What is the correct approach to upgrade an Oracle Container Engine

for Kubernetes (OKE) Cluster to a newer version of Kubernetes?

A. Initiate the control plane and node pool upgrades

simultaneously.B. Upgrade the node pools one at a time, then once all node
pools are upgraded, upgrade the control plane.C. Upgrade the control plane,
then upgrade the node pools.D. Initiate the automated upgrade process
using the OCI Console, CLI, or API.

Correct Answer: C

Explanation: Only visible for FreeCram members. You can sign-up / login (it's
free).

Question 2

Which of the following statement is INCORRECT with respect to a

Dockerfile?

A. The RUN instruction will execute any commands in a new layer on top of
the current image and commit the results.B. WORKDIR instruction sets the
working directory for any RUN, CMD, ENTRYPOINT instructions and not for
COPY and ADD instructions in the Dockerfile.C. If CMD instruction provides
default arguments for the ENTRYPOINT instruction, both should be specified
in JSON format.D. An ENV instruction sets the environment value to the key,
and it is available for the subsequent build steps and in the running
container as well.

Correct Answer: B

Explanation: Only visible for FreeCram members. You can sign-up / login (it's
free).

Question 3

Your team is working on a project to deploy a microservices-based

application on a cloud platform using Terraform. Each microservice
has specific configurations and dependencies, and you want to
ensure modularity, reusability, and consistency across deployments.
Which Terraform feature would you use to achieve these objectives
efficiently?
A. Terraform VariablesB. Terraform ModulesC. Terraform
WorkspacesD. Terraform Providers

Correct Answer: B

Explanation: Only visible for FreeCram members. You can sign-up / login (it's
free).

Question 4

How do OCI DevOps Deployment Pipelines reduce risk and

complexity of production applications?

A. By reducing change-driven errors introduced by manual deployments

B. By working with existing Git repositories and

CI systemsC. By eliminating downtime of production applications

D. By scaling builds with service-managed build runners

Correct Answer: A

Explanation: Only visible for FreeCram members. You can sign-up / login (it's
free).

Question 5

A small company is moving to a DevOps framework to better

accommodate their intermittent workloads, which are dynamic and
irregular. They want to adopt a consumption-based pricing model.
Which Oracle Cloud Infrastructure service can be used as a target
deployment environment?

A. Oracle Kubernetes (OKE)B. Bare metal compute instanceC. Virtual

machine compute instanceD. Functions

Correct Answer: D

Question 6

An operations team is exploring the use of OCI Container Instances

to run their container workloads without managing servers.
Which of the following statements is false regarding the use of
Container Instances?

A. The underlying infrastructure for Container Instances is fully managed and

hardened by OCI, ensuring reliability and security.B. Billing for Container
Instances is based on the allocated CPU and memory resources for each
container instance.C. Container Instances require the team to perform
provisioning, patching, and ongoing management of servers.D. Container
Instances provide a serverless compute service for running containers,
eliminating the need for server management.

Correct Answer: C

OCI Container Instances are a serverless compute service that allows you to
run containerized workloads without managing the underlying infrastructure.
Oracle Cloud Infrastructure (OCI) manages provisioning, patching, and all the
ongoing server management tasks, providing a fully managed environment.

Question 7

In Kubernetes clusters created by Container Engine for Kubernetes,

how is data in etcd encrypted at rest by default?

A. Using encryption keys managed by Oracle using a master encryption

keyB. Using encryption keys managed by the userC. Encryption using TLS
certificatesD. No encryption applied

Correct Answer: A

In Kubernetes clusters created by Oracle Container Engine for Kubernetes

(OKE), data in etcd (the key-value store that holds cluster state and
configuration data) is encrypted at rest by default using encryption keys
managed by Oracle. Oracle manages the encryption using a master
encryption key to protect sensitive data.

