[2023年04月]更新の1z0-1084-22認定実際の問題を提供します
更新されたのは1z0-1084-22問題集PDFで1z0-1084-22リアル有効なブレーン問題集には75問があります!
Oracle 1z0-1084-22 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
質問 19
Which is NOT a supported SDK on Oracle Cloud Infrastructure (OCI)?
- A. Go SDK
- B. Python SDK
- C. Ruby SDK
- D. Java SDK
- E. .NET SDK
正解: E
解説:
https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/sdks.htm
質問 20
Your Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) administrator has created an OKE cluster with one node pool in a public subnet. You have been asked to provide a log file from one of the nodes for troubleshooting purpose.
Which step should you take to obtain the log file?
- A. It is impossible since OKE is a managed Kubernetes service.
- B. ssh into the nodes using private key.
- C. ssh into the node using public key.
- D. Use the username open and password to login.
正解: B
解説:
Kubernetes cluster is a group of nodes. The nodes are the machines running applications. Each node can be a physical machine or a virtual machine. The node's capacity (its number of CPUs and amount of memory) is defined when the node is created. A cluster comprises:
- one or more master nodes (for high availability, typically there will be a number of master nodes)
- one or more worker nodes (sometimes known as minions)
Connecting to Worker Nodes Using SSH
If you provided a public SSH key when creating the node pool in a cluster, the public key is installed on all worker nodes in the cluster. On UNIX and UNIX-like platforms (including Solaris and Linux), you can then connect through SSH to the worker nodes using the ssh utility (an SSH client) to perform administrative tasks.
Note the following instructions assume the UNIX machine you use to connect to the worker node:
Has the ssh utility installed.
Has access to the SSH private key file paired with the SSH public key that was specified when the cluster was created.
How to connect to worker nodes using SSH depends on whether you specified public or private subnets for the worker nodes when defining the node pools in the cluster.
Connecting to Worker Nodes in Public Subnets Using SSH
Before you can connect to a worker node in a public subnet using SSH, you must define an ingress rule in the subnet's security list to allow SSH access. The ingress rule must allow access to port 22 on worker nodes from source 0.0.0.0/0 and any source port To connect to a worker node in a public subnet through SSH from a UNIX machine using the ssh utility:
1- Find out the IP address of the worker node to which you want to connect. You can do this in a number of ways:
Using kubectl. If you haven't already done so, follow the steps to set up the cluster's kubeconfig configuration file and (if necessary) set the KUBECONFIG environment variable to point to the file. Note that you must set up your own kubeconfig file. You cannot access a cluster using a kubeconfig file that a different user set up. See Setting Up Cluster Access. Then in a terminal window, enter kubectl get nodes to see the public IP addresses of worker nodes in node pools in the cluster.
Using the Console. In the Console, display the Cluster List page and then select the cluster to which the worker node belongs. On the Node Pools tab, click the name of the node pool to which the worker node belongs. On the Nodes tab, you see the public IP address of every worker node in the node pool.
Using the REST API. Use the ListNodePools operation to see the public IP addresses of worker nodes in a node pool.
2- In the terminal window, enter ssh opc@<node_ip_address> to connect to the worker node, where <node_ip_address> is the IP address of the worker node that you made a note of earlier. For example, you might enter ssh [email protected].
Note that if the SSH private key is not stored in the file or in the path that the ssh utility expects (for example, the ssh utility might expect the private key to be stored in ~/.ssh/id_rsa), you must explicitly specify the private key filename and location in one of two ways:
Use the -i option to specify the filename and location of the private key. For example, ssh -i ~/.ssh/my_keys/my_host_key_filename [email protected] Add the private key filename and location to an SSH configuration file, either the client configuration file (~/.ssh/config) if it exists, or the system-wide client configuration file (/etc/ssh/ssh_config). For example, you might add the following:
Host 192.0.2.254 IdentityFile ~/.ssh/my_keys/my_host_key_filename
For more about the ssh utility's configuration file, enter man ssh_config Note also that permissions on the private key file must allow you read/write/execute access, but prevent other users from accessing the file. For example, to set appropriate permissions, you might enter chmod 600 ~/.ssh/my_keys/my_host_key_filename. If permissions are not set correctly and the private key file is accessible to other users, the ssh utility will simply ignore the private key file.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengconnectingworkernodesusingssh.htm
質問 21
You have created a repository in Oracle Cloud Infrastructure Registry in the us-ashburn-1 (iad) region in your tenancy with a namespace called "heyci.
