Oracle
1Z0-1115-23
Oracle Cloud Infrastructure 2023 Multicloud Architect
Associate
QUESTION & ANSWERS
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
QUESTION 1
What encryption protocol is used to secure data transmission in an OCI Site-to-Site VPN connection?
A.
B.
C.
D.
Transport Layer Security (TLS)
Secure Sockets Layer (SSL)
Datagram Transport Layer Security (DTLS)
Internet Protocol Security (IPSec)
Correct Answer: D
QUESTION 2
How does Oracle Database Service for Azure enable bidirectional communication between
applications in the Azure tenancy and database resources in OracleDB for Azure?
A.
B.
C.
D.
By granting the Oracle Database Service enterprise application specific roles in Azure
By configuring DNS on both sides of the Interconnect
By creating a custom Azure dashboard for each database
By federating the Azure tenant’s Azure Active Directory (AAD) with an OCI identity domain
Correct Answer: B
QUESTION 3
You have a database deployed in Oracle Cloud Infrastructure (OCI) using the Oracle Database
Management Service (DBaaS). You have noticed that under high load, the database is experiencing
latency issues. Which OCI service should you use to improve the performance of the database?
A.
B.
C.
D.
Oracle VM Virtual Box
Oracle Cloud Infrastructure Load Balancer
Oracle Data Transfer Service
Oracle Cloud Infrastructure Networking
Correct Answer: B
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
Explanation/Reference:
Option 1: Incorrect. Oracle VM Virtual Box is a desktop virtualization product that allows you to run
multiple operating systems on a single computer, it is not a service designed to improve database
performance in the cloud. Option 2: Correct. The OCI Load Balancer can distribute incoming traffic
across multiple backend servers and improve the performance and availability of applications. By
using the Load Balancer with a backend pool comprised of multiple database servers, you can offload
traffic and reduce the load on individual database servers, ultimately improving the performance and
reducing latency. Option 3: Incorrect. Oracle Data Transfer Service is a different service entirely and is
not useful in this scenario as it is designed to move large amounts of data into and out of OCI. Option
4: Incorrect. While Networking is a critical component of any cloud deployment, it is not a service
designed to improve database performance.
QUESTION 4
You are designing a storage solution for a company that has a large amount of unstructured data that
needs to be processed and analyzed in real-time. The data is critical to the company's operations and
any downtime would have a significant impact on their business. Which OCI storage service would be
the most appropriate choice for this scenario?
A.
B.
C.
D.
Oracle Archive Storage
Oracle Object Storage
Oracle Block Volume
Oracle File Storage
Correct Answer: B
Explanation/Reference:
Option 1: Incorrect. Oracle Archive Storage is a cost-effective, durable, and scalable storage solution
for storing large amounts of data for long-term retention. It is not suitable for real-time processing
and analysis of unstructured data. Option 2: Correct. Oracle Object Storage is the most appropriate
choice for this scenario. It provides a durable, scalable, and highly available storage solution for
unstructured data. It supports real-time processing and analysis and offers high durability and
availability. Option 3: Incorrect. Oracle Block Volume is a high-performance block storage solution
designed for applications that require low-latency and high transactional performance. It is not
optimized for storing and analyzing large amounts of unstructured data in real-time. Option 4:
Incorrect. Oracle File Storage provides a fully managed, scalable file storage service for applications
that require shared file system access. While it can support real-time processing and analysis of
unstructured data, it is not the most appropriate choice for this scenario as Oracle Object Storage is
specifically designed for storing and analyzing unstructured data.
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
QUESTION 5
Which storage service offered by Oracle Cloud Infrastructure (OCI) is best suited for storing and
retrieving large amounts of unstructured data such as images, videos, and log files?
A.
B.
C.
D.
