Latest Oracle 1z0-1084-23 Exam questions and answers [Q43-Q65]

Latest Oracle 1z0-1084-23 Exam questions and answers

Actual4Exams 1z0-1084-23 Exam Practice Test Questions (Updated 100 Questions)

Oracle 1z0-1084-23 Exam Syllabus Topics:

Topic	Details
Topic 1	Cloud Native Applications And Containerization Use OCI Logging service to enable, manage, and search logs
Topic 2	Monitoring & Troubleshooting Cloud Native Applications Create integration between systems using the OCI streaming service
Topic 3	Develop Serverless Applications with Oracle Functions Explain the fundamentals of cloud-native and discuss the key pillars of cloud-native development
Topic 4	Discuss the role of container orchestration Discuss various strategies for testing cloud-native applications
Topic 5	Use OCIR to pull and push container images Apply security measures to overcome challenges with cloud-native development
Topic 6	Leverage OCI Service Mesh for Kubernetes Deployment Explain the microservices architecture and discuss the design methodology of microservices
Topic 7	Utilize OCI Monitoring service to view metrics Build events-driven serverless applications using OCI event service

 

NEW QUESTION # 43
You plan to implement logging in your services that will run in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE). Which statement describes the appropriate logging approach?

• A. All services log to standard output only.
• B. All services log to an external logging system.
• C. All serviceAAs log to a shared log file.
• D. Each service logs to its own log file.

Answer: A

Explanation:
Explanation
The appropriate logging approach for services running in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) is: "All services log to standard output only." When running services in a containerized environment like OKE, it is recommended to follow the Twelve-Factor App methodology, which suggests treating logs as event streams. According to this methodology, services should write their log events to standard output (stdout) instead of writing to log files. By logging to standard output, the container runtime (such as Kubernetes) can collect and aggregate the logs generated by the services. These logs can then be accessed and managed through the container runtime's logging infrastructure. Logging to standard output offers several advantages in a containerized environment: Simplicity and consistency: Standardizing on logging to stdout ensures a consistent approach across different services, making it easier to manage and analyze logs. Log aggregation: The container runtime can collect the logs from all the running containers and provide centralized log management, allowing you to access and search logs from different services in one place. Scalability: Since logs are written to stdout, they can be easily handled by the container runtime's log management system, which can scale to handle large volumes of log data. Separation of concerns: By logging to stdout, the responsibility of managing log files and their rotation is shifted to the container runtime, allowing the services to focus on their core functionality. While it is possible to log to log files or external logging systems, the recommended approach in a containerized environment like OKE is to log to standard output and leverage the logging infrastructure provided by the container runtime.

NEW QUESTION # 44
Which is the smalled unit of Kubernetes architecture?

• A. Node
• B. Container
• C. Cluster
• D. Pod

Answer: D

Explanation:
The smallest unit of Kubernetes architecture is a Pod. A Pod is a logical grouping of one or more containers that are deployed together on the same host and share the same network namespace, storage, and other resources. It represents the smallest deployable unit in Kubernetes and is used to encapsulate and manage one or more closely related containers. Containers within a Pod are scheduled and deployed together, allowing them to communicate and share resources efficiently.

NEW QUESTION # 45
Assuming that your function does NOT have the --provisioned-concurrency option enabled, which parameter is used to configure the time period during which an idle function will remain in memory before Oracle Functions removes its container image from memory?

• A. timeout
• B. access-timeout
• C. None, as this time is not configurable.
• D. idle-timeout

Answer: D

Explanation:
Explanation
Idle-timeout is the parameter that is used to configure the time period during which an idle function will remain in memory before Oracle Functions removes its container image from memory2. The idle-timeout parameter is specified in seconds and can be set when creating or updating a function2. The default value for idle-timeout is 30 seconds and the maximum value is 900 seconds (15 minutes)2. If a function has the
--provisioned-concurrency option enabled, the idle-timeout parameter is ignored and the function instances are always kept in memory3.Verified References: Creating Functions, Provisioned Concurrency

NEW QUESTION # 46
To effectively test your cloud native applications for "unknown unknowns", you need to employ various testing and deployment strategies. Which strategy involves exposing new functionality or features to only a small set of users?

