting": {
"rateKey": "CLIENT_IP",
"rateInRequestsPerSecond": 10
}
},
"routes":[
{
"path": "/hello",
"methods": ["GET"],
"backend": {
"type": "ORACLE_FUNCTIONS_BACKEND",
"functionId": "ocid1.fnfunc.oc1.phx.aaaaaaaaab______xmq"
}
}
]
}
https://docs.cloud.oracle.com/en-us/iaas/Content/APIGateway/Tasks/apigatewaylimitingbackendaccess.htm
NEW QUESTION 35
You are working on a cloud native e-commerce application on Oracle Cloud Infrastructure (OCI). Your application architecture has multiple OCI services, including Oracle Functions. You need to trigger these functions directly from other OCI services, without having to run custom code.
Which OCI service cannot trigger your functions directly?
- A. OCI Registry
- B. OCI Events Service
- C. OCI API Gateway
- D. Oracle Integration
Answer: A
Explanation:
Explanation
Overview of Functions:
Oracle Functions is a fully managed, multi-tenant, highly scalable, on-demand, Functions-as-a-Service platform. It is built on enterprise-gradeOracle Cloud Infrastructure and powered by the Fn Project open source engine. Use Oracle Functions (sometimes abbreviated to just Functions) when you want to focus on writing code to meet business needs.
The serverless and elastic architecture of Oracle Functions means there's no infrastructure administration or software administration for you to perform. You don't provision or maintain compute instances, and operating system software patches and upgrades are applied automatically. Oracle Functions simply ensures your app is highly-available, scalable, secure, and monitored. With Oracle Functions, you can write code in Java, Python, Node, Go, and Ruby (and for advanced use cases, bring your own Dockerfile, and Graal VM).
You can invoke a function that you'vedeployed to Oracle Functions from:
- The Fn Project CLI.
- The Oracle Cloud Infrastructure SDKs.
- Signed HTTP requests to the function's invoke endpoint. Every function has an invoke endpoint.
- Other Oracle Cloud services (for example, triggered by an event in the Events service) or from external services.
so You can then deploy your code, call it directly or trigger it in response to events, and get billed only for the resources consumed during the execution.
Invoking Oracle Functions from Other OracleCloud Infrastructure Services:
You can invoke functions in Oracle Functions from other Oracle Cloud Infrastructure services. Typically, you'll want an event in another service to trigger a request to invoke a function defined in Oracle Functions.
This functionality is currently available in:
A:The Events service. For more information, see Overview of Events.
B:The Notifications service. For more information, see Notifications Overview. For a scenario, see Scenario A: Automatically Resize VMs.
C:The API Gateway service. For more information, see Adding a Function in Oracle Functions as an API Gateway Back End.
D:The Oracle Integration service, using the OCI Signature Version 1 security policy. For more information, see Configure Oracle Integration to CallOracle Cloud Infrastructure Functions with the REST Adapter in Using the REST Adapter with Oracle Integration.
so OCI Registry services cannot trigger yourfunctions directly
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionsintegratingwithother.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Concepts/functionsoverview.htm
https://blogs.oracle.com/cloud-infrastructure/announcing-notifications-triggers-for-serverless-functions
NEW QUESTION 36
A leading insurancefirm is hosting its customer portal in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes with an OCI Autonomous Database. Their support team discovered a lot of SQL injection attempts and cross-site scripting attacks to the portal, which isstarting to affect the production environment.
What should they implement to mitigate this attack?
- A. Web Application Firewall
- B. Network Security Firewall
- C. Network Security Lists
- D. Network Security Groups
Answer: A
Explanation:
Explanation
Web Application Firewall (WAF):
Oracle Cloud Infrastructure Web Application Firewall (WAF) is a cloud-based, Payment Card Industry (PCI) compliant, global security service that protects applications from malicious and unwanted internet traffic.
WAF can protect any internet facing endpoint,providing consistent rule enforcement across a customer's applications.
WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwantedbots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.
The global Security Operations Center (SOC) will continually monitor the internet threat landscape acting asan extension of your IT infrastructure.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/WAF/Concepts/overview.htm
NEW QUESTION 37
Which statements is incorrect with regards to the Oracle Cloud Infrastructure (OCI) Notifications service?
- A. A subscription can integrate with PagerDuty events.
- B. A subscription can forward notifications to an HTTPS endpoint.
- C. An OCI function may subscribe to anotification topic.
- D. Notification topics may be assigned as the action performed by an OCI Events configuration.
- E. It may be used to receive an email each time an OCI Autonomous Database backup is completed.
- F. OCI Alarms can be configured to publish to a notification topic when triggered.