Oracle Cloud Infrastructure Block Volume Service
Oracle Cloud Infrastructure File Storage Service
Oracle Cloud Infrastructure Archive Storage Service
Oracle Cloud Infrastructure Object Storage Service
Correct Answer: D
Explanation/Reference:
Option 1: Incorrect. The Oracle Cloud Infrastructure Block Volume Service provides durable and
persistent block-level storage volumes that can be attached to compute instances, but it is not
specifically designed for storing large amounts of unstructured data such as images, videos, and log
files. Option 2: Incorrect. The Oracle Cloud Infrastructure File Storage Service offers durable and
scalable file storage for workloads that require shared file systems, but it is not specifically designed
for storing large amounts of unstructured data such as images, videos, and log files. Option 3:
Incorrect. The Oracle Cloud Infrastructure Archive Storage Service is designed for long-term archival
storage that is infrequently accessed. It is not suited for frequent retrieval of large amounts of
unstructured data such as images, videos, and log files. Option 4: Correct. The Oracle Cloud
Infrastructure Object Storage Service is an ideal choice for storing and retrieving large amounts of
unstructured data such as images, videos, and log files. It provides highly durable and scalable object
storage with RESTful APIs.
QUESTION 6
What is the purpose of using Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM)
policies in a cross-cloud connection between Microsoft Azure and OCI?
A.
B.
C.
D.
To control the location of the cross-cloud connection
To control the type of traffic allowed between the Azure VNet and the OCI VCN
To control who can manage OCI route tables, network security groups, and security lists
To control the bandwidth of the connection between the Azure VNet and the OCI VCN
Correct Answer: C
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
QUESTION 7
What is the best migration strategy to move a VMware workload to Oracle Cloud Infrastructure (OCI)?
A.
B.
C.
D.
Lift and shift the VMware workload using Oracle VM
Re-architect the application using Oracle Cloud Native services
Re-host the VMware workload as-is to OCI Compute instances
Re-purchase the VMware licenses and use VMware Cloud on OCI
Correct Answer: B
Explanation/Reference:
Option 1: Incorrect: While lift and shift using Oracle VM is a possible migration strategy, it is not
considered the best option for moving a VMware workload to OCI. Option 2: Correct: Re-hosting the
VMware workload as-is to OCI Compute instances is the best migration strategy for moving a VMware
workload to OCI. This minimizes changes to the application and infrastructure, allowing for a relatively
quick and straightforward migration process. Option 3: Incorrect: Re-architecting the application using
Oracle Cloud Native services would involve significant changes to the application code and
architecture, making it a more complex migration strategy. Option 4: Incorrect: Re-purchasing
VMware licenses and using VMware Cloud on OCI is an option, but it may not be the best strategy if
the goal is to minimize costs and simplify the migration process.
QUESTION 8
You are designing a multi-tier web application architecture on Oracle Cloud Infrastructure (OCI). The
architecture consists of a load balancer, multiple compute instances, and a database. The compute
instances need to access the database securely. Which option should you choose to meet this
requirement?
A. Create a service gateway to enable private access to the database
B. Use security list rules to allow inbound traffic from the compute instances to the database port
C. Use network security groups to allow inbound traffic from the compute instances to the database
port
D. Create a NAT gateway and configure outbound rules for the compute instances to access the
database
Correct Answer: C
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
Explanation/Reference:
Option 1: Incorrect. A service gateway allows private access to specific Oracle services and does not
apply to non-Oracle services like a custom database running on compute instances. Option 2:
Incorrect. Security list rules control inbound and outbound traffic for instances. In this scenario, the
compute instances need to securely access the database, so outbound rules on the security list would
not address this requirement. Option 3: Correct. Network security groups (NSGs) allow you to define
ingress and egress traffic rules specific to a specific VCN. By creating a security rule that allows traffic
from the compute instances to the database port, you can securely access the database from the
compute instances. Option 4: Incorrect. A NAT gateway allows instances without public IP addresses
to access the internet, but it does not provide secure access to a specific database.
QUESTION 9
Which of the following is a best practice for securing data against unauthorized access in Oracle Cloud
Infrastructure?