• A. Blue/Green Deployment
• B. A/B Testing
• C. Canary Deployment
• D. Component Testing

Answer: C

Explanation:
The strategy that involves exposing new functionality or features to only a small set of users is called Canary Deployment. Canary deployment is a technique used in software development and deployment where a new version of an application or feature is released to a small subset of users or a specific group of servers. This allows for testing and gathering feedback on the new functionality in a controlled and limited environment before making it available to a wider audience. In a canary deployment, a small portion of the traffic is routed to the new version while the majority of the traffic still goes to the stable version. This allows for monitoring and evaluation of the new functionality in real-world conditions while minimizing the impact of any potential issues or bugs. If the new version performs well and meets the desired criteria, it can then be gradually rolled out to a larger user base or all servers. By exposing the new functionality or features to a small set of users initially, canary deployment helps in identifying any unforeseen issues, gathering feedback, and ensuring the stability and reliability of the application before a full deployment.

NEW QUESTION # 47
You have two microservices, A and B, running in production. Service A relies on APIs from service B. You want to test changes to service A without deploying all of its dependencies, which include service B. Which approach should you take to test service A?

• A. Test against production APIs.
• B. Test the APIs in private environments.
• C. Test using API mocks.
• D. There is no need to explicitly test APIs.

Answer: C

Explanation:
Explanation
API mocking is a technique that simulates the behavior of real APIs without requiring the actual implementation or deployment of the dependent services1. API mocking allows you to test changes to service A without deploying all of its dependencies, such as service B, by creating mock responses for the APIs that service A relies on1. API mocking has several benefits, such as1:
* Faster testing: You can test your service A without waiting for service B to be ready or available, which reduces the testing time and feedback loop.
* Isolated testing: You can test your service A in isolation from service B, which eliminates the possibility of external factors affecting the test results or causing errors.
* Controlled testing: You can test your service A with different scenarios and edge cases by creating mock responses that mimic various situations, such as success, failure, timeout, etc.

NEW QUESTION # 48
What is the open source engine for Oracle Functions?

• A. Apache OpenWhisk
• B. Fn Project
• C. OpenFaas
• D. Knative

Answer: B

Explanation:
Explanation
The Fn Project is an open source serverless computing platform that serves as the engine for Oracle Functions.
It provides a runtime environment for executing functions in a serverless architecture. The Fn Project enables developers to build and deploy functions using different programming languages, including Java, Python, Node.js, and more. The Fn Project is designed to be flexible and extensible, allowing developers to define functions as small units of code and execute them in response to events or triggers. It supports event-driven execution, allowing functions to be triggered by various events such as HTTP requests, messages from messaging systems, or changes in data. Oracle Functions leverages the Fn Project as its underlying engine, providing a managed serverless platform within the Oracle Cloud Infrastructure. It allows developers to easily develop, deploy, and manage functions using the familiar Fn Project framework and tooling. With Oracle Functions, developers can focus on writing their function code while leaving the infrastructure management, scaling, and operational tasks to the platform.

NEW QUESTION # 49
Your team has chosen to use master encryption key (MEK) within an Oracle Cloud Infrastructure (OCI) Vault for encrypting Kubernetes secrets associated with your microservice deployments in OCI Container Engine for Kubernetes (OKE) clusters so that you can easily manage key rotation. Which of the following is NOT valid about rotating keys in the OCI Vault service?

• A. Each key version is tracked internally with separate unique OCIDS.
• B. Both software and HSM-protected MEKS can be rotated.
• C. Once rotated, older key versions can be used for encryption until they are deleted.
• D. When you rotate an MEK, a new key version is automatically generated.

