Browsed by
Tag: 1z0-1084-21 pdf dumps

Latest 1z0-1084-21 Exam 1z0-1084-21 Dumps 100% Free Download

Latest 1z0-1084-21 Exam 1z0-1084-21 Dumps 100% Free Download

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your Oracle Cloud Infrastructure (OCI) 1z0-1084-21 Oracle Cloud Infrastructure Developer 2021 Associate exam. We will assist you clear the 1z0-1084-21 exam with Oracle Cloud Infrastructure (OCI) latest 1z0-1084-21 dumps. We 1z0-1084-21 vce are the most comprehensive ones.

Visit our site to get more 1z0-1084-21 Q and As: (72 QAs Dumps)
Question 1:

Which one of the statements describes a service aggregator pattern?

A. It is implemented in each service separately and uses a streaming service

B. It involves implementing a separate service that makes multiple calls to other backend services

C. It uses a queue on both sides of the service communication

D. It involves sending events through a message broker

Correct Answer: B

this pattern isolates an operation that makes calls to multiple back-end microservices, centralizing its logic into a specialized microservice.

Question 2:

You have been asked to create a stateful application deployed in Oracle Cloud Infrastructure (OCI)

Container Engine for Kubernetes (OKE) that requires all of your worker nodes to mount and write data to

persistent volumes.

Which two OCI storage services should you use?

A. Use OCI File Services as persistent volume.

B. Use GlusterFS as persistent volume.

C. Use OCI Block Volume backed persistent volume.

D. Use open source storage solutions on top of OCI.

E. Use OCI Object Storage as persistent volume.

Correct Answer: AC

A PersistentVolume (PV) is a piece of storage in the cluster that has been provisioned by an administrator. PVs are volume plugins like Volumes, but have a lifecycle independent of any individual Pod that uses the PV. A PersistentVolumeClaim (PVC) is a request for storage by a user. It is similar to a Pod. Pods consume node resources and PVCs consume PV resources. If you intend to create Kubernetes persistent volumes, sufficient block volume quota must be available in each availability domain to meet the persistent volume claim. Persistent volume claims must request a minimum of 50 gigabytes You can define and apply a persistent volume claim to your cluster, which in turn creates a persistent volume that\’s bound to the claim. A claim is a block storage volume in the underlying IaaS provider that\’s durable and offers persistent storage, enabling your data to remain intact, regardless of whether the containers that the storage is connected to are terminated. With Oracle Cloud Infrastructure as the underlying IaaS provider, you can provision persistent volume claims by attaching volumes from the Block Storage service.

Question 3:

Which two handle Oracle Functions authentication automatically?

A. Oracle Cloud Infrastructure SDK


C. Oracle Cloud Infrastructure CLl

D. Signed HTTP Request

E. Fn Project CLI

Correct Answer: CE

Fn Project CLI you can create an Fn Project CLI Context to Connect to Oracle Cloud Infrastructure and specify — provider oracle This option enables Oracle Functions to perform authentication and authorization using Oracle Cloud Infrastructure request signing, private keys, user groups, and policies that grant permissions to those user groups.

Question 4:

You are building a cloud native, serverless travel application with multiple Oracle Functions in Java, Python and Node.js. You need to build and deploy these functions to a single applications named travel-app. Which command will help you complete this task successfully?

A. oci fn function deploy –ap travel-ap –all

B. fn deploy –ap travel-ap — all

C. oci fn application –application-name-ap deploy –all

D. fn function deploy –all –application-name travel-ap

Correct Answer: B

check the steps for Creating, Deploying, and Invoking a Helloworld Function en-us/iaas/Content/Functions/Tasks/functionscreatingfirst.htm in step 7 that will deploy the funcation 7Enter the following single Fn Project command to build the function and its dependencies as a Docker image called helloworld-func, push the image to the specified Docker registry, and deploy the function to Oracle Functions in the helloworld-app: $ fn -v deploy –app helloworld-app The -v option simply shows more detail about what Fn Project commands are doing (see Using the Fn Project CLI with Oracle Functions).