Answer: E
Explanation:
Explanation
Notification service supports subscriptions topics: E-Mail, Function, Https, PagerDuty and Slack
Alarms: Notifications sends alarm messages when alarms are breached. The alarm message is sent to the topic specified in the alarm. For example, an alarm message might be configured for high CPU usage.
See Managing Alarms.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/Notification/Concepts/notificationoverview.htm
NEW QUESTION 38
Which two are benefits of distributed systems?
- A. Resiliency
- B. Ease of testing
- C. Scalability
- D. Security
- E. Privacy
Answer: A,C
Explanation:
Explanation
distributed systems of native-cloud like functions that have a lot of benefit like Resiliency and availability Resiliency andavailability refers to the ability of a system to continue operating, despite the failure or sub-optimal performance of some of its components.
In the case of Oracle Functions:
The control plane is a set of components that manages function definitions.
Thedata plane is a set of components that executes functions in response to invocation requests.
For resiliency and high availability, both the control plane and data plane components are distributed across different availability domains and fault domains ina region. If one of the domains ceases to be available, the components in the remaining domains take over to ensure that function definition management and execution are not disrupted.
When functions are invoked, they run in the subnets specified for theapplication to which the functions belong.
For resiliency and high availability, best practice is to specify a regional subnet for an application (or alternatively, multiple AD-specific subnets in different availability domains). If an availability domainspecified for an application ceases to be available, Oracle Functions runs functions in an alternative availability domain.
Concurrency and Scalability
Concurrency refers to the ability of a system to run multiple operations in parallel using shared resources.
Scalability refers to the ability of the system to scale capacity (both up and down) to meet demand.
In the case of Functions, when a function is invoked for the first time, the function's image is run as a container on an instance in a subnetassociated with the application to which the function belongs. When the function is executing inside the container, the function can read from and write to other shared resources and services running in the same subnet (for example, Database as a Service).The function can also read from and write to other shared resources (for example, Object Storage), and other Oracle Cloud Services.
If Oracle Functions receives multiple calls to a function that is currently executing inside a running container, Oracle Functions automatically and seamlessly scales horizontally to serve all the incoming requests. Oracle Functions starts multiple Docker containers, up to the limit specified for your tenancy. The default limit is 30 GB of RAM reserved for function execution per availability domain, although you can request an increase to this limit. Provided the limit is not exceeded, there is no difference in response time (latency) between functions executing on the different containers.
NEW QUESTION 39
How can you find details of the tolerations field for the sample YAML file below?
- A. kubectl explain pod.spec.tolerations
- B. kubectl list pod.spec.tolerations
- C. kubectl get pod.spec.tolerations
- D. kubectl describe pod.spec tolerations
Answer: A
Explanation:
kubectl explain to List the fields for supported resources
explainkubectl explain [--recursive=false] [flags]Get documentation of various resources. For instance pods, nodes, services, etc.
References:
https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#explain
https://kubernetes.io/docs/reference/kubectl/cheatsheet/
NEW QUESTION 40
Which two are characteristics of microservices?
- A. Microservices communicate over lightweight APIs.
- B. Microservices can be implemented in limited number of programming languages.
- C. Microservicescan be independently deployed.
- D. All microservices share a data store.
- E. Microservices are hard to test in isolation.
Answer: A,C
Explanation:
Explanation
Learn About the Microservices Architecture
If you want to design an application that is multilanguage, easily scalable, easy to maintain and deploy, highly available, and that minimizes failures, then use the microservices architecture to design and deploy a cloud application.
In a microservicesarchitecture, each microservice owns a simple task, and communicates with the clients or with other microservices by using lightweight communication mechanisms such as REST API requests.
The following diagram shows the architecture of an application thatconsists of multiple microservices.
Microservices enable you to design your application as a collection of loosely coupled services. Microservices follow the share-nothing model, and run as stateless processes. This approach makes it easier to scale andmaintain the application.
The API layer is the entry point for all the client requests to a microservice. The API layer also enables the microservices to communicate with each other over HTTP, gRPC, and TCP/UDP.
The logic layer focuses on a single business task, minimizing the dependencies on the other microservices.
This layer can be written in a different language for each microservice.
The data store layer provides a persistence mechanism, such as a database storage engine, log files, and so on.
Consider using a separate persistent data store for each microservice.
Typically, each microservice runs in a container that provides a lightweight runtime environment.