Answer: C

Explanation:
The correct answer is: "Once rotated, older key versions can be used for encryption until they are deleted." The statement that is NOT valid about rotating keys in the OCI Vault service is: "Once rotated, older key versions can be used for encryption until they are deleted." In the OCI Vault service, when you rotate a master encryption key (MEK), a new key version is automatically generated. However, once a key is rotated and a new version is created, the older key versions are no longer usable for encryption. The purpose of key rotation is to ensure that the encryption keys are regularly updated and that older keys are no longer used to protect sensitive data. This enhances security by minimizing the impact of potential key compromises. The other statements mentioned are valid: Both software and hardware security module (HSM)-protected MEKs can be rotated. This provides flexibility in choosing the type of MEK and ensures that key rotation can be performed regardless of the encryption method used. Each key version is tracked internally with separate unique OCIDs (Oracle Cloud Identifiers). This allows for easy management and tracking of different key versions within the OCI Vault service. In summary, the statement that is NOT valid is the one suggesting that older key versions can still be used for encryption until they are deleted. Key rotation is designed to ensure the use of the latest key version and to retire older key versions to enhance security.

NEW QUESTION # 50
A service you are deploying to Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) uses a docker image from a private repository in OCI Registry (OCIR). Which configuration is necessary to provide access to this repository from OKE?

• A. Add a generic secret on the cluster containing your identity credentials. Then specify a registryCredentials property in the deployment manifest.
• B. Create a dynamic group for nodes in the cluster, and a policy that allows the dynamic group to read repositories in the same compartment.
• C. Create a docker-registry secret for OCIR with API key credentials on the cluster, and specify the imagePullSecret property in the application deployment manifest.
• D. Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the imagePullSecret property in the application deployment manifest.

Answer: D

Explanation:
The necessary configuration to provide access to a private repository in OCI Registry (OCIR) from OCI Container Engine for Kubernetes (OKE) is to create a docker-registry secret for OCIR with an identity Auth Token on the cluster and specify the imagePullSecret property in the application deployment manifest. Here's the breakdown of the steps: Create a docker-registry secret for OCIR with an identity Auth Token: In order to authenticate with the private repository in OCIR, you need to create a secret in your OKE cluster that contains the necessary credentials. This can be done by generating an identity Auth Token from the OCI Console and creating a secret in the cluster using the kubectl command. Specify the imagePullSecret property in the application deployment manifest: In your application's deployment manifest (such as a Kubernetes Deployment or StatefulSet YAML file), you need to include the imagePullSecret property and specify the name of the secret you created in the previous step. This allows the OKE cluster to use the credentials from the secret to pull the docker image from the private repository in OCIR during deployment. By following these steps, you can ensure that your OKE cluster has the necessary access to the private repository in OCIR, and your application can successfully pull the required docker image during deployment.

NEW QUESTION # 51
A Docker image consists of one or more layers, each of which represents a Dockerfile instruction. The layers are stacked and each one is a delta of the changes from the previous layer. What permission is associated with these layers?

• A. write once
• B. read only
• C. movable
• D. read mostly
• E. write only

Answer: B

Explanation:
The correct answer is: "read only." The layers of a Docker image are read-only. Once a layer is created, it cannot be modified. Each layer represents a Dockerfile instruction, and it is stacked on top of the previous layer, forming a stack of immutable layers. These layers are designed to be read-only to ensure consistency and integrity of the image. When a Docker image is built, each instruction in the Dockerfile creates a new layer. Each layer represents the changes made by that instruction relative to the previous layer. The layers are stacked on top of each other to form the complete image. This layer-based approach allows for efficient storage and distribution of Docker images. Because the layers are read-only, any changes or modifications to the image result in the creation of new layers rather than modifying the existing ones. This immutability ensures that each layer remains intact and preserves the integrity of the image. It also enables Docker's caching mechanism, where previously built layers can be reused if the corresponding instructions haven't changed, speeding up the image build process. The other options mentioned, such as "write only," "write once," "movable," and "read mostly," do not accurately describe the permission associated with Docker image layers. Docker image layers are specifically designed to be read-only.

NEW QUESTION # 52
Which TWO statements are correct regarding Docker images and containers? (Choose two.)

