
[2025年03月] 確実合格する有効な方法Oracle試験問題集で1z0-1084-24試験学習ガイド
1z0-1084-24問題集とOracle Cloud Infrastructure 2024 Developer Professionalトレーニングコースでお客様の合格を楽にさせる学習合格試験問題!
質問 # 28
(CHK_4>2) Which TWO statements are NOT valid regarding the Oracle Cloud Infrastructure (OCI) Streaming service? (Choose two.)
- A. OCI Streaming can support up to 2,000 requests per second to each partition.
- B. Although OCI Streaming automatically encrypts all data while in transit, it is the developer's responsibility to encrypt data at rest, if needed.
- C. The throughput of a stream is defined by a partition. A partition provides 1 MB/sec data input and 2 MB
/sec data output. - D. A stream can be configured with either a public or a private endpoint with support for customer managed encryption keys.
- E. OCI Streaming stores all data for 24 hours by default, but that can be extended up to 7 days.B
正解:A、D
解説:
The two statements that are NOT valid regarding the Oracle Cloud Infrastructure (OCI) Streaming service are: A stream can be configured with either a public or a private endpoint with support for customer managed encryption keys. This statement is not valid because the OCI Streaming service currently supports only private endpoints. Customer managed encryption keys are not currently supported for OCI Streaming. OCI Streaming can support up to 2,000 requests per second to each partition. This statement is not valid because the throughput of a stream is not defined by the partition in terms of requests per second. The throughput of a stream is defined in terms of data input and output rates. Each partition provides 1 MB/sec data input and 2 MB/sec data output, but it does not correspond to a specific number of requests per second. The other statements are valid: OCI Streaming stores all data for 24 hours by default, but that can be extended up to 7 days. Although OCI Streaming automatically encrypts all data while in transit, it is the developer's responsibility to encrypt data at rest, if needed.
質問 # 29
Which two "Action Type" options are NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition? (Choose two.)
- A. Slack
- B. Notifications
- C. Streaming
- D. Functions
- E. Email
正解:A、E
解説:
The two "Action Type" options that are NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition are: Email (Correct) Slack (Correct) The available "Action Type" options in OCI Events rule definition include Functions, Notifications, and Streaming. However, email and Slack are not directly supported as action types in OCI Events. Instead, you can use Notifications to send notifications to various notification channels, including email and Slack, through the OCI Notifications service.
質問 # 30
A DevOps engineer is troubleshooting the Meshifyd application, which is running in an Oracle Cloud Infrastructure (OCI) environment. The engineer has set up the OCI Logging service to store access logs for the application but notices that the logs from the Meshifyd application are not showing up in the logging service. The engineer suspects that there might be an issue with the logging configuration. Which two statements are potential reasons for logs from the Meshifyd application not showing up in the OCI Logging service?
- A. The logconfig.json file has incorrect or missing information in the application namespace in the src field.
- B. The logconfig.json file has incorrect or missing OCID for the custom log in the logobjectId field.
- C. The logconfig.json file has incorrect or missing OCID for the custom log group in the logGroupObjectId field.
- D. The OCI Logging service is set up to pre access logs by creating a log group and custom log within the same compartment.
- E. The logconfig.json file has incorrect or missing information in the application namespace in the paths field.
正解:B、C
解説:
The logconfig.json file is a configuration file that specifies how the Unified Monitoring Agent collects and uploads custom logs to the OCI Logging service2. The logconfig.json file contains an array of objects, each representing a custom log configuration2. Each custom log configuration object has the following fields2:
* logGroupObjectId: The OCID of the log group where the custom log is stored.
* logObjectId: The OCID of the custom log.
* paths: An array of paths to files or directories containing the custom logs.
* src: A regular expression that matches the files containing the custom logs.
* parser: A parser definition that specifies how to parse the custom logs. If the logconfig.json file has incorrect or missing OCID for the custom log in the logobjectId field, or incorrect or missing OCID for the custom log group in the logGroupObjectId field, then the Unified Monitoring Agent will not be able to upload the custom logs to the OCI Logging service2. Therefore, these are potential reasons for logs from the Meshifyd application not showing up in the OCI Logging service. Verified References: Unified Monitoring Agent Configuration File
質問 # 31
Which command is used to get a Docker image from Oracle Cloud Infrastructure Registry (OCIR) to the client machine?