Loosely coupled with other services - enables a team to work independently the majority of time on their service(s) without being impacted by changes to other services and without affecting other services
References:
https://docs.oracle.com/en/solutions/learn-architect-microservice/index.html
https://microservices.io/patterns/microservices.html
https://www.techjini.com/blog/microservices/
NEW QUESTION 41
In a Linux environment, what is the default locations of the configuration file that Oracle Cloud Infrashtructure CLI uses for profile information/
- A. SHOME/.oci/config
- B. /etc/.oci/config
- C. /usr/local/bin/config
- D. /usr/bin/oci/config
Answer: A
Explanation:
Explanation
By default, the Oracle Cloud Infrastructure CLI configuration file is located at ~/.oci/config.
You might already have a configuration file as a result of installing the Oracle Cloud Infrastructure CLI.
NEW QUESTION 42
You are developing a serverless application with Oracle Functions. Your function needs to store state in a database. Your corporate security Standards mandate encryption of secret information like database passwords.
As a function developer, which approach should you follow to satisfy this security requirement?
- A. All function configuration variables are automatically encrypted by Oracle Functions.
- B. Encrypt the password using Oracle Cloud Infrastructure Key Management. Decrypt this password in your function code withthe generated key.
- C. Use the Oracle Cloud Infrastructure Console and enter the password in the function configuration section in the provided input field.
- D. Use Oracle Cloud Infrastructure Key Management to auto-encrypt the password. It will inject the auto-decrypted password inside your function container.
Answer: B
Explanation:
Explanation
Oracle Functions: Using Key Management To Encrypt And Decrypt Configuration Variables Since this process involves multiple steps, I thought it would be helpful to give you an outline of the steps that we're going to take:
Create a KMS vault
Create a Master Encryption Key
Generate a Data Encryption Key
Use the DEK plaintext return value to encrypt the sensitive value (offline) Store the encrypted sensitive value as a config variable in the serverless application Store the DEK ciphertext and the initVector used to encrypt the sensitive value as Function config variables Within the function, decrypt theDEK ciphertext back into plaintext using the OCID and Cryptographic Endpoint by invoking the OCI KMS SDK Decrypt the sensitive value using the decrypted DEK plaintext and the initVector
References:
https://blogs.oracle.com/developers/oracle-functions-using-key-management-to-encrypt-and-decrypt-configuratio
https://docs.oracle.com/en/database/other-databases/essbase/19.3/essad/encrypt-values-using-kms.html
NEW QUESTION 43
You are using Oracle Cloud Infrastructure (0CI) Resource Manager to manage your infrastructure lifecycle and wish to receive an email each time a Terraform action begins.
How should you use the OCI Events service to do this without writing any code?
- A. Create an OCI Notification topic and email subscription with the destination email address. Then create an OCI Events rule matching "Resource Manager job - Create" condition, and select the notification topic for the corresponding action.
- B. Create an OCI Email Delivery configuration with thedestination email address. Then create an OCI Events rule matching "Resource Manager Job - Create" condition, and select the email configuration for the corresponding action.
- C. Create an OCI Notifications topic and email subscription with the destination email address. Then create an OCI Events rule matching "Resource Manager Stack - Update" condition, and select the notification topic for the corresponding action.
- D. Create a rule in OCI Events service matching the "Resource Manager Stack - Update" condition. Then select "Action Type: Email" and provide the destination email address.
Answer: A
Explanation:
Explanation
Managing Topics and Subscriptions:
1. Create Notifications Topic and Subscription
If a suitable Notifications topic doesn't already exist, then you must log in to the Console as a tenancy administrator and create it. Whether you use an existing topic or create a new one, add an email address as a subscription so that you canmonitor that email account for notifications
2. Using the Console to Create a Rule
Use the Console to create a rule with a pattern that matches bucket creation events emitted by Object Storage.
Specify the Notifications topic you created as an action to deliver matching events. To test your rule, create a bucket. Object Storage emits an event which triggers the action. Check the email specified in the subscription to receive your notification
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/Events/Concepts/eventsgetstarted.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/Notification/Tasks/managingtopicsandsubscriptions.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/Notification/Concepts/notificationoverview.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/Events/Concepts/filterevents.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/ResourceManager/Tasks/managingstacksandjobs.htm
NEW QUESTION 44
You are implementing logging in your services that will be running in Oracle Cloud Infrastructure Container Engine for Kubernetes. Which statement describes the appropriate logging approach?
- A. All services log to an external logging system.
- B. Each service logs to its own log file.
- C. All services log to a shared log file.
- D. All services log to standard output only.
Answer: D
Explanation:
Explanation
Application and systems logs can help you understand what ishappening inside your cluster. The logs are particularly useful for debugging problems and monitoring cluster activity. Most modern applications have some kind of logging mechanism; as such, most container engines are likewise designed to support some kind of logging. The easiest and most embraced logging method for containerized applications is to write to the standard output and standard error streams.