Question 5:

A pod security policy (PSP) is implemented in your Oracle Cloud Infrastructure Container Engine for Kubernetes cluster Which rule can you use to prevent a container from running as root using PSP?

A. NoPrivilege

B. RunOnlyAsUser

C. MustRunAsNonRoot

D. forbiddenRoot

Correct Answer: C

# Require the container to run without root privileges.

rule: \’MustRunAsNonRoot\’


Question 6:

You are working on a serverless DevSecOps application using Oracle Functions. You have deployed a Python function that uses the Oracle Cloud Infrastructure (OCI) Python SDK to stop any OC1 Compute instance that does not comply with your corporate security standards There are 3 non compliant OCI Compute instances. However, when you invoke this function none of the instances were stopped. How should you troubleshoot this?

A. There is no way to troubleshoot a function running on Oracle Functions.

B. Enable function logging in the OCI console, include some print statements in your function code and use logs to troubleshoot this.

C. Enable function remote debugging in the OCI console, and use your favorite IDE to inspect the function running on Oracle Functions.

D. Enable function tracing in the OCI console, and go to OCI Monitoring console to see the function stack trace.

Correct Answer: B

Storing and Viewing Function Logs When a function you\’ve deployed to Oracle Functions is invoked, you\’ll typically want to store the function\’s logs so that you can review them later. You specify where Oracle Functions stores a function\’s logs by setting a logging policy for the application containing the function. You set application logging policies in the Console. Whenever a function is invoked in this application, its logs are stored according to the logging policy that you specified. you can view the logs for a function that have been stored in a storage bucket in Oracle Cloud Infrastructure Object Storage

Question 7:

Which statement accurately describes Oracle Cloud Infrastructure (OCI) Load Balancer integration with OCI Container Engine for Kubernetes (OKE)?

A. OKE service provisions an OCI Load Balancer instance for each Kubernetes service with LoadBalancer type in the YAML configuration.

B. OCI Load Balancer instance provisioning is triggered by OCI Events service for each Kubernetes service with LoadBalancer type in the YAML configuration.

C. OCI Load Balancer instance must be manually provisioned for each Kubernetes service that requires traffic balancing.

D. OKE service provisions a single OCI Load Balancer instance shared with all the Kubernetes services with LoadBalancer type in the YAML configuration.

Correct Answer: D

If you are running your Kubernetes cluster on Oracle Container Engine for Kubernetes (commonly known as OKE), you can have OCI automatically provision load balancers for you by creating a Service of type LoadBalancer instead of (or in addition to) installing an ingress controller like Traefik or Voyage YAML file

When you apply this YAML file to your cluster, you will see the new service is created. After a short time (typically less than a minute) the OCI Load Balancer will be provisioned.

Question 8:

Which Oracle Cloud Infrastructure (OCI) load balancer shape is used by default in OCI container Engineer for Kubernetes?

A. 400 Mbps

B. 8000 Mbps

C. There is no default. The shape has to be specified.

D. 100 Mbps

Correct Answer: D

Specifying Alternative Load Balancer Shapes The shape of an Oracle Cloud Infrastructure load balancer specifies its maximum total bandwidth (that is, ingress plus egress). By default, load balancers are created with a shape of 100Mbps. Other shapes are available, including 400Mbps and 8000Mbps.

Question 9:

You have written a Node.js function and deployed it to Oracle Functions. Next, you need to call this

function from a microservice written in Java deployed on Oracle Cloud Infrastructure (OCI) Container

Engine for Kubernetes (OKE).

Which can help you to achieve this?

A. Use the OCI CLI with kubect1 to invoke the function from the microservice.

B. Oracle Functions does not allow a microservice deployed on OKE to invoke a function.

C. OKE does not allow a microservice to invoke a function from Oracle Functions.

D. Use the OCI Java SDK to invoke the function from the microservice.

Correct Answer: D

You can invoke a function that you\’ve deployed to Oracle Functions in different ways:

Using the Fn Project CLI.

Using the Oracle Cloud Infrastructure CLI.

Using the Oracle Cloud Infrastructure SDKs.

Making a signed HTTP request to the function\’s invoke endpoint. Every function has an invoke endpoint.