Question 8

As a DevOps engineer working on a CI/CD pipeline for your

company's application, you have completed code analysis, image
scanning, and automated testing.
What is the next step to ensure a secure and reliable deployment?
A. Add a traffic Shift stage to route the traffic between two sets ofbackend
IPs.B. Add an invoke function stage to run code or custom logic in a
serverless manner.C. Add a shell stage to run custom commands in the
deployment pipeline.D. Add an approval stage to pause the deployment for a
specified duration for manual decision from the approver.

Correct Answer: D

After completing code analysis, image scanning, and automated testing, the
next step in the CI/CD pipeline should include a manual review to ensure that
all necessary security and quality checks have been performed correctly.
Adding an approval stage helps ensure that a secure and reliable deployment
is achieved by requiring human verification and approval before proceeding
with the deployment to production.
This step adds an extra layer of control to prevent unintended issues from
moving forward without further review. It is a common practice in CI/CD
pipelines to have an approval step, especially for critical deployments.

Question 9

A team wants to deploy artificial intelligence and machine learning

workloads in their OCI Container Engine for Kubernetes (OKE)
cluster. They prioritize strong isolation, cost-efficiency, and the
ability to leverage serverless capabilities.
Which solution is best suited for their requirements?

A. Virtual nodes in OKEB. Self-Managed Nodes in OKEC. Managed nodes in

OKED. Container Instances in OCI

Correct Answer: A

Virtual nodes in OKE provide a serverless experience for deploying

Kubernetes workloads, which means you do not have to manage or scale the
underlying infrastructure. This solution is particularly cost-efficient because
you only pay for the resources used by the pods, and it provides strong
isolation for workloads.
Virtual nodes are well suited for AI/ML workloads as they allow users to easily
scale compute resources without being constrained by the limits of individual
worker nodes.

Question 10
As a DevOps engineer working on an OCI project, you're setting up a
deployment pipeline to automate your application deployments.
Which statement is false about deployment pipeline in OCI DevOps?

A. Using deployment pipeline, you can deploy helm charts in OCI

Function.B. You can add a Wait stage that adds a specified duration of delay
in the pipeline.C. You can add a Traffic Shift stage that routes the traffic
between two environments.D. You can add an Approval stage that pauses
the deployment for a specified duration for manual decision from the
approver.

Correct Answer: A

Question 11

An operations team wants to leverage the advanced features of

Container Engine for Kubernetes (OKE) and requires granular
control over cluster add-ons, workload identity, and improved
worker node management. They also prioritize strong security
measures and require a financially-backed service level agreement
(SLA) for Kubernetes API server uptime.
Which type of cluster should they choose to meet their
requirements?

A. Enhanced clustersB. Federated clustersC. Virtual clustersD. Specialized

clusters

Correct Answer: A

Enhanced clusters in Oracle Container Engine for Kubernetes (OKE) provide

advanced features such as granular control over cluster add-ons, workload
identity, and improved worker node management. They also offer strong
security measures and come with a financially-backed service level
agreement (SLA) for Kubernetes API server uptime, ensuring higher reliability
and support for production workloads.

Question 12

Which two are prerequisites for creating a secret in Oracle Cloud

Infrastructure Vault service? (Choose two.)
A. You must first create a hash digest of the secret value.B. You must have
the required permissions to create and manage secrets in the Vault
service.C. You must have a Vault managed key to encrypt the secret.D. You
must have an auth token to encrypt the secret.E. The user must create a
compute instance to run the secret service.

Correct Answer: B,C

You need the required permissions (such as policies allowing secret

management) to create and manage secrets in Oracle Cloud Infrastructure
(OCI) Vault service. These permissions are essential for performing
operations such as creating, reading, and managing secrets.
Vault managed key is required to encrypt the secret before it is stored in the
OCI Vault. The managed key acts as the encryption key for securing the
secret, ensuring its confidentiality.

Question 13

As an engineer building and deploying applications using an OCI

DevOps project, which two capabilities can help ensure the security
and reliability of the code in the build and deployment pipelines?
(Choose two.)