Kubernetes also provides cluster-based logging to record container activity into a central logging subsystem. The standard output and standard error output of each container in a Kubernetes cluster can be ingested using an agent like Fluentd running on each node into tools like Elasticsearch and viewed with Kibana. And finally, monitor containers, pods, applications, services, and other components of your cluster.
One can use tools such as Prometheus, Grafana, Jaeger for monitoring, visibility, and tracing the cluster.
References:
https://dzone.com/articles/5-best-security-practices-for-kubernetes-and-oracle-kubernetes-engine
https://kubernetes.io/docs/concepts/cluster-administration/logging/
https://blogs.oracle.com/developers/5-best-practices-for-kubernetes-security
NEW QUESTION 45
What is the minimum amount of storage that a persistent volume claim can obtain InOracle Cloud Infrastructure Container Engine for Kubemetes (OKE)?
- A. 1 GB
- B. 1 TB
- C. 10 GB
- D. 50 GB
Answer: D
Explanation:
Explanation
Provisioning Persistent Volume Claims on the Block Volume Service:
Block volume quota: If you intend to create Kubernetes persistent volumes, sufficient block volume quota must be available in each availability domain to meet the persistent volume claim. Persistent volume claims must request a minimum of 50 gigabytes.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengcreatingpersistentvolumeclaim.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengprerequisites.htm
NEW QUESTION 46
You encounter an unexpected error when invoking the Oracle Function named "myfunction" in application
"myapp". Which can you use to get more information on the error?
- A. DEBOG=1 fn invoke myapp myfunction
- B. fn --debug invoke myapp myfunction
- C. Call Oracle support with your error message
- D. fn --verbose invoke myapp myfunction
Answer: A
Explanation:
Explanation
Troubleshooting Oracle Functions
If you encounter an unexpected error when using an Fn Project CLI command, you can find out more about the problem by starting the command with the string DEBUG=1 and running the command again. For example:
$ DEBUG=1 fn invoke helloworld-app helloworld-func
Note that DEBUG=1 must appear before the command, and that DEBUG must be in upper case.
NEW QUESTION 47
You are building a container image and pushing it to the Oracle Cloud Infrastructure Registry (OCIR). You need to make sure that these get deleted from the repository.
Which action should you take?
- A. Create a group and assign a policy to perform lifecycle operations on images.
- B. Set global policy of image retention to "Retain All Images".
- C. In your compartment, write a policy to limit accessto the specific repository.
- D. Edit the tenancy global retention policy.
Answer: D
Explanation:
Explanation
Deleting an Image
When you no longer need an old image or you simply want to clean up the list of image tags in a repository, you can delete images from Oracle Cloud Infrastructure Registry.
Your permissions control the images in Oracle Cloud Infrastructure Registry that you can delete. You can delete images from repositories you've created, and from repositories that the groups to which you belong have been granted accessby identity policies. If you belong to the Administrators group, you can delete images from any repository in the tenancy.
Note that as well deleting individual images , you can set up image retention policies to delete images automatically based on selection criteria you specify (see Retaining and Deleting Images Using Retention Policies).
Note:
In each region in a tenancy, there's a global image retention policy. The global image retention policy's default selection criteria retain all images so that no images are automaticallydeleted. However, you can change the global image retention policy so that images are deleted if they meet the criteria you specify. A region's global image retention policy applies to all repositories in the region, unless it is explicitly overridden byone or more custom image retention policies.
You can set up custom image retention policies to override the global image retention policy with different criteria for specific repositories in a region. Having created a custom image retention policy, you apply the custom retention policy to a repository by adding the repository to the policy. The global image retention policy no longer applies to repositories that you add to a custom retention policy.
https://docs.cloud.oracle.com/en-us/iaas/Content/Registry/Tasks/registrymanagingimageretention.htm#:~:text=In
NEW QUESTION 48
Which two statements are true for service choreography?
- A. Service choreographer is responsible for invoking other services.
- B. Decision logic in service choreography is distributed.
- C. Service choreography should not useevents for communication.
- D. Services involved in choreography communicate through messages/messaging systems.
- E. Service choreography relies on a central coordinator.
Answer: B,D
Explanation:
Explanation
Service Choreography
Service choreography is a global description of the participating services, which is defined by exchange of messages, rules of interactionand agreements between two or more endpoints. Choreography employs a decentralized approach for service composition. the decision logic is distributed, with no centralized point.