- A. docker pull <tenancy-namespace>/<region-key>.ocir.io/<repo-name>: <tag>
- B. docker pull <region-key>.ocir.io/<tenancy-namespace>/<repo-name>: <tag>
- C. docker fetch <region-key>.ocir.io/<tenancy-namespace>/<repo-name>:<tag>
- D. docker fetch <tenancy-namespace>/<region-key>.ocir.io/<repo-name>:<tag>
正解:B
解説:
To pull a Docker image from OCI Registry to the client machine, you need to use the docker pull command with the following syntax1: docker pull <region-key>.ocir.io/<tenancy-namespace>/<repo-name>:<tag> where:
* <region-key> is the key for the OCI Registry region you're using. For example, iad. See Availability by Region1.
* ocir.io is the OCI Registry name.
* <tenancy-namespace> is the auto-generated Object Storage namespace string of the tenancy that owns the repository from which you want to pull the image (as shown on the Tenancy Information page)1.
* <repo-name> is the name of the repository that contains the image you want to pull.
* <tag> is the tag of the image you want to pull.
質問 # 32
You plan to implement logging in your services that will run in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE). Which statement describes the appropriate logging approach?
- A. All services log to standard output only.
- B. All serviceAAs log to a shared log file.
- C. Each service logs to its own log file.
- D. All services log to an external logging system.
正解:A
質問 # 33
Your team has chosen to use master encryption key (MEK) within an Oracle Cloud Infrastructure (OCI) Vault for encrypting Kubernetes secrets associated with your microservice deployments in OCI Container Engine for Kubernetes (OKE) clusters so that you can easily manage key rotation. Which of the following is NOT valid about rotating keys in the OCI Vault service?
- A. Both software and HSM-protected MEKS can be rotated.
- B. Each key version is tracked internally with separate unique OCIDS.
- C. When you rotate an MEK, a new key version is automatically generated.
- D. Once rotated, older key versions can be used for encryption until they are deleted.
正解:D
解説:
The correct answer is: "Once rotated, older key versions can be used for encryption until they are deleted." The statement that is NOT valid about rotating keys in the OCI Vault service is: "Once rotated, older key versions can be used for encryption until they are deleted." In the OCI Vault service, when you rotate a master encryption key (MEK), a new key version is automatically generated. However, once a key is rotated and a new version is created, the older key versions are no longer usable for encryption. The purpose of key rotation is to ensure that the encryption keys are regularly updated and that older keys are no longer used to protect sensitive data. This enhances security by minimizing the impact of potential key compromises. The other statements mentioned are valid: Both software and hardware security module (HSM)-protected MEKs can be rotated. This provides flexibility in choosing the type of MEK and ensures that key rotation can be performed regardless of the encryption method used. Each key version is tracked internally with separate unique OCIDs (Oracle Cloud Identifiers). This allows for easy management and tracking of different key versions within the OCI Vault service. In summary, the statement that is NOT valid is the one suggesting that older key versions can still be used for encryption until they are deleted. Key rotation is designed to ensure the use of the latest key version and to retire older key versions to enhance security.
質問 # 34
Your team has been tasked with debugging a Cloud Native application developed using the following Oracle Cloud Infrastructure (OCI) services: Object Storage, Events, Functions, API Gateway, and Autonomous Database. Which of these is NOT a valid option for troubleshooting issues in OCI? (Choose the best answer.)
- A. View service metric information from the OCI Monitoring service.
- B. Leverage OCI Cloud Guard to extract and visualize the debug logs generated by your application.
- C. Use OCI Service Connector Hub to configure a service connector to automatically send logs to the OCI Logging Analytics service.
- D. Trace performance issues In the Application Performance Monitoring service by enabling Function traces.
- E. Configure the application to send logs to the OCI Logging service.
正解:D
解説:
To troubleshoot issues in OCI, the option that is not valid is: Trace performance issues in the Application Performance Monitoring service by enabling Function traces. While the Application Performance Monitoring service in OCI allows you to monitor and trace the performance of your applications, it is specifically designed for monitoring OCI Functions (serverless functions) and does not directly apply to all types of applications. The other options mentioned, such as configuring logs in the OCI Logging service, leveraging OCI Cloud Guard for debug logs, viewing service metrics in the OCI Monitoring service, and using OCI Service Connector Hub for log forwarding, are valid options for troubleshooting and monitoring applications in OCI.