• A. If multiple containers are spawned from the same image, then they all use the same copy of that image in memory.
• B. Only one container can be spawned from a given image at a time.
• C. An image is a collection of immutable layers whereas a container is a running instance of an image.
• D. Writing and building a new Dockerfile is the only way you can create new Docker images.
• E. A container can exist without an image but an image cannot exist without a container.

Answer: A,C

Explanation:
Explanation
Which TWO statements are correct regarding Docker images and containers? (Choose two.) Writing and building a new Dockerfile is the only way you can create new Docker images. A container can exist without an image but an image cannot exist without a container. Only one container can be spawned from a given image at a time. If multiple containers are spawned from the same image, then they all use the same copy of that image in memory. (Correct) An image is a collection of immutable layers whereas a container is a running instance of an image. (Correct) ChatGPT The correct statements regarding Docker images and containers are:
If multiple containers are spawned from the same image, then they all use the same copy of that image in memory. This statement is correct. When multiple containers are created from the same Docker image, they share the underlying layers of the image in memory. Each container has its own isolated filesystem and runtime environment, but they all use the same base image, which helps in efficient resource utilization. An image is a collection of immutable layers whereas a container is a running instance of an image. This statement is also correct. Docker images are composed of multiple layers, with each layer representing a specific change or addition to the previous layer. These layers are read-only and can be shared among multiple containers. On the other hand, a container is a lightweight and isolated runtime instance created from a specific image. It is a running process that has its own filesystem, network, and runtime configuration. The statements
"Writing and building a new Dockerfile is the only way you can create new Docker images" and "A container can exist without an image but an image cannot exist without a container" are incorrect. Docker images can be created in various ways, including using Dockerfiles, importing from existing images, or pulling from registries. Additionally, a container requires an image to run, so an image must exist before a container can be created from it.

NEW QUESTION # 53
You are developing a real-time monitoring application for a fleet of vehicles, which will be deployed on Oracle Cloud Infrastructure (OCI). You need to choose between using OCI Queue or OCI Streaming to handle the real-time data feeds from the vehicles. Based on the scenario described, which is the most appropriate choice for handling real-time data feeds?

• A. OCI Streaming, because it is designed for high-volume, continuous ingestion and processing of data, making it the best choice for a fleet of vehicles
• B. OCI Queue, because it provides at-least-once message delivery, which is critical for real-time monitoring applications
• C. OCI Streaming, because it offers exactly-once message delivery, which is necessary for real-time applications
• D. OCI Queue, because it is optimized for low-latency messaging and ideal for real-time applications

Answer: A

Explanation:
OCI Streaming is a fully managed, scalable, and durable messaging solution for ingesting continuous, high-volume streams of data that you can consume and process in real-time1. Streaming is suitable for any use case in which data is produced and processed continually and sequentially in a publish-subscribe messaging model1. Streaming can handle millions of messages per second with low latency2. Therefore, OCI Streaming is the most appropriate choice for handling real-time data feeds from a fleet of vehicles. Verified Reference: Overview of Streaming, Container Engine for Kubernetes

NEW QUESTION # 54
As a Cloud Native developer, you have written a web service for your company. However, your security team has suggested that your web service should address Distributed Denial-of-Service (DDoS) attack. You are time-constrained and you need to ensure that this is implemented as soon as possible. What should you do in this scenario? (Choose the best answer.)

• A. Use the OCI Virtual Cloud Network (VCN) segregation to control DDoS.
• B. Re-write your web service and implement rate limiting.
• C. Use a third party service integration to Implement DDoS attack mitigation.
• D. Use the OCI API Gateway service and configure rate limiting.