Choreography, in contrast, does not rely on a central coordinator. and all participants in the choreography need to be aware of the business process, operations to execute, messages to exchange, and the timing of message exchanges.
References:
https://stackoverflow.com/questions/4127241/orchestration-vs-choreography/33316988
NEW QUESTION 49
You are developing a serverless applicationwith Oracle Functions. You have created a function in compartment named prod. When you try to invoke your function you get the following error.
Errorinvokingfunction.status:502message:dhcp options ocid1.dhcpoptions.oc1.phx.aaaaaaaac...doesnot existorOracleFunctionsisnotauthorized touseit How can you resolve this error?
- A. Create a policy:
Allow any-user to manage function-family and virtual-network-family in compartment prod - B. Create a policy:
Allow function-family to use virtual-network-family in compartmentprod - C. Create a policy:
Allow service FaaS to use virtual-network-family in compartment prod - D. Deleting the function andredeploying it will fix the problem
Answer: C
Explanation:
Explanation
Troubleshooting Oracle Functions:
There are common issues related to Oracle Functions and how you can address them.
Invoking a function returns a FunctionInvokeSubnetNotAvailable message and a 502 error (dueto a DHCP Options issue) When you invoke a function that you've deployed to Oracle Functions, you might see the following error message:
{"code":"FunctionInvokeSubnetNotAvailable","message":"dhcp options ocid1.dhcpoptions........ does not exist or OracleFunctions is not authorized to use it"} Fn: Error invoking function. status: 502 message: dhcp options ocid1.dhcpoptions........ does not exist or Oracle Functions is not authorized to use it If you see this error:
Double-check that a policy has been created to give Oracle Functions access to network resources.
Create Policies to Control Access to Network and Function-Related Resources:
Service Access to Network Resources
When Oracle Functions users create a function or application, they have to specify a VCN and a subnet in which to create them. To enable the Oracle Functions service to create the function or application in the specified VCN and subnet, you must create an identity policy to grant the Oracle Functions service access to the compartment to which the network resources belong.
To create a policy to give the Oracle Functions service access to network resources:
Log in to the Console as a tenancy administrator.
Create a new policy in the root compartment:
Open the navigation menu. Under Governanceand Administration, go to Identity and click Policies.
Follow the instructions in To create a policy, and give the policy a name (for example, functions-service-network-access).
Specify a policy statement to give the Oracle Functions service access to the network resources in the compartment:
Allow service FaaS to use virtual-network-family in compartment <compartment-name> For example:
Allow service FaaS to use virtual-network-family in compartment acme-network Click Create.
Double-check that the set of DHCP Options in the VCN specified for the application still exists.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionstroubleshooting.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionscreatingpolicies.htm
NEW QUESTION 50
What is one of the differences between a microservice and a serverless function?
- A. Microservices always use a data storeand serverless functions never use a data store.
- B. Microservices are used for long running operations and serverless functions for short running operations.
- C. Microservices are stateless and serverless functions are stateful.
- D. Microservices are triggered by events and serverless functions are not.
Answer: B
Explanation:
Explanation
microservice is larger and can do more than a function. A function is a relatively small bit of code that performs only one action in response to an event.
Many microservices can run on several servers, and different instances of a specific microservice can run on several servers.
In many cases, microservices can be decomposed into a number of smaller stateless functions. The difference between microservices and functions is not simply the size. Functions are stateless, and they require no knowledge about or configuration of the underlying server-hence, the term serverless.
Microservices are best suited for long-running, complex applications that have significant resource and management requirements. You can migrate an existing monolithic application to microservices, which makes it easier to modularly develop features for the application and deploy it in the cloud. Microservices are also a good choice for building e-commerce sites, as they can retain information throughout a transaction and meet the needs of a 24/7 customer base.
On the other hand, serverless functions only execute when needed. Once the execution is over, the computing instance that runs the code decommissions itself. Serverless aligns with applications that are event driven, especially when the events are sporadic and the event processingis not resource-intensive. Serverless is a good choice when developers need to deploy fast and there are minimal application scaling concerns. For example, a good use of serverless computing is a scheduled task that needs to perform some data aggregation and will execute for just a few seconds.
References:
https://www.cloudflare.com/learning/serverless/glossary/serverless-microservice/
https://developer.oracle.com/java/fn-project-introduction.html
https://searchapparchitecture.techtarget.com/answer/When-should-I-choose-between-serverless-and-microservice
NEW QUESTION 51
......
1Z0-1084-21 Exam Questions Get Updated [2022] with Correct Answers: https://exam-labs.itpassleader.com/Oracle/1Z0-1084-21-dumps-pass-exam.html