Which three are valid tags for an image named "myapp"?
- A. us-ashburn-l.ocir.io/heyoci/myproject/myapp:0.0.2-beta
- B. us-ashburn-l.ocirJo/heyoci/myapp:0.0.2-beta
- C. iad.ocir.io/heyoci/myapp:latest
- D. iad.ocir.io/myproject/heyoci/myapprlatest
- E. us-ashburn-l.ocir.io/myproject/heyoci/myapp:latest
- F. iad.ocir.io/heyoci/myproject/myapp:0.0.1
- G. iad.ocir.io/heyoci/myapp:0.0.2-beta
正解: C,F,G
解説:
Give a tag to the image that you're going to push to Oracle Cloud Infrastructure Registry by entering:
docker tag <image-identifier> <target-tag>
where:
<image-identifier> uniquely identifies the image, either using the image's id (for example, 8e0506e14874), or the image's name and tag separated by a colon (for example, acme-web-app:latest).
<target-tag> is in the format <region-key>.ocir.io/<tenancy-namespace>/<repo-name>/<image-name>:<tag> where:
<region-key> is the key for the Oracle Cloud Infrastructure Registry region you're using. For example, iad. See Availability by Region.
ocir.io is the Oracle Cloud Infrastructure Registry name.
<tenancy-namespace> is the auto-generated Object Storage namespace string of the tenancy that owns the repository to which you want to push the image (as shown on the Tenancy Information page). For example, the namespace of the acme-dev tenancy might be ansh81vru1zp. Note that for some older tenancies, the namespace string might be the same as the tenancy name in all lower-case letters (for example, acme-dev). Note also that your user must have access to the tenancy.
<repo-name> (if specified) is the name of a repository to which you want to push the image (for example, project01). Note that specifying a repository is optional (see About Repositories).
<image-name> is the name you want to give the image in Oracle Cloud Infrastructure Registry (for example, acme-web-app).
<tag> is an image tag you want to give the image in Oracle Cloud Infrastructure Registry (for example, version2.0.test).
For example, for convenience you might want to group together multiple versions of the acme-web-app image in the acme-dev tenancy in the Ashburn region into a repository called project01. You do this by including the name of the repository in the image name when you push the image, in the format <region-key>.ocir.io/<tenancy-namespace>/<repo-name>/<image-name>:<tag>. For example, iad.ocir.io/ansh81vru1zp/project01/acme-web-app:4.6.3. Subsequently, when you use the docker push command, the presence of the repository in the image's name ensures the image is pushed to the intended repository.
If you push an image and include the name of a repository that doesn't already exist, a new private repository is created automatically. For example, if you enter a command like docker push iad.ocir.io/ansh81vru1zp/project02/acme-web-app:7.5.2 and the project02 repository doesn't exist, a private repository called project02 is created automatically.
If you push an image and don't include a repository name, the image's name is used as the name of the repository. For example, if you enter a command like docker push iad.ocir.io/ansh81vru1zp/acme-web-app:7.5.2 that doesn't contain a repository name, the image's name (acme-web-app) is used as the name of a private repository.
https://docs.cloud.oracle.com/en-us/iaas/Content/Registry/Concepts/registrywhatisarepository.htm
質問 22
You have two microservices, A and B running in production. Service A relies on APIs from service B.
You want to test changes to service A without deploying all of its dependencies, which includes service B.
Which approach should you take to test service A?
- A. There is no need to explicitly test APIs.
- B. Test against production APIs.
- C. Test using API mocks.
- D. Test the APIs in private environments.
正解: C
解説:
Best Practices: API Mocking:
This is where mocking comes in: instead of developing code with actual external dependencies in place, a mock of those dependencies is created and used instead. Depending on your development needs this mock is made "intelligent" enough to allow you to make the calls you need and get similar results back as you would from the actual component, thus enabling development to move forward without being hindered by eventual unavailability of external systems you depend on The most common term for creating simulated components is mocking, but others are also used, and partly apply to different things; stubbing, simulation, and virtualization. The basic concept is the same - instead of using an actual software component (an API in our case) - a "replacement" version of that API is created and used instead. It behaves as the original API, but lacks many of the functional and non-functional characteristics of the original component. Which term is applicable depends on the degree to which the mock-up corresponds to the actual API:
Stubbing: mostly a placeholder without real functionality
Mocking: basic functionality required for a specific testing or development purpose Simulation: complete functionality for testing or development purposes Virtualization: imulation that is deployed into an operational, manageable and controllable environment
References:
https://docs.oracle.com/en/solutions/build-governance-app-oracle-paas/test-custom-apis.html
https://www.soapui.org/learn/mocking/what-is-api-mocking/
質問 23
Which pattern can help you minimize the probability of cascading failures in your system during partial loss of connectivity or a complete service failure?