A.
B.
C.
D.
Store sensitive data in plain text files.
Use strong and complex passwords for all user accounts.
Share access keys and certificates with multiple users.
Disable encryption for data in transit.
Correct Answer: B
Explanation/Reference:
Option 1: Incorrect. Storing sensitive data in plain text files is not a best practice for securing data.
Sensitive data should always be encrypted to protect against unauthorized access. Option 2: Correct.
Using strong and complex passwords for all user accounts is a best practice for securing data. Strong
passwords help to prevent unauthorized access to systems and sensitive data. Option 3: Incorrect.
Sharing access keys and certificates with multiple users is not a best practice for securing data. Each
user should have their own unique access keys and certificates to ensure accountability and prevent
unauthorized access. Option 4: Incorrect. Disabling encryption for data in transit is not a best practice
for securing data. Encryption should be enabled to protect data while it is being transferred between
systems.
QUESTION 10
What is the recommended way to secure data in transit between a Virtual Private Network (VPN)
endpoint and Oracle Cloud Infrastructure (OCI)?
A.
B.
C.
D.
Use SSL or TLS protocols for encrypting network traffic.
Use only the IPSec protocol for encrypting network traffic.
Configure an access control list (ACL) on the VPN endpoint to allow only encrypted traffic.
Rely on the security of the VPN tunnel itself and do not use additional encryption for network
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
traffic.
Correct Answer: A
Explanation/Reference:
Option 1: This is the correct answer. SSL (Secure Sockets Layer) and TLS (Transport Layer Security)
protocols are recommended for secure data transfer between a VPN endpoint and OCI. These
protocols encrypt network traffic between client and server to protect sensitive data from
eavesdropping and tampering. Option 2: This is an incorrect answer. Though IPSec is used to encrypt
network traffic between a VPN endpoint and OCI, it is not recommended as the only encryption
protocol. SSL and TLS should also be used for extra layers of protection. Option 3: This is an incorrect
answer. While an access control list (ACL) can restrict network traffic to only encrypted traffic, it does
not provide encryption itself. SSL or TLS should be used in addition to ACLs. Option 4: This is an
incorrect answer. Although VPN tunnels provide a secure connection, it does not guarantee the
security of the data being transmitted. Additional encryption protocols such as SSL or TLS are
necessary to protect data in transit.
QUESTION 11
Which OCI Storage Service provides a durable, persistent block storage that can be attached to
multiple instances?
A.
B.
C.
D.
Oracle Cloud Infrastructure Block Volumes
Oracle Cloud Infrastructure File Storage
Oracle Cloud Infrastructure Object Storage
Oracle Cloud Infrastructure Archive Storage
Correct Answer: A
Explanation/Reference:
Option 1: Correct. Oracle Cloud Infrastructure Block Volumes provides durable, persistent block
storage that can be attached to multiple instances. Option 2: Incorrect. Oracle Cloud Infrastructure
File Storage provides a fully managed, network-attached storage service that can be accessed
concurrently from multiple instances. Option 3: Incorrect. Oracle Cloud Infrastructure Object Storage
provides scalable, durable, and reliable object storage for unstructured data. Option 4: Incorrect.
Oracle Cloud Infrastructure Archive Storage provides long-term, cost-effective data storage for
infrequently accessed data.
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
QUESTION 12
Which service provides secure and private connectivity between Virtual Cloud Networks (VCNs) in
Oracle Cloud Infrastructure (OCI) and networks on the customer on-premises infrastructure or other
public clouds?
A.
B.
C.
D.