Answer: D

Explanation:
Explanation
The correct answer in this scenario is to use the OCI API Gateway service and configure rate limiting. Using the OCI API Gateway service and configuring rate limiting is an effective approach to address Distributed Denial-of-Service (DDoS) attacks. By implementing rate limiting, you can control the number of requests that can be made to your web service within a specific time frame. This helps to prevent overload and ensures that your service can handle legitimate traffic while mitigating the impact of DDoS attacks. By leveraging the OCI API Gateway service, you can easily configure rate limiting rules to restrict the number of requests per second or per minute. This allows you to set appropriate thresholds and safeguard your web service from being overwhelmed by excessive requests. The API Gateway acts as a protective layer, filtering out malicious traffic and ensuring the smooth operation of your service. While options like OCI Virtual Cloud Network (VCN) segregation and third-party service integrations may contribute to overall security, they do not specifically address DDoS attacks as efficiently as rate limiting. VCN segregation focuses more on network segmentation and isolation, while third-party service integration may introduce additional dependencies and complexities.
Re-writing your web service and implementing rate limiting is a viable option, but it may not be feasible considering the time constraints mentioned. Leveraging the OCI API Gateway service provides a quicker and easier solution to implement DDoS attack mitigation through rate limiting.

NEW QUESTION # 55
You are instructed to automate manual tasks and help software teams manage complex environments at scale using the Oracle Cloud Infrastructure (OCI) services. Which THREE OCI services can be leveraged to securely store and version your application's source code, and automate the building, testing, and deployment of applications to the OCI platform? (Choose three.)

• A. Oracle Cloud Logging Analytics
• B. Oracle Cloud Infrastructure Registry
• C. Resource Manager
• D. Container Engine for Kubernetes
• E. Oracle APEX Application Development
• F. DevOps

Answer: B,D,F

Explanation:
Explanation
The three OCI services that can be leveraged to securely store and version your application's source code, and automate the building, testing, and deployment of applications to the OCI platform are: DevOps: OCI provides a comprehensive set of DevOps services, including Oracle Developer Cloud Service, which allows you to manage source code repositories, automate builds and testing, and streamline the deployment process.
Container Engine for Kubernetes: OCI's Container Engine for Kubernetes (OKE) enables you to deploy and manage containerized applications using Kubernetes. It provides a scalable and reliable platform for automating the deployment of your applications. Oracle Cloud Infrastructure Registry: OCI Registry is a fully managed, private container registry that allows you to securely store and manage Docker images. It integrates with other OCI services, such as Container Engine for Kubernetes, to facilitate seamless deployment and orchestration of containerized applications. These services combined provide the necessary tools and infrastructure to support continuous integration and continuous deployment (CI/CD) workflows, enabling efficient and automated application development and deployment processes in the Oracle Cloud Infrastructure environment.

NEW QUESTION # 56
You are a developing a microservices application that will be a consumer of the Oracle Cloud Infrastructure (OCI) Streaming service. Which API method should you use to read and process a stream?

• A. ProcessStream
• B. GetStream
• C. GetMessages
• D. ReadStream
• E. ReadMessages

Answer: C

Explanation:
The correct API method to read and process a stream in the Oracle Cloud Infrastructure (OCI) Streaming service is "GetMessages". When consuming messages from a stream in OCI Streaming, you use the "GetMessages" API method. This method allows you to retrieve a batch of messages from the stream for processing. You can specify parameters such as the number of messages to retrieve, the maximum size of the messages, and the timeout for the request. By using the "GetMessages" API method, you can retrieve messages from the stream and then process them in your microservices application. This allows you to consume and handle the data in real-time as it becomes available in the stream. The "GetMessages" method provides flexibility in how you consume and process the messages, enabling you to implement custom logic and workflows based on your specific application requirements.

NEW QUESTION # 57
When developing microservices, each one can be developed in the language of choice. Which term describes this type of development? (Choose the best answer.)

• A. Agile
• B. DevOps
• C. Distributed
• D. Polyglot

Answer: C

Explanation:
The term that describes developing microservices in different languages of choice is "Polyglot." In a polyglot architecture, each microservice is developed using the most appropriate programming language or technology stack for its specific requirements. This approach allows developers to leverage the strengths of different languages and frameworks, enabling them to use the most suitable tool for each microservice while still maintaining interoperability between services.

NEW QUESTION # 58
(CHK_4>2) Which TWO statements are NOT valid regarding the Oracle Cloud Infrastructure (OCI) Streaming service? (Choose two.)