A. Using Application Dependency Management (ADM) to identify security

weaknesses in software applications by checking their dependenciesB. Using
third-party tools like Ansible, Terraform, or OverOps to analyze code for
security defects or bugs in code qualityC. Using JIRA to track user stories and
bug fixes in the development processD. Using version control tools like Git or
SVN to track and manage changes in the codebaseE. Using third-party tools
like Sonatype, SonarQube, or OverOps to analyze code for security defects or
bugs in code quality

Correct Answer: A,E

Question 14

A fully qualified path to a particular image in an OCIR repository is

given as [Link]/ansh81vru1zp/project01/acme-web-
app:[Link].
Identify the two options with correct terms and their associated
values. (Choose two.)
A. [Link] represents <tenancy-
namespace>B. ansh81vru1zp/project01/acme-web-app:[Link]
represents <repo-name>C. ansh81vru1zp represents <tenancy-
namespace>D. [Link]/ansh81vru1zp represents <region-key>E. iad
represents <region-key>

Correct Answer: C,E

ansh81vru1zp is the <tenancy-namespace>. In Oracle Cloud Infrastructure

Registry (OCIR), the tenancy namespace uniquely identifies the tenancy and
is used as part of the image path.
iad is the <region-key>. The region key is the shorthand identifier for the OCI
region (iad represents Ashburn region), and it is used in the fully qualified
path for images stored in the Oracle Cloud Infrastructure Registry (OCIR).

Question 15

Which command creates the docker registry secret required in the

application manifests for OKE to pull images from Oracle Cloud
Infrastructure Registry?

A.

B.

C.

D.
Correct Answer: D

To create a Docker registry secret to pull images from the Oracle Cloud
Infrastructure Registry (OCIR), you need to specify the correct parameters
such as the region key, namespace, OCI username, and OCI authentication
token.
Chosen command is correct because:
The kubectl create secret docker-registry command creates a Docker registry
secret.
The --docker-server=<region-key>.[Link] specifies the correct endpoint for
OCIR.
The --docker-username=<tenancy-namespace>/<oci-username> provides
both the tenancy namespace and the OCI username, which is the required
format for authentication with OCIR.
The --docker-password='<oci-auth-token>' specifies the OCI auth token,
which acts as a password for authentication.
The --docker-email=<email-address> is also included.
The other commands have errors, such as missing tenancy namespace or
using incorrect flags (passwd instead of secret).

Question 16

As an engineer building and deploying applications using an OCI

DevOps project, which two capabilities can help ensure the security
and reliability of the code in the build and deployment pipelines?
(Choose two.)

A. Using third-party tools like Ansible, Terraform, or OverOps to analyze code

for security defects or bugs in code qualityB. Using Application Dependency
Management (ADM) to identify security weaknesses in software applications
by checking their dependenciesC. Using JIRA to track user stories and bug
fixes in the development processD. Using version control tools like Git or SVN
to track and manage changes in the codebaseE. Using third-party tools like
Sonatype, SonarQube, or OverOps to analyze code for security defects or
bugs in code quality

Correct Answer: B,E

Application Dependency Management (ADM) is a tool used to identify

security weaknesses in software applications by analyzing their
dependencies. Dependencies can often introduce vulnerabilities, and
managing them properly is a critical part of ensuring application security.
Third-party tools like Sonatype and SonarQube can be used to analyze code
for security defects or bugs in code quality. These tools help in identifying
vulnerabilities, code smells, and other issues, which can improve the overall
security and reliability of the code during the build process.

Question 17

As a developer working on a software project to be deployed on

OKE, you have created a Helm chart for your application. You want
to deploy the chart using OCI DevOps service.
Which statement is true about deploying a Helm Chart using OCI
DevOps service?