FastConnect
Virtual Cloud Network (VCN) Peering
Internet Gateway (IGW)
Local Peering Gateway (LPG)
Correct Answer: A
Explanation/Reference:
Option 1: Correct: Virtual Cloud Network (VCN) Peering allows secure and private connectivity
between VCNs in OCI. It does not require gateways or internet access. It is the recommended option
for connecting VCNs within the same region or between regions within the same country. Option 2:
Incorrect: FastConnect provides secure and private connectivity between customer on-premises
infrastructure or other public clouds and VCNs in OCI, but it does not provide connectivity between
VCNs in OCI. Option 3: Incorrect: Internet Gateway (IGW) provides access to the internet from VCNs in
OCI, but it does not provide connectivity between VCNs. Option 4: Incorrect: Local Peering Gateway
(LPG) enables VCNs in the same region to communicate with each other, but it does not provide
connectivity between VCNs in different regions or with on-premises infrastructure or other public
clouds.
QUESTION 13
A company wants to seamlessly build a private interconnection between their OCI and Microsoft Azure
environments with consistent performance and low latency. They want to enable their cloud
engineers to set up Single Sign-On (SSO) between Microsoft Azure and OCI for their Oracle
applications, such as PeopleSoft, JD Edwards EnterpriseOne, and E-Business Suite.
Which technology integration can the company use to achieve this goal?
A.
B.
C.
D.
Oracle FastConnect and Azure ExpressRoute
Cloud Interconnect and Virtual WAN
Direct Connect and Azure VPN Gateway
OCI Site-to-Site VPN and Azure Site-to-Site VPN
Correct Answer: A
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
QUESTION 14
Which of the following is a feature of Oracle Autonomous Database?
A.
B.
C.
D.
Automatic patching and upgrades
Manual backup and recovery
Requires manual tuning and optimization
Limited scalability
Correct Answer: A
Explanation/Reference:
Option 1: Correct: Oracle Autonomous Database provides automatic patching and upgrades,
eliminating the need for manual intervention and reducing downtime. Option 2: Incorrect: Oracle
Autonomous Database does not require manual backup and recovery, as it automatically handles
backups and provides point-in-time recovery. Option 3: Incorrect: Oracle Autonomous Database is
designed to automatically tune and optimize performance, relieving users from manual tuning tasks.
Option 4: Incorrect: Oracle Autonomous Database offers unlimited scalability, allowing users to
seamlessly scale up or down as per their requirements.
QUESTION 15
Which of the following options is a best practice for securing a multi-region application architecture in
Oracle Cloud Infrastructure?
A. Implement security groups in each region and allow traffic only from the subnet in the same
region.
B. Use the built-in security features of the underlying cloud provider without any additional security
configurations.
C. Store sensitive data in plain text format and rely on network-level encryption provided by the
cloud provider.
D. Implement a shared virtual cloud network (VCN) across multiple regions and leverage private IP
addresses for communication.
Correct Answer: D
Explanation/Reference:
Option 1: Incorrect. While implementing security groups in each region and allowing traffic only from
the subnet in the same region is a good practice, it is not sufficient for securing a multi-region
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
application architecture. This approach does not address the need for secure communication between
regions. Option 2: Incorrect. Relying solely on the built-in security features of the underlying cloud
provider without any additional security configurations is not a best practice for securing a multiregion application architecture. Additional security configurations should be implemented to enhance
the overall security posture of the architecture. Option 3: Incorrect. Storing sensitive data in plain text
format and relying solely on network-level encryption provided by the cloud provider is not a best
practice for securing a multi-region application architecture. Additional encryption and security
measures should be implemented to protect sensitive data at rest and in transit. Option 4: Correct.
Implementing a shared virtual cloud network (VCN) across multiple regions and leveraging private IP
addresses for communication is a best practice for securing a multi-region application architecture.
This allows for secure communication between regions and enables centralized management of
network security policies.
QUESTION 16
What is Oracle Cloud Infrastructure Data Catalog?
A.
B.
C.
D.
A service that allows you to ingest, transform, and store big data in Oracle Cloud Infrastructure.
A service that provides a centralized and curated catalog of data assets.
A service that allows you to create, manage, and monitor data pipelines.
A service that provides data governance and security capabilities for your data.
