Which two use Oracle dynamic routing gateway (DRG) for connectivity? (Choose two.)
Correct Answer: A,B
Explanation References: https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Concepts/fastconnectoverview.htm You use a DRG when connecting your existing on-premises network to your virtual cloud network (VCN) with one (or both) of these: IPSec VPN Oracle Cloud Infrastructure FastConnect You also use a DRG when peering a VCN with a VCN in a different region: Remote VCN Peering (Across Regions)
1Z0-1072-20 Exam Question 17
As a solution architect, you are showcasing the Oracle Cloud Infrastructure (OCI) Object Storage feature about Object Versioning to a customer. Which statement is true in regards to OCI Object Storage Versioning?
You have created a new compartment called Production to host some production apps. You have also created users in your tenancy and added them to a Group called "production group". Your users are still unable to access the Production compartment. How can you resolve this situation?
Correct Answer: D
Explanation When creating a compartment, you must provide a name for it (maximum 100 characters, including letters, numbers, periods, hyphens, and underscores) that is unique within its parent compartment. You must also provide a description, which is a non-unique, changeable description for the compartment, from 1 through 400 characters. After creating a compartment, you need to write at least one policy for it, otherwise no one can access it (except administrators or users who have permissions set at the tenancy level). When creating a compartment inside another compartment, the compartment inherits access permissions from compartments higher up its hierarchy. When you create an access policy, you need to specify which compartment to attach it to. This controls who can later modify or delete the policy. Depending on how you've designed your compartment hierarchy, you might attach it to the tenancy, a parent, or to the specific compartment itself.
1Z0-1072-20 Exam Question 19
You are designing a two-tier web application in Oracle Cloud Infrastructure (OCI). Your clients want to access the web servers from anywhere, but want to prevent access to the database servers from the Internet. Which is the recommended way to design the network architecture?
Correct Answer: C
When you create a subnet, by default it's considered public, which means instances in that subnet are allowed to have public IP addresses. Whoever launches the instance chooses whether it will have a public IP address. You can override that behavior when creating the subnet and request that it be private, which means instances launched in the subnet are prohibited from having public IP addresses. Network administrators can therefore ensure that instances in the subnet have no internet access, even if the VCN has a working internet gateway, and security rules and firewall rules allow the traffic. There are two optional gateways (virtual routers) that you can add to your VCN depending on the type of internet access you need: Internet gateway: For resources with public IP addresses that need to be reached from the internet (example: a web server) or need to initiate connections to the internet. NAT gateway: For resources without public IP addresses that need to initiate connections to the internet (example: for software updates) but need to be protected from inbound connections from the internet. Just having an internet gateway alone does not expose the instances in the VCN's subnets directly to the internet. The following requirements must also be met: The internet gateway must be enabled (by default, the internet gateway is enabled upon creation). The subnet must be public. The subnet must have a route rule that directs traffic to the internet gateway. The subnet must have security list rules that allow the traffic (and each instance's firewall must allow the traffic). The instance must have a public IP address.
1Z0-1072-20 Exam Question 20
You are designing a networking infrastructure in multiple Oracle Cloud Infrastructure regions and require connectivity between workloads in each region. You have created a dynamic routing gateway (DRG) and a remote peering connection. However, your workloads are unable to communicate with each other. What are two reasons for this? (Choose two.)