A. A single chart can be installed only once into the same cluster, and create
single release.B. The Helm charts must be located in the OCI Container
Registry repository for deployment.C. The [Link] file is a generic file
located in the OCI Container Registry. You must create a reference to this
file.D. Oracle Cloud Infrastructure (OCI) DevOps service supports deployment
of Helm charts to Container Instances.

Correct Answer: B

OCI DevOps service can be used to deploy Helm charts for Kubernetes-based
applications running on Oracle Kubernetes Engine (OKE). For deploying the
Helm chart through the OCI DevOps service, the Helm chart must be stored
in the OCI Container Registry. This allows the OCI DevOps service to easily
access the Helm chart during the deployment process.

Question 18

Which is NOT a valid log category for the Oracle Cloud Infrastructure
Logging service?

A. Custom LogsB. Audit LogsC. Service LogsD. Execution Logs

Correct Answer: D

The Oracle Cloud Infrastructure Logging service has several log categories
that users can utilize:
Custom Logs: Users can create their own logs to collect application-specific
data.
Audit Logs: These logs contain audit records that provide information about
activities performed on resources, generated by OCI Audit service.
Service Logs: These are logs generated by OCI services, providing
information about the functioning and performance of the services.
Execution Logs is not a valid log category in OCI Logging. There are no
"execution logs" as a defined category for the Logging service.

Question 19

How can system administrators ensure that only signed images from
Oracle Cloud Infrastructure Registry are deployed to a Container
Engine for Kubernetes cluster?

A. By disabling access to the Container Engine for Kubernetes clusterB. By

manually inspecting each image before deploymentC. By encrypting the
images using a custom encryption algorithmD. By configuring an image
verification policy for the cluster

Correct Answer: D

Image verification policies are used to ensure that only trusted and signed
images are deployed to an Oracle Kubernetes Engine (OKE) cluster. By
configuring such policies, administrators can enforce that images must be
signed and come from trusted sources, such as the Oracle Cloud
Infrastructure Registry.

Question 20

You host your application on a stack in Oracle Cloud Infrastructure

(OCI) Resource Manager. Because of recent growth in your user
base, you decide to add a CIDR block to your VCN, add a subnet, and
provision a compute instance in it.
Which statement is true?

A. You need to provision a new stack because Terraform uses immutable

infrastructure.B. You can make the changes to the Terraform code, run a Drift
Detection job, and Resource Manager will provision the new resources.C. You
need to provision the new resources in the OCI console first, then add them
later to the Terraform configuration and state.D. You can make the changes
to the Terraform code, run an Apply job, and Resource Manager will provision
the new resources.
Correct Answer: D

Question 21

Which OCI DevOps project resource is responsible for defining the

stages for compiling, testing, and running software applications
before deployment?

A. Deployment pipelinesB. Build pipelinesC. Development

pipelinesD. Integration pipelines

Correct Answer: B

Build pipelines in OCI DevOps are responsible for defining the stages
involved in compiling, testing, and running software applications. These
pipelines automate the process of building the code, running unit tests,
scanning for vulnerabilities, and packaging the software, all of which occur
before deploying the application.

Question 22

Which of the following is NOT considered a DevOps resource in the

context of the OCI DevOps project service?

A. EnvironmentsB. API integrationsC. Build pipelinesD. Code repositories

Correct Answer: B

In the context of OCI DevOps project service, the key DevOps resources
include:
Environments: These are used to represent deployment targets, such as
Kubernetes clusters, compute instances, or functions.
Build pipelines: These automate the building, testing, and packaging of
software.
Code repositories: These store source code for the application being built,
providing version control and collaboration.
API integrations are not directly considered a DevOps resource in OCI
DevOps projects. Instead, they facilitate communication and integration with
other tools or services but do not represent a core component of DevOps
projects like environments, build pipelines, or code repositories.
Question 23

Why is it important to extract output artifacts from the Oracle Cloud

Infrastructure (OCI) DevOps build pipeline and store them in an
Artifact Registry repository?