Correct Answer: B
Explanation/Reference:
Option 1: Incorrect. Oracle Cloud Infrastructure Data Catalog is not specifically designed for ingesting,
transforming, and storing big data. It focuses on data cataloging and management. Option 2: Correct.
Oracle Cloud Infrastructure Data Catalog is a service that provides a centralized and curated catalog
of data assets. It allows users to discover, understand, and govern data assets across various data
sources. Option 3: Incorrect. Oracle Cloud Infrastructure Data Catalog does not specifically focus on
creating, managing, and monitoring data pipelines. It is primarily meant for data cataloging and
management. Option 4: Incorrect. While Oracle Cloud Infrastructure Data Catalog provides data
governance and security capabilities, its main purpose is to centralize and curate data assets, not
solely focus on governance and security.
QUESTION 17
A company wants to deploy a highly available, scalable, and secure application architecture in a
multicloud environment. The application consists of multiple frontend web servers and a backend
database. The company wants to ensure low latency and data sovereignty compliance. Which cloud
networking feature or service can address these requirements?
A. Virtual Cloud Network (VCN)
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
B. Internet Gateway (IGW)
C. FastConnect
D. Load Balancer
Correct Answer: C
Explanation/Reference:
Option 1: Incorrect. Virtual Cloud Network (VCN) is the foundation of the network architecture, but it
does not directly address the requirements of low latency and data sovereignty compliance. VCN
provides isolation and security for cloud resources by logically segregating them. Option 2: Incorrect.
Internet Gateway (IGW) provides connectivity between a VCN and the Internet, but it does not provide
the necessary features for low latency and data sovereignty compliance. Option 3: Correct.
FastConnect is a cloud networking service that provides a dedicated, private connection between onpremises networks and Oracle Cloud Infrastructure. It offers predictable performance with low latency
and can be used to ensure data stays within a specific geographic location, addressing the company's
requirements for low latency and data sovereignty compliance. Option 4: Incorrect. Load Balancer can
distribute incoming traffic across multiple backend servers, ensuring high availability and scalability.
While it can enhance the overall architecture, it does not directly address the requirements of low
latency and data sovereignty compliance.
QUESTION 18
An enterprise has a workload running in a VNet in Microsoft Azure and a database running in a VCN in
Oracle Cloud Infrastructure. The enterprise wants to set up a private, secure, and isolated network
connection between the two clouds to enable traffic flow between the workload and the database.
Which option can be used to achieve this requirement?
A. Use Azure ExpressRoute and Oracle FastConnect to create a private interconnection between the
Azure VNet and the OCI VCN.
B. Use Azure Private Link to create a private connection between the workload and the database.
C. Use public internet to establish connectivity between the Microsoft Azure VNet and the OCI VCN.
D. Use Azure VPN and Oracle FastConnect to establish a private and secure tunnel between the
Azure VNet and the OCI VCN.
Correct Answer: A
Explanation/Reference:
As per the question, the keywords are "The enterprise wants to set up a private, secure, and isolated
network connection between the two clouds"
Use public internet to establish connectivity between the Microsoft Azure VNet and the OCI VCN INCORRECT as this option won't provide private, secure and isolated connection.
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
Use Azure VPN and Oracle FastConnect to establish a private and secure tunnel between the Azure
VNet and the OCI VCN is INCORRECT as it won't provide a isolated connection.
Use Azure Private Link to create a private connection between the workload and the database is
INCORRECT as Azure Private Link enables you to access Azure PaaS Services (for example, Azure
Storage and SQL Database) and Azure hosted customer-owned/partner services over a private
endpoint in your virtual network.
Use Azure ExpressRoute and Oracle FastConnect to create a private interconnection between the
Azure VNet and the OCI VCN. is CORRECT. To create an integrated multi-cloud experience, Microsoft
and Oracle offer direct interconnection between Azure and Oracle Cloud Infrastructure (OCI) through
ExpressRoute and FastConnect. Through the ExpressRoute and FastConnect interconnection,
customers can experience low latency, high throughput, private direct connectivity between the two
clouds.