• A. Although OCI Streaming automatically encrypts all data while in transit, it is the developer's responsibility to encrypt data at rest, if needed.
• B. A stream can be configured with either a public or a private endpoint with support for customer managed encryption keys.
• C. OCI Streaming can support up to 2,000 requests per second to each partition.
• D. The throughput of a stream is defined by a partition. A partition provides 1 MB/sec data input and 2 MB/sec data output.
• E. OCI Streaming stores all data for 24 hours by default, but that can be extended up to 7 days.B

Answer: B,C

Explanation:
The two statements that are NOT valid regarding the Oracle Cloud Infrastructure (OCI) Streaming service are: A stream can be configured with either a public or a private endpoint with support for customer managed encryption keys. This statement is not valid because the OCI Streaming service currently supports only private endpoints. Customer managed encryption keys are not currently supported for OCI Streaming. OCI Streaming can support up to 2,000 requests per second to each partition. This statement is not valid because the throughput of a stream is not defined by the partition in terms of requests per second. The throughput of a stream is defined in terms of data input and output rates. Each partition provides 1 MB/sec data input and 2 MB/sec data output, but it does not correspond to a specific number of requests per second. The other statements are valid: OCI Streaming stores all data for 24 hours by default, but that can be extended up to 7 days. Although OCI Streaming automatically encrypts all data while in transit, it is the developer's responsibility to encrypt data at rest, if needed.

NEW QUESTION # 59
A Docker image consists of one or more layers, each of which represents a Dockerfile instruction. The layers are stacked and each one is a delta of the changes from the previous layer. What permission is associated with these layers?

• A. write once
• B. read only
• C. movable
• D. read mostly
• E. write only

Answer: B

Explanation:
Explanation
The correct answer is: "read only." The layers of a Docker image are read-only. Once a layer is created, it cannot be modified. Each layer represents a Dockerfile instruction, and it is stacked on top of the previous layer, forming a stack of immutable layers. These layers are designed to be read-only to ensure consistency and integrity of the image. When a Docker image is built, each instruction in the Dockerfile creates a new layer. Each layer represents the changes made by that instruction relative to the previous layer. The layers are stacked on top of each other to form the complete image. This layer-based approach allows for efficient storage and distribution of Docker images. Because the layers are read-only, any changes or modifications to the image result in the creation of new layers rather than modifying the existing ones. This immutability ensures that each layer remains intact and preserves the integrity of the image. It also enables Docker's caching mechanism, where previously built layers can be reused if the corresponding instructions haven't changed, speeding up the image build process. The other options mentioned, such as "write only," "write once,"
"movable," and "read mostly," do not accurately describe the permission associated with Docker image layers.
Docker image layers are specifically designed to be read-only.

NEW QUESTION # 60
Which TWO are part of the Cloud Native Computing Foundation (CNCF) container runtime? (Choose two.)

• A. runc
• B. containerd
• C. getcd
• D. rkt-o

Answer: A,B

Explanation:
The two components that are part of the Cloud Native Computing Foundation (CNCF) container runtime are: containerd: containerd is an open-source container runtime that provides a runtime environment for containers, including managing container images, executing containers, and handling container lifecycle events. It is designed to be lightweight and extensible, providing the necessary functionality to run containers efficiently. runc: runc is a lightweight container runtime that serves as a reference implementation of the Open Container Initiative (OCI) runtime specification. It is responsible for launching and managing containers based on OCI specifications, including handling container isolation, namespaces, cgroups, and other low-level container operations. These two components, containerd and runc, are widely used in the container ecosystem and are part of the CNCF's efforts to promote and develop open-source technologies for cloud-native computing.

NEW QUESTION # 61
Which TWO statements are true for serverless computing and serverless architectures? (Choose two.)

• A. Serverless function execution is fully managed by third party.
• B. Long running tasks are perfectly suited for serverless.
• C. Application DevOps team is responsible for scaling.
• D. Applications running on a FaaS (Functions as a Service) platform.
• E. Serverless function state should never be stored externally.