A. All artifacts are permanently stored in the build pipeline. Extracting just
the ones required for deployment tells the deployment pipeline which
artifacts to use.B. Storing build artifacts in registries helps the deployment
pipeline differentiate output artifacts created by the build pipeline from
artifacts copied from a Git repository.C. Deliver Artifacts is a required stage
of the build pipeline, and the entire pipeline won't work if it is not included in
order to extract artifacts after the Managed Build stage.D. Output artifacts
aren't permanent. If they are to be used in the Deliver Artifacts stage, they
need to be exported as output artifacts to a registry.

Correct Answer: D

In OCI DevOps Build Pipeline, the output artifacts generated during the build
are temporary and will be discarded unless explicitly stored in a persistent
location. By extracting and storing these artifacts in an Artifact Registry
(such as OCI Artifact Registry or OCI Container Registry), you ensure that
they are available for subsequent stages, such as deployment.
Storing artifacts in a registry provides a persistent location where the
deployment pipeline can access them, ensuring the artifacts are available for
reliable deployment.

Question 24

As a DevOps engineer working on managing clusters on the OCI

platform for your organization, which statement is true about
managing cluster add-ons in OCI OKE Cluster?

A. When creating a new cluster, essential cluster add-ons cannot be

disabled.B. When enabling a cluster add-on, you cannot configure the add-on
by specifying one or more key/value pairs to pass as arguments to the
cluster add-on.C. When creating a new cluster, essential cluster add-ons are
set to manually update.D. When you disable a cluster add-on using the
console, the add-on is completely removed from the cluster.

Correct Answer: A
Essential cluster add-ons are required for the basic functioning of the
Kubernetes cluster and cannot be disabled during cluster creation. These
add-ons provide necessary features such as core DNS, networking, and other
critical functionalities for the cluster's operation.

Question 25

Which statement is false about OCI Resource Manager (RM)?

A. Resources provisioned through RM cannot be destroyed from outside of

RM.B. RM can render custom "Application Information" pages for
stacks.C. RM can generate Terraform based on the resources in a
compartment.D. RM can mirror repositories from GitHub and GitLab.

Correct Answer: A

Question 26

As a DevOps Engineer, you are tasked with explaining the key

concepts of Terraform to a new team member. You want to ensure
they understand the fundamental concepts of Terraform.
Which of the following best describes the purpose of Terraform
variables?

A. Terraform variables are used to manage the life cycle of Terraform

resources.B. Terraform variables are used to define input values for
Terraform configurations, allowing for customization and reuse of
infrastructure code.C. Terraform variables are used to output the final state
of the infrastructure after deployment.D. Terraform variables are used to
define the structure and organization of Terraform configuration files.

Correct Answer: B

Terraform variables are used to define input values for Terraform

configurations. They allow users to customize infrastructure deployments by
providing different values without modifying the configuration files
themselves. Variables help in creating reusable infrastructure code, making it
easy to maintain and adjust the infrastructure setup according to different
environments or needs.

Question 27
How can you run applications on GPU worker nodes in clusters
created using Container Engine for Kubernetes (OKE)?

A. By selecting a managed node pool, a GPU shape, and a GPU image, and
ensuring that the CUDA libraries for different GPUs are pre-installed on the
worker nodesB. By selecting a virtual node pool, a GPU shape, and a GPU
image, and ensuring that the CUDA libraries are included in the application
containerC. By selecting a managed node pool, a GPU shape, and a GPU
image that has CUDA libraries pre-installed, and specifying the number of
GPU resources required in the pod specD. By selecting a managed node pool,
a GPU shape, and a GPU image, and specifying the number of CPU resources
required in the pod spec

Correct Answer: C

To run applications on GPU worker nodes in Oracle Kubernetes Engine (OKE),

you need to:
Select a managed node pool and choose a GPU shape for the worker nodes.
Use a GPU image that has the necessary CUDA libraries pre-installed to
ensure that GPU workloads can be executed properly.
In the pod specification, specify the number of GPU resources required for
the container to utilize the GPU hardware during execution. This allows
Kubernetes to schedule the pod on a node with an available GPU.