Question 10:

A developer using Oracle Cloud Infrastructure (OCI) API Gateway must authenticate the API requests to their web application. The authentication process must be implemented using a custom scheme which accepts string parameters from the API caller. Which method can the developer use In this scenario?

A. Create an authorizer function using request header authorization.

B. Create an authorizer function using token-based authorization.

C. Create a cross account functions authorizer.

D. Create an authorizer function using OCI Identity and Access Management based authentication

Correct Answer: B

Having deployed the authorizer function, you enable authentication and authorization for an API deployment by including two different kinds of request policy in the API deployment specification: An authentication request policy for the entire API deployment that specifies:The OCID of the authorizer function that you deployed to Oracle Functions that will perform authentication and authorization.The request attributes to pass to the authorizer function.Whether unauthenticated callers can access routes in the API deployment. An authorization request policy for each route that specifies the operations a caller is allowed to perform, based on the caller\’s access scopes as returned by the authorizer function. Using the Console to Add Authentication and Authorization Request Policies To add authentication and authorization request policies to an API deployment specification using the Console: Create or update an API deployment using the Console, select the From Scratch option, and enter details on the Basic Information page. For more information, see Deploying an API on an API Gateway by Creating an API Deployment and Updating API Gateways and API Deployments. In the API Request Policies section of the Basic Information page, click the Add button beside Authentication and specify: Application in : The name of the application in Oracle Functions that contains the authorizer function. You can select an application from a different compartment. Function Name: The name of the authorizer function in Oracle Functions. Authentication Token: Whether the access token is contained in a request header or a query parameter. Authentication Token Value: Depending on whether the access token is contained in a request header or a query parameter, specify:

Header Name: If the access token is contained in a request header, enter the name of the header. Parameter Name: If the access token is contained in a query parameter, enter the name of the query parameter.

Question 11:

Which is NOT a valid option to execute a function deployed on Oracle Functions?

A. Send a signed HTTP requests to the function\’s invoke endpoint

B. Invoke from Oracle Cloud Infrastructure CLI

C. Invoke from Docker CLI

D. Trigger by an event in Oracle Cloud Infrastructure Events service

E. Invoke from Fn Project CLI

Correct Answer: C

You can invoke a function that you\’ve deployed to Oracle Functions in different ways:

Using the Fn Project CLI.

Using the Oracle Cloud Infrastructure CLI.

Using the Oracle Cloud Infrastructure SDKs.

Making a signed HTTP request to the function\’s invoke endpoint. Every function has an invoke endpoint.

Each of the above invokes the function via requests to the API. Any request to the API must be

authenticated by including a signature and the OCID of the compartment to which the function belongs in

the request header. Such a request is referred to as a \’signed\’ request. The signature includes Oracle

Cloud Infrastructure credentials in an encrypted form.

Question 12:

How do you perform a rolling update in Kubernetes?

A. kubect1 rolling-update

B. kubect1 upgrade –image=*image:v2

C. kubect1 update -c

D. kubect1 rolling-update –image=image

Correct Answer: A

Question 13:

Your Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) administrator has created an

OKE cluster with one node pool in a public subnet. You have been asked to provide a log file from one of

the nodes for troubleshooting purpose.

Which step should you take to obtain the log file?