QUESTION 19
Which OCI storage service provides block storage for virtual machines that can be dynamically
provisioned as needed?
A.
B.
C.
D.
Object Storage
File Storage
Archive Storage
Block Volume
Correct Answer: D
Explanation/Reference:
Option 1: Incorrect. Object Storage is not a block storage service, but rather an object storage service
for unstructured data. It is not suitable for providing block storage for virtual machines. Option 2:
Incorrect. File Storage is a managed Network File System (NFS) service for shared file storage that
supports both Windows and Linux environments. It is not block storage for virtual machines. Option 3:
Incorrect. Archive Storage is a storage class within Object Storage that provides a low-cost option for
long-term storage of data that is infrequently accessed. It is not suitable for providing block storage
for virtual machines. Option 4: Correct. Block Volume is a highly available and durable block storage
service that provides persistent block-level storage for virtual machines. It can be dynamically
provisioned as needed and offers high performance and data durability.
QUESTION 20
You are designing a multicloud network architecture for a company that requires high availability and
low latency. Which networking service should you use to ensure that the company's applications can
seamlessly connect to multiple cloud environments?
A. FastConnect
B. VPN Connect
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
C. Internet Gateway
D. Load Balancer
Correct Answer: A
Explanation/Reference:
Option 1: Correct. VPN Connect provides secure and reliable connectivity between on-premises
networks and multiple cloud environments. It uses IPSec VPN tunnels to establish private connectivity
over the public internet. Option 2: Incorrect. FastConnect is a network connectivity option that
provides a dedicated private connection between on-premises networks and Oracle Cloud
Infrastructure. It is not designed to connect to multiple cloud environments. Option 3: Incorrect.
Internet Gateway is used to provide internet access to resources in a virtual cloud network (VCN). It is
not designed to connect to multiple cloud environments. Option 4: Incorrect. Load Balancer is used to
distribute incoming traffic across multiple compute instances in a region. It does not provide
connectivity to multiple cloud environments.
QUESTION 21
Which networking service in Oracle Cloud Infrastructure (OCI) provides a fully managed cloud-native
DNS service for your domains?
A.
B.
C.
D.
OCI DNS
OCI Gateway
OCI Load Balancer
OCI Traffic Management
Correct Answer: A
Explanation/Reference:
Option 1: Correct: OCI DNS is a fully managed cloud-native DNS service in OCI. It provides a scalable,
highly available, and secure DNS resolution for your domains. Option 2: Incorrect: OCI Gateway is not
a networking service in OCI. Option 3: Incorrect: OCI Load Balancer is a load balancing service in OCI,
not a DNS service. Option 4: Incorrect: OCI Traffic Management is a service in OCI that enables you to
monitor the performance and availability of your applications and automatically direct traffic to the
best available endpoint, but it is not a DNS service.
QUESTION 22
Which service in Oracle Cloud Infrastructure (OCI) can be used to monitor the performance and health
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html
of your cloud resources?
A.
B.
C.
D.
Oracle Database Cloud Service
Oracle Cloud Infrastructure Monitoring
Oracle Container Engine for Kubernetes
Oracle Cloud Infrastructure Object Storage
Correct Answer: B
Explanation/Reference:
Option 1: Incorrect. Oracle Database Cloud Service is a PaaS offering for managing Oracle Database
instances, not a service for monitoring cloud resources. Option 2: Correct. Oracle Cloud Infrastructure
Monitoring allows you to monitor the performance and health of your cloud resources, providing realtime monitoring data, alarms, and notifications. Option 3: Incorrect. Oracle Container Engine for
Kubernetes is a managed service for running containerized applications in OCI, not a service for
monitoring cloud resources. Option 4: Incorrect. Oracle Cloud Infrastructure Object Storage is a
scalable and durable storage service, not a service for monitoring cloud resources.
https://www.genuinedumps.com/1Z0-1115-23-exam-questions.html