Question 28

As a DevOps engineer working with OCI DevOps, you are managing

artifacts for a microservices application.
Based on your understanding of working with DevOps projects and
artifacts, which statement is true?

A. Artifacts can be used directly by OCI DevOps without the need for them to
be located or mirrored in an OCI Artifact or Container registry.B. In the build
pipeline, to store the Managed Build stage outputArtifacts. you need an OCI
Object storage.C. It is recommended to make artifacts immutable to prevent
any modifications after they are uploaded.D. Once created, the artifact's
name. type, and source cannot be modified.

Correct Answer: C
Making artifacts immutable ensures that the build artifacts are not altered
after being published. This is a best practice to maintain the integrity and
consistency of the artifacts used in deployments, preventing unintentional
changes that could introduce issues during subsequent deployment stages.

Question 29

A DevOps team is deploying a new version of their application to

their production environment using the Canary deployment strategy
in the OCI DevOps service. They want to ensure that the production
environment is not affected by any potential issues caused by the
new version.
Which statement is true in regards to the Canary deployment
strategy?

A. The Production stage in the Canary deployment strategy deploys the new
version to the production environment without any manual approval.B. The
Canary deployment strategy only supports pipeline redeployment for OKE
and not for instance group deployments.C. The Invoke Function stage is an
optional stage that can be used to validate the new version before moving to
the production environment.D. The Shift Traffic stage in the Canary
deployment strategy shifts the entire 100% of the production traffic to the
Canary environment.

Correct Answer: C

In a Canary deployment strategy, a new version of an application is rolled

out to a small subset of the production environment (the canary) first, while
the majority of the production environment still runs the current stable
version. This approach helps to detect potential issues before the new
version is fully deployed.
The Invoke Function stage can be used as an optional step in the deployment
pipeline to run additional validation (e.g., automated tests or other checks)
on the new version before gradually shifting more traffic to it or moving to
full production deployment.

Question 30

You're using Oracle Cloud Infrastructure (OCI) DevOps to deploy

your application on an Oracle Container Engine for Kubernetes
(OKE) environment. You push your code to the OCI Code Repository,
add all the required stage and configure the build and deployment
pipeline. When you run the build, you see "unable to clone the
repository" error.
What could the configuration error be?

A. The Docker image used in the pipeline is incompatible with the OKE
environment.B. Dynamic Groups and OCI IAM policies to access the code
repository are missing.C. The OKE cluster is not configured to allow external
access to the code repository.D. CA bundle for Transport Layer Security (TLS)
verification to download the build source during the build run is missing.

Correct Answer: B

The error "unable to clone the repository" typically indicates that there is an
authentication or authorization issue preventing access to the OCI Code
Repository. In OCI DevOps, the build pipeline must have the appropriate
permissions to access the code repository.
To allow the build pipeline to clone the repository, you need to set up
Dynamic Groups and OCI IAM policies that provide the necessary permissions
for the build runner to access the code repository.

Question 31

You are using the Oracle Cloud Infrastructure (OCI) DevOps service
and you have successfully built and tested your software
applications in your Build Pipeline. The resulting output needs to be
stored in a container repository.
Which stage should you add next to your Build Pipeline?