- A. Retry pattern
- B. Anti-corruption layer pattern
- C. Circuit breaker pattern
- D. Compensating transaction pattern
正解: C
解説:
A cascading failure is a failure that grows over time as a result of positive feedback. It can occur when a portion of an overall system fails, increasing the probability that other portions of the system fail.
the circuit breaker pattern prevents the service from performing an operation that is likely to fail. For example, a client service can use a circuit breaker to prevent further remote calls over the network when a downstream service is not functioning properly. This can also prevent the network from becoming congested by a sudden spike in failed retries by one service to another, and it can also prevent cascading failures. Self-healing circuit breakers check the downstream service at regular intervals and reset the circuit breaker when the downstream service starts functioning properly.
https://blogs.oracle.com/developers/getting-started-with-microservices-part-three
質問 24
Which two "Action Type" options are NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition?
- A. Functions
- B. Email
- C. Slack
- D. Notifications
- E. Streaming
正解: B,C
解説:
Overview of Events
Oracle Cloud Infrastructure Events enables you to create automation based on the state changes of resources throughout your tenancy. Use Events to allow your development teams to automatically respond when a resource changes its state.
Event Rules must also specify an action to trigger when the filter finds a matching event. Actions are responses you define for event matches. You set up select Oracle Cloud Infrastructure services that the Events service has established as actions. The resources for these services act as destinations for matching events. When the filter in the rule finds a match, the Events service delivers the matching event to one or more of the destinations you identified in the rule. The destination service that receives the event then processes the event in whatever manner you defined. This delivery provides the automation in your environment.
You can only deliver events to certain Oracle Cloud Infrastructure services with a rule. Use the following services to create actions:
Notifications
Streaming
Functions
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/Events/Concepts/eventsoverview.htm
質問 25
You are developing a serverless application with Oracle Functions and Oracle Cloud Infrastructure Object Storage- Your function needs to read a JSON file object from an Object Storage bucket named "input-bucket" in compartment "qa-compartment". Your corporate security standards mandate the use of Resource Principals for this use case.
Which two statements are needed to implement this use case?
- A. Set up a policy with the following statement to grant read access to the bucket:
allow dynamic-group read-file-dg to read objects in compartment qa-compartment where target .bucket .name=' input-bucket * - B. Set up a policy to grant your user account read access to the bucket:
allow user XYZ to read objects in compartment qa-compartment where target .bucket, name-'input-bucket' - C. No policies are needed. By default, every function has read access to Object Storage buckets in the tenancy
- D. Set up the following dynamic group for your function's OCID: Name: read-file-dg Rule: resource . id = ' ocid1. f nf unc. ocl -phx. aaaaaaaakeaobctakezj z5i4uj j 7g25q7sx5mvr55pms6f 4da !
- E. Set up a policy to grant all functions read access to the bucket:
allow all functions in compartment qa-compartment to read objects in target.bucket.name='input-bucket'
正解: A,D
解説:
When a function you've deployed to Oracle Functions is running, it can access other Oracle Cloud Infrastructure resources. For example:
- You might want a function to get a list of VCNs from the Networking service.
- You might want a function to read data from an Object Storage bucket, perform some operation on the data, and then write the modified data back to the Object Storage bucket.
To enable a function to access another Oracle Cloud Infrastructure resource, you have to include the function in a dynamic group, and then create a policy to grant the dynamic group access to that resource.
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionsaccessingociresources.htm
質問 26
You are developing a polyglot serverless application using Oracle Functions. Which language cannot be used to write your function code?
- A. PL/SQL
- B. Python
- C. Java
- D. Node.js
正解: A
解説:
Overview of Functions:
The serverless and elastic architecture of Oracle Functions means there's no infrastructure administration or software administration for you to perform. You don't provision or maintain compute instances, and operating system software patches and upgrades are applied automatically. Oracle Functions simply ensures your app is highly-available, scalable, secure, and monitored. With Oracle Functions, you can write code in Java, Python, Node, Go, and Ruby (and for advanced use cases, bring your own Dockerfile, and Graal VM). You can then deploy your code, call it directly or trigger it in response to events, and get billed only for the resources consumed during the execution.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Concepts/functionsoverview.htm
質問 27
Which two statements accurately describe Oracle SQL Developer Web on Oracle Cloud Infrastructure (OCI) Autonomous Database?