Answer: A,D

Explanation:
Explanation
The two true statements for serverless computing and serverless architectures are: Applications running on a FaaS (Functions as a Service) platform: Serverless architectures typically involve running code in the form of functions on a serverless platform. These functions are event-driven and executed in response to specific triggers or events. Serverless function execution is fully managed by a third party: In serverless computing, the cloud provider takes care of the infrastructure management and resource provisioning. The execution of serverless functions is handled automatically by the platform, relieving developers from the responsibility of managing servers orinfrastructure. It's important to note that long running tasks are not typically suited for serverless architectures due to the event-driven nature of serverless functions. Also, while serverless functions may have state, it is recommended to avoid external storage dependencies and instead leverage stateless functions whenever possible. Additionally, scaling in serverless architectures is typically handled automatically by the platform, rather than being the responsibility of the application DevOps team.

NEW QUESTION # 62
Kubernetes includes various elements such as compute, network, and storage. Compute is essentially CPU (units) and memory (bytes). Within an OKE cluster, what is considered to be the smallest unit of deployment with respect to compute?

• A. Deployment resource
• B. Container
• C. Service
• D. Namespace
• E. Pod

Answer: E

Explanation:
A pod is the smallest and simplest unit in the Kubernetes object model that you create or deploy2. A pod represents a single instance of a running process in your cluster. Pods contain one or more containers, such as Docker containers. When you create a pod, you define how much CPU and memory (RAM) each container needs. A pod can also include storage volumes, IP addresses, options that govern how the container(s) should run, and more2. Pods are the basic building blocks of larger Kubernetes constructs such as deployments, replica sets, and services2.

NEW QUESTION # 63
To effectively test your cloud native applications for "unknown unknowns", you need to employ various testing and deployment strategies. Which strategy involves exposing new functionality or features to only a small set of users?

• A. Blue/Green Deployment
• B. A/B Testing
• C. Canary Deployment
• D. Component Testing

Answer: C

Explanation:
Explanation
The strategy that involves exposing new functionality or features to only a small set of users is called Canary Deployment. Canary deployment is a technique used in software development and deployment where a new version of an application or feature is released to a small subset of users or a specific group of servers. This allows for testing and gathering feedback on the new functionality in a controlled and limited environment before making it available to a wider audience. In a canary deployment, a small portion of the traffic is routed to the new version while the majority of the traffic still goes to the stable version. This allows for monitoring and evaluation of the new functionality in real-world conditions while minimizing the impact of any potential issues or bugs. If the new version performs well and meets the desired criteria, it can then be gradually rolled out to a larger user base or all servers. By exposing the new functionality or features to a small set of users initially, canary deployment helps in identifying any unforeseen issues, gathering feedback, and ensuring the stability and reliability of the application before a full deployment.

NEW QUESTION # 64
You are creating an API deployment in Oracle Cloud Infrastructure (OCI) API Gateway and you want to configure request policies to control access. Which is NOT available in OCI API Gateway?

• A. Limiting the number of requests sent to the backend services.
• B. Controlling access to the backend OCI resources.
• C. Enabling Cross-Origin Resource Sharing (CORS) support.
• D. Providing authentication and authorization.

Answer: B

Explanation:
Explanation
The correct answer is: Controlling access to the backend OCI resources. OCI API Gateway does not provide direct control over access to backend OCI resources. It primarily focuses on managing and securing access to APIs exposed through the gateway. The gateway acts as a front-end for APIs and provides features such as authentication, authorization, rate limiting, and CORS support. While you can configure authentication and authorization policies, limit the number of requests, and enable CORS support in OCI API Gateway, it does not directly control access to backend OCI resources. Access to backend resources is typically managed through other means, such as IAM policies, network security rules, or resource-specific access controls.

NEW QUESTION # 65
......

Pass Your Oracle Exam with 1z0-1084-23 Exam Dumps: https://www.actual4exams.com/1z0-1084-23-valid-dump.html