A. Trigger deploymentB. Managed buildC. Deliver artifactsD. Export

packages

Correct Answer: C

Step 1: Understanding the Requirement

The objective is to store the resulting build output from a Build Pipeline in a
container repository. In OCI DevOps, the build output is stored as an artifact,
which can include Docker images or other build-generated files. To store
these artifacts in a container repository, you need to explicitly deliver
artifacts in the pipeline.
Step 2: Explanation of the Options
A . Trigger deployment
This stage is used to trigger a deployment pipeline, which comes after the
artifacts are already stored and prepared for deployment.
Not applicable: This stage is downstream of storing artifacts and is used for
deploying software, not for saving the build output to a repository.
B . Managed build
The managed build stage is where you compile, test, and package the
application. This has already been completed successfully according to the
question.
Not applicable: The question specifies that the build has been completed, so
this stage is not relevant at this point.
C . Deliver artifacts
The Deliver Artifacts stage in OCI DevOps pipelines is designed to store the
output of the build process in an artifact repository, such as:
OCI Container Registry (OCIR) for Docker images.
Artifact Registry for build artifacts like binaries or JAR files.
Applicable and Correct Answer: This is the correct next step for storing the
resulting D . Export packages This is not a standard OCI DevOps pipeline
stage. It may be relevant in other contexts but is not related to OCI DevOps
for storing build artifacts.
Step 3: Key Concepts of "Deliver Artifacts" in OCI DevOps
Purpose: Save build outputs (artifacts) to an artifact repository.
Artifact Types: Includes Docker container images, binaries, JAR files, or other
build outputs.
Repositories Supported:
OCI Container Registry (OCIR)
OCI Artifact Registry
Configuration:
Specify the artifact source (build stage output).
Define the destination repository (e.g., OCIR).
Step 4: References and OCI Resources
OCI DevOps Build Pipelines:
Build Pipeline Documentation
Deliver Artifacts Stage
OCI Container Registry (OCIR):
OCI Container Registry Overview
OCI Artifact Registry:
OCI Artifact Registry Overview
Question 32

As a DevOps engineer at XYZ Corp, you have been assigned the task
of setting up a new OKE (Oracle Kubernetes Engine) cluster to
manage the organization's Kubernetes applications hosted on
Oracle Cloud Infrastructure (OCI). Your goal is to ensure a smooth
and efficient process while preparing for the cluster creation.
Which of the following statements is false regarding the preparation
process for setting up a new OKE cluster?

A. Container Engine for Kubernetes cannot utilize existing network resources

for the creation of the new cluster.B. Container Engine for Kubernetes
automatically creates and configures new network resources for the new
cluster.C. It is necessary to ensure sufficient quota on different resource
types in your OCI tenancy for the cluster setup.D. Access to an Oracle Cloud
Infrastructure tenancy is required to set up the new OKE cluster.

Correct Answer: A

This statement is false because Container Engine for Kubernetes (OKE) can
utilize existing network resources such as Virtual Cloud Networks (VCNs),
subnets, security lists, and route tables for the creation of a new cluster. You
can either use pre-existing network resources or let OKE create new network
resources automatically.

Question 33

How does the Oracle Cloud Infrastructure Container Engine for

Kubernetes (OKE) Cluster Autoscaler determine when to create new
nodes for an OKE cluster?

A. When the CPU or memory utilization crosses a configured

threshold.B. When the resource requests from pods exceed a configured
threshold.C. When the custom metrics from the services exceed a configured
threshold.D. When the rate of requests to the application crosses a
configured threshold.

Correct Answer: B

The OKE Cluster Autoscaler automatically adjusts the number of worker

nodes in an OKE cluster based on the resource requests made by Kubernetes
pods. When there are not enough resources available (e.g., CPU or memory)
on existing nodes to accommodate pending pods, the Cluster Autoscaler will
create new nodes to meet the resource demand.

Question 34

You have been asked to provision a new production environment on

Oracle Cloud Infrastructure (OCI). After working with the solution
architect, you decide that you are going to automate this process.
Which OCI service can help automate the provisioning of this new
environment?

A. OCI Streaming ServiceB. Oracle FunctionsC. Oracle Container Engine for

KubernetesD. OCI Resource Manager

Correct Answer: D

OCI Resource Manager is an infrastructure as code (IaC) service that allows

you to automate the provisioning of resources on Oracle Cloud Infrastructure
(OCI) using Terraform. It is ideal for automating the setup of environments,
as it can manage the full lifecycle of your infrastructure in a consistent,
repeatable, and version-controlled manner.