- A. It is available for databases with both dedicated and shared Exadata infrastructure.
- B. It provides a development environment and a data modeler interface for OCI Autonomous Databases.
- C. It is available for databases with dedicated Exadata infrastructure only.
- D. It must be enabled via OCI Identity and Access Management policy to get access to the Autonomous Databases instances.
- E. After provisioning into an OCI compute Instance, it can automatically connect to the OCI Autonomous Databases instances.
正解: B,C
解説:
Oracle SQL Developer Web
Oracle SQL Developer Web in Autonomous Data Warehouse provides a development environment and a data modeler interface for Autonomous Databases. SQL Developer Web is available for databases with both dedicated Exadata infrastructure and shared Exadata infrastructure.
https://docs.cloud.oracle.com/en-us/iaas/Content/Database/Tasks/adbtools.htm
質問 28
You are developing a serverless application with Oracle Functions. You have created a function in compartment named prod. When you try to invoke your function you get the following error.
Error invoking function. status: 502 message: dhcp options ocid1.dhcpoptions.oc1.phx.aaaaaaaac... does not exist or Oracle Functions is not authorized to use it How can you resolve this error?
- A. Create a policy:
Allow service FaaS to use virtual-network-family in compartment prod - B. Deleting the function and redeploying it will fix the problem
- C. Create a policy:
Allow any-user to manage function-family and virtual-network-family in compartment prod - D. Create a policy:
Allow function-family to use virtual-network-family in compartment prod
正解: A
解説:
Troubleshooting Oracle Functions:
There are common issues related to Oracle Functions and how you can address them.
Invoking a function returns a FunctionInvokeSubnetNotAvailable message and a 502 error (due to a DHCP Options issue) When you invoke a function that you've deployed to Oracle Functions, you might see the following error message:
{"code":"FunctionInvokeSubnetNotAvailable","message":"dhcp options ocid1.dhcpoptions........ does not exist or Oracle Functions is not authorized to use it"} Fn: Error invoking function. status: 502 message: dhcp options ocid1.dhcpoptions........ does not exist or Oracle Functions is not authorized to use it If you see this error:
Double-check that a policy has been created to give Oracle Functions access to network resources.
Create Policies to Control Access to Network and Function-Related Resources:
Service Access to Network Resources
When Oracle Functions users create a function or application, they have to specify a VCN and a subnet in which to create them. To enable the Oracle Functions service to create the function or application in the specified VCN and subnet, you must create an identity policy to grant the Oracle Functions service access to the compartment to which the network resources belong.
To create a policy to give the Oracle Functions service access to network resources:
Log in to the Console as a tenancy administrator.
Create a new policy in the root compartment:
Open the navigation menu. Under Governance and Administration, go to Identity and click Policies.
Follow the instructions in To create a policy, and give the policy a name (for example, functions-service-network-access).
Specify a policy statement to give the Oracle Functions service access to the network resources in the compartment:
Allow service FaaS to use virtual-network-family in compartment <compartment-name> For example:
Allow service FaaS to use virtual-network-family in compartment acme-network Click Create.
Double-check that the set of DHCP Options in the VCN specified for the application still exists.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionstroubleshooting.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionscreatingpolicies.htm
質問 29
Per CAP theorem, in which scenario do you NOT need to make any trade-off between the guarantees?
- A. when the system is running on-premise
- B. when there are no network partitions
- C. when you are using load balancers
- D. when the system is running in the cloud
正解: B
解説:
(1) CAP THEOREM
"CONSISTENCY, AVAILABILITY and PARTITION TOLERANCE are the features that we want in our distributed system together" Of three properties of shared-data systems (Consistency, Availability and tolerance to network Partitions) only two can be achieved at any given moment in time.
(2) In a distributed system, you can have both Consistency and Availability, except when there is a Partition:
Relaxing the consistency requirements usually makes it easier to maintain availability, but the CAP theorem is not an excuse to give up strong consistency across the board. A well-designed system can balance both availability and consistency while tolerating partitions over a range of tradeoffs, where eventual consistency is just one possibility.
References:
https://blogs.oracle.com/maa/the-cap-theorem:-consistency-and-availability-except-when-partitioned
質問 30
What is the communication method between different Cloud native applications services?
