Explanation: Configure a File Storage service with snapshots and use OCI's cross -region copy feature to replicate the snapshots across regions. -> Correct. Correct because snapshots provide point -in-time backups of file systems, which can be copied across regions for disaster recovery purposes. However, this method focuses on cross -region rather than cross -availability domain replication and is aimed at disaster recovery rather than active -active high availability. Create a file system in one availability domain and manually replicate data to file systems in other availability domains. -> Incorrect. Manual replication can be prone to human error and does not guarantee real-time data synchronization or high availability. Use Object Storage as a primary storage option instead of File Storage for high availability. -> Incorrect. Object Storage and File Storage serve different use cases. Object Storage is not a direct substitute for the file share capabilities and POSIX compliance of File Storage. Deploy a File Storage service with the default replication policy, which automatically replicates data across all availability domains in the region. -> Incorrect. By default, the File Storage service does not automatically replicate data across availability domains; replication needs to be configured according to specific requirements. In an OCI environment, you have deployed a web application across two availability domains (ADs) for high availability. The application stores data in OCI Object Storage and must ensure data confidentiality. The security team requests that the data stored in Object Storage can only be accessed by the application, even if other entities have access to the same bucket. What action should you take to meet this security requirement?
requirement to limit access exclusively to the application. Implement OCI Identity and Access Management (IAM) policies to restrict access to the Object Storage bucket exclusively to the application. -> Incorrect. While IAM policies restrict access at a high level, they do not enforce encryption or control access at the object level, necessary for ensuring that only the application can access the data. Enable Object Storage bucket encryption with a customer -managed key and ensure the application has the key to decrypt data. -> Incorrect. Enabling encryption with a customer -managed key adds a layer of security. However, it doesn't restrict access solely to the application if others have access to the decryption key. Use pre -authenticated requests for objects in the bucket, sharing the unique URLs only with the application. -> Incorrect. Pre-authenticated requests provide temporary access to a bucket or object, but managing unique URLs for all objects at scale is impractical for application -wide access control. When configuring a Virtual Cloud Network (VCN) in Oracle Cloud Infrastructure (OCI), you find that instances within the VCN are unable to communicate with the internet. Which configuration should be verified to resolve this issue?
A Service Gateway allows a VCN to access Oracle Cloud services without using the public internet, but it does not provide general internet access to the instances within the VCN. In Oracle Cloud Infrastructure (OCI), the Observability and Management platform offers comprehensive tools to monitor, manage, and analyze cloud resources. Which of the following features are correctly associated with understanding the Observability and Management platform? Select two s.
they have comprehensive monitoring and management capabilities for both their OCI resources and application performance. Which OCI service should they utilize to achieve an integrated observability and management experience across their cloud environment?
Policies must be globally unique across all OCI tenancies. -> Incorrect. Policies need not be globally unique; they are scoped to a tenancy or compartment. Policies automatically apply to all regions within a tenancy by default. -> Incorrect. While policies apply to all regions within a tenancy, this statement does not accurately describe the unique characteristics or limitations of IAM policies. A multinational corporation with operations spread across several continents is looking to improve the performance, reliability, and security of its connection to Oracle Cloud Infrastructure (OCI). The corporation requires a dedicated network connection that bypasses the public internet to connect their on- premises data center with OCI. Which OCI service should the corporation use to meet these requirements?
Explanation of Incorrect Options: Option A: Creating a new Object Storage bucket in another region and configuring a recycle policy to move data every 5 days does not provide real-time data availability or the fault tolerance required for a financial application. Recycle policies are intended for managing the lifecycle of data, not for high availability or disaster recovery. Option C: While lifecycle policies are useful for moving less frequently accessed data to a more cost - effective storage tier (e.g., from Standard to Archive), they do not address cross -region redundancy or real-time availability, which are critical for this use case. Option D: Copying an Object Storage bucket to a block volume is not a recommended practice for ensuring data durability and fault tolerance. Block volumes are used for persistent storage attached to compute instances, and copying object storage data to block volumes does not achieve the same level of redundancy and cross -region availability as replication policies. Thus, Option B is the correct and most efficient method for ensuring high availability and fault tolerance in this scenario. Which TWO statements are TRUE about Private IP addresses in Oracle Cloud Infrastructure (OCI)?