A. ssh into the node using public key.

B. ssh into the nodes using private key.

C. It is impossible since OKE is a managed Kubernetes service.

D. Use the username open and password to login.

Correct Answer: B

Kubernetes cluster is a group of nodes. The nodes are the machines running applications. Each node can be a physical machine or a virtual machine. The node\’s capacity (its number of CPUs and amount of memory) is defined when the node is created. A cluster comprises: – one or more master nodes (for high availability, typically there will be a number of master nodes) – one or more worker nodes (sometimes known as minions) Connecting to Worker Nodes Using SSH If you provided a public SSH key when creating the node pool in a cluster, the public key is installed on all worker nodes in the cluster. On UNIX and UNIX-like platforms (including Solaris and Linux), you can then connect through SSH to the worker nodes using the ssh utility (an SSH client) to perform administrative tasks. Note the following instructions assume the UNIX machine you use to connect to the worker node: Has the ssh utility installed. Has access to the SSH private key file paired with the SSH public key that was specified when the cluster was created. How to connect to worker nodes using SSH depends on whether you specified public or private subnets for the worker nodes when defining the node pools in the cluster. Connecting to Worker Nodes in Public Subnets Using SSH Before you can connect to a worker node in a public subnet using SSH, you must define an ingress rule in the subnet\’s security list to allow SSH access. The ingress rule must allow access to port 22 on worker nodes from source and any source port To connect to a worker node in a public subnet through SSH from a UNIX machine using the ssh utility: 1- Find out the IP address of the worker node to which you want to connect. You can do this in a number of ways: Using kubectl. If you haven\’t already done so, follow the steps to set up the cluster\’s kubeconfig configuration file and (if necessary) set the KUBECONFIG environment variable to point to the file. Note that you must set up your own kubeconfig file. You cannot access a cluster using a kubeconfig file that a different user set up. See Setting Up Cluster Access. Then in a terminal window, enter kubectl get nodes to see the public IP addresses of worker nodes in node pools in the cluster. Using the Console. In the Console, display the Cluster List page and then select the cluster to which the worker node belongs. On the Node Pools tab, click the name of the node pool to which the worker node belongs. On the Nodes tab, you see the public IP address of every worker node in the node pool. Using the REST API. Use the ListNodePools operation to see the public IP addresses of worker nodes in a node pool. 2- In the terminal window, enter ssh [email protected] to connect to the worker node, where is the IP address of the worker node that you made a note of earlier. For example, you might enter ssh [email protected] Note that if the SSH private key is not stored in the file or in the path that the ssh utility expects (for example, the ssh utility might expect the private key to be stored in ~/.ssh/id_rsa), you must explicitly specify the private key filename and location in one of two ways: Use the -i option to specify the filename and location of the private key. For example, ssh -i ~/.ssh/ my_keys/my_host_key_filename [email protected] Add the private key filename and location to an SSH

configuration file, either the client configuration file (~/.ssh/config) if it exists, or the system-wide client

configuration file (/etc/ssh/ssh_config). For example, you might add the following:

Host IdentityFile ~/.ssh/my_keys/my_host_key_filename

For more about the ssh utility\’s configuration file, enter man ssh_config Note also that permissions on the

private key file must allow you read/write/execute access, but prevent other users from accessing the file.

For example, to set appropriate permissions, you might enter chmod 600 ~/.ssh/my_keys/

my_host_key_filename. If permissions are not set correctly and the private key file is accessible to other

users, the ssh utility will simply ignore the private key file.

Question 14:

Which two “Action Type” options are NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition?

A. Notifications

B. Functions

C. Streaming

D. Email

E. Slack

Correct Answer: DE ACTIONS Event Rules must also specify an action to trigger when the filter finds a matching event. Actions are responses you define for event matches. You set up select Oracle Cloud Infrastructure services that the Events service has established as actions. The resources for these services act as destinations for matching events. When the filter in the rule finds a match, the Events service delivers the matching event to one or more of the destinations you identified in the rule. The destination service that receives the event then processes the event in whatever manner you defined. This delivery provides the automation in your environment. You can only deliver events to certain Oracle Cloud Infrastructure services with a rule. Use the following services to create actions: Notifications Streaming Functions

Question 15:

You are developing a polyglot serverless application using Oracle Functions. Which language cannot be used to write your function code?


B. Python

C. Node.js

D. Java

Correct Answer: A

The serverless and elastic architecture of Oracle Functions means there\’s no infrastructure administration or software administration for you to perform. You don\’t provision or maintain compute instances, and operating system software patches and upgrades are applied automatically. Oracle Functions simply ensures your app is highly-available, scalable, secure, and monitored. With Oracle Functions, you can write code in Java, Python, Node, Go, and Ruby (and for advanced use cases, bring your own Dockerfile, and Graal VM). You can then deploy your code, call it directly or trigger it in response to events, and get billed only for the resources consumed during the execution.

Visit our site to get more 1z0-1084-21 Q and As: (72 QAs Dumps)