Question 35

You are a DevOps engineer working on a project that requires you to

push and pull Docker images to and from Oracle Cloud
Infrastructure Registry (Container Registry) using Docker CLI. You
have been given access to Container Registry and have installed
Docker CLI on your local machine.
Which should you create and use to securely authenticate and store
your Docker image in a private Docker registry in OCI?

A. Auth TokenB. JSON Web TokenC. SSH Key PairD. Master Encryption Key in
OCI Vault

Correct Answer: A

01. What is a Kubernetes cluster in the context of microservices?

a) A group of related microservices

b) A collection of virtual machines

c) A centralized database for microservices

d) A set of nodes for running containers managed by Kubernetes

02. Which concept in DevOps measurement involves capturing and

analyzing key performance indicators (KPIs) to assess the efficiency
of the development process?

a) Metrics

b) Logging

c) Events

d) Observability

03. What are artifacts in the context of CI/CD?

a) Physical objects used in the development process

b) The final executable files of a software application

c) Documentation of the CI/CD process

d) A type of code repository

04. What is the primary goal of DevOps practices?

a) Reducing software development costs

b) Eliminating the need for software testing

c) Achieving faster and more reliable software delivery

d) Increasing software complexity

05. What is the main benefit of using Infrastructure as Code (IaC)

for managing cloud resources?

a) It allows for automated and consistent provisioning and management of

cloud resources.

b) It provides real-time monitoring of cloud resources.

c) It eliminates the need for cloud resources

d) It speeds up the deployment of cloud resources.

06. What is the purpose of using Infrastructure as Code (IaC) in

DevOps?

a) To document server configurations

b) To manually configure servers

c) To automate and manage infrastructure using code

d) To write user manuals

07. What is the primary purpose of Continuous Integration (CI) in

the context of software development?

a) To manually test software changes before deployment

b) To automate the process of building and testing code changes

c) To document the software development process

d) To manage software configurations

08. Which OCI service is designed to help automate the handling of

events by providing a framework for defining event-based rules?

a) OCI Metrics

b) OCI Logging

c) OCI Events

d) OCI Observability

09. How does OCI Ansible collection assist in automating

infrastructure configurations in Oracle Cloud Infrastructure (OCI)?

a) It provides real-time analytics for OCI resources.

b) It offers pre-built Ansible modules for interacting with OCI resources.

c) It helps manage database schemas in OCI.

d) It automates the creation of virtual machines in OCI.

10. Which Oracle Cloud service provides a managed Kubernetes

service for microservices orchestration?

a) Oracle Cloud Functions

b) Oracle Cloud Container Registry (OCCR)

c) Oracle Cloud Autonomous Database

d) Oracle Cloud Kubernetes Engine (OKE)

Answers:

The Mount Point Path refers to the specific directory on a client instance
where the remote file system is mounted and accessed. This path serves as
the gateway for interacting with the remote file system locally.

An application load balancer is a context-aware load distribution that directs

requests based on any single variable as easily as requests based on a
combination of variables. An application load balancer works on layer 7, so it
supports both HTTP and HTTPS. It can distribute HTTP and HTTPS traffic
based on host-based or path-based rules.

Two statement
Oci nerking

Which Two statement security

VCN size

Versioning ::

You are a system

Four layers of access

OCI component

An organization plan
Which gateway

Which Two statements

In OCI IAM

Which two statements

You have high demand Policy 1.

Which statement accurately

Your application workload

You created VCN

Compartment:

Oracle Cloud two

dns
Which can serve VTAP

What happen traffic

Which two statement

Which Two

Two connectivity

Which oracle-defined Backup policy

protocol

For Maximum
When you enable

Which block volume

Which two

Which traffic Management

Which compute

Which two statement

Which three

You want a specific

Which network security

Which tool provides

Allow group examine

At which level are retention

You are responsible

An instance

When you create

Which policy is automatically

You have two objects

You want users

Which object storage

Which two statement