- A. Basic and asynchronous
- B. Basic and synchronous
- C. Complex and synchronous
- D. Complex and asynchronous
正解: A
解説:
What Is Cloud Native?
Cloud native technologies are characterized by the use of containers, microservices, serverless functions, development pipelines, infrastructure expressed as code, event-driven applications, and Application Programming Interfaces (APIs). Cloud native enables faster software development and the ability to build applications that are resilient, manageable, observable, and dynamically scalable to global enterprise levels.
When constructing a cloud-native application, you'll want to be sensitive to how back-end services communicate with each other. Ideally, the less inter-service communication, the better. However, avoidance isn't always possible as back-end services often rely on one another to complete an operation.
While direct HTTP calls between microservices are relatively simple to implement, care should be taken to minimize this practice. To start, these calls are always synchronous and will block the operation until a result is returned or the request times outs. What were once self-contained, independent services, able to evolve independently and deploy frequently, now become coupled to each other. As coupling among microservices increase, their architectural benefits diminish.
Executing an infrequent request that makes a single direct HTTP call to another microservice might be acceptable for some systems. However, high-volume calls that invoke direct HTTP calls to multiple microservices aren't advisable. They can increase latency and negatively impact the performance, scalability, and availability of your system. Even worse, a long series of direct HTTP communication can lead to deep and complex chains of synchronous microservices calls, shown in Figure 4-9:
A message queue is an intermediary construct through which a producer and consumer pass a message. Queues implement an asynchronous, point-to-point messaging pattern.
Events
Message queuing is an effective way to implement communication where a producer can asynchronously send a consumer a message.
References:
https://www.xenonstack.com/blog/cloud-native-architecture/
https://www.oracle.com/sa/cloud/cloud-native/
https://www.oracle.com/technetwork/topics/entarch/cloud-native-app-development-wp-3664668.pdf
質問 31
Which testing approaches is a must for achieving high velocity of deployments and release of cloud-native applications?
- A. Penetration testing
- B. A/B testing
- C. Automated testing
- D. Integration testing
正解: C
解説:
Oracle Cloud Infrastructure provides a number of DevOps tools and plug-ins for working with Oracle Cloud Infrastructure services. These can simplify provisioning and managing infrastructure or enable automated testing and continuous delivery.
A/B Testing
While A/B testing can be combined with either canary or blue-green deployments, it is a very different thing. A/B testing really targets testing the usage behavior of a service or feature and is typically used to validate a hypothesis or to measure two versions of a service or feature and how they stack up against each other in terms of performance, discoverability and usability. A/B testing often leverages feature flags (feature toggles), which allow you to dynamically turn features on and off.
Integration Testing
Integration tests are also known as end-to-end (e2e) tests. These are long-running tests that exercise the system in the way it is intended to be used in production. These are the most valuable tests in demonstrating reliability and thus increasing confidence.
Penetration Testing
Oracle regularly performs penetration and vulnerability testing and security assessments against the Oracle cloud infrastructure, platforms, and applications. These tests are intended to validate and improve the overall security of Oracle Cloud Services.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/devopstools.htm
質問 32
What is the minimum amount of storage that a persistent volume claim can obtain In Oracle Cloud Infrastructure Container Engine for Kubemetes (OKE)?
- A. 10 GB
- B. 50 GB
- C. 1 GB
- D. 1 TB
正解: B
解説:
Provisioning Persistent Volume Claims on the Block Volume Service:
Block volume quota: If you intend to create Kubernetes persistent volumes, sufficient block volume quota must be available in each availability domain to meet the persistent volume claim. Persistent volume claims must request a minimum of 50 gigabytes.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengcreatingpersistentvolumeclaim.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengprerequisites.htm
質問 33
Which is NOT a supported SDk Oracle Cloud Infrastructure (OCI)?
- A. Go SDK
- B. Python SDK
- C. NET SDK
- D. Ruby SDK
- E. Java SDK
正解: C
解説:
https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/sdks.htm
Software Development Kits (SDKs) Build and deploy apps that integrate with Oracle Cloud Infrastructure services. Each SDK provides the tools you need to develop an app, including code samples and documentation to create, test, and troubleshoot. In addition, if you want to contribute to the development of the SDKs, they are all open source and available on GitHub.
SDK for Java
Python SDK
Ruby SDK
Go SDK
https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
質問 34
......
あなたをお手軽に1z0-1084-22試験合格させるし100%試験合格保証:https://www.goshiken.com/Oracle/1z0-1084-22-mondaishu.html