質問 # 35
Oracle Functions monitors all deployed functions and collects and reports various metrics. Which is NOT available when viewing the Application metrics in the Oracle Cloud Infrastructure (OCI) Console?
- A. The length of time a function runs for.
- B. The number of requests to invoke a function that failed due to throttling.
- C. The number of requests to invoke a function that failed with an error response.
- D. The number of retries made by the function before failing due to an error.
正解:D
解説:
The option that is NOT available when viewing the Application metrics in the Oracle Cloud Infrastructure (OCI) Console is: "The number of retries made by the function before failing due to an error." When viewing the Application metrics in the OCI Console for Oracle Functions, you can typically see metrics related to the performance and usage of your functions. These metrics provide insights into how your functions are performing and being utilized. The following metrics are usually available: The number of requests to invoke a function that failed due to throttling: This metric indicates the number of requests that were not processed by the function due to reaching the configured concurrency limit or throttling settings. The length of time a function runs for: This metric represents the duration of each function invocation, measuring the time it takes for the function to complete its execution. The number of requests to invoke a function that failed with an error response: This metric counts the number of requests that encountered an error during the function invocation, resulting in a failed response. However, the number of retries made by the function before failing due to an error is not typically available as part of the Application metrics in the OCI Console. The retries made by the function are usually handled at the invoker level, and the specific details of retries may not be captured as part of the application-level metrics. It's important to note that the availability of metrics and their specific details may vary depending on the version and configuration of Oracle Functions and the monitoring setup. It is recommended to refer to the Oracle Functions documentation and consult the official documentation for accurate and up-to-date information on available metrics.
質問 # 36
What is the open source engine for Oracle Functions?
- A. Knative
- B. Apache OpenWhisk
- C. OpenFaas
- D. Fn Project
正解:D
解説:
The Fn Project is an open source serverless computing platform that serves as the engine for Oracle Functions. It provides a runtime environment for executing functions in a serverless architecture. The Fn Project enables developers to build and deploy functions using different programming languages, including Java, Python, Node.js, and more. The Fn Project is designed to be flexible and extensible, allowing developers to define functions as small units of code and execute them in response to events or triggers. It supports event- driven execution, allowing functions to be triggered by various events such as HTTP requests, messages from messaging systems, or changes in data. Oracle Functions leverages the Fn Project as its underlying engine, providing a managed serverless platform within the Oracle Cloud Infrastructure. It allows developers to easily develop, deploy, and manage functions using the familiar Fn Project framework and tooling. With Oracle Functions, developers can focus on writing their function code while leaving the infrastructure management, scaling, and operational tasks to the platform.
質問 # 37
With the volume of communication that can happen between different components in cloud-native applications, it is vital to not only test functionality, but also service resiliency. Which statement is true regarding service resiliency?
- A. Resiliency is about not bringing a service to a functioning state after a failure.
- B. Resiliency testing can be done only in a test environment.
- C. Resiliency is about recovering from failures without downtime or data loss.
- D. Resiliency is about avoiding failures.
正解:C
解説:
The correct answer is: "Resiliency is about recovering from failures without downtime or data loss." Service resiliency, in the context of cloud-native applications, is the ability of a service or system to recover from failures and continue functioning without downtime or data loss. It involves designing and implementing mechanisms to handle failures, such as network outages, hardware failures, or software errors, in a way that minimizes the impact on the overall system. The goal of resiliency is to ensure that the application or service can continue to operate and provide a certain level of functionality, even in the face of failures. This typically involves techniques such as redundancy, fault tolerance, and graceful degradation. By implementing resiliency measures, a cloud-native application can recover and adapt to failures, maintain availability, and preserve data integrity. The other statements are not accurate regarding service resiliency: Resiliency is not about not bringing a service to a functioning state after a failure. Instead, it is about recovering from failures and ensuring continued functionality. Resiliency is not about avoiding failures entirely. While it is desirable to prevent failures, resiliency focuses on the ability to handle and recover from failures when they do occur.
Resiliency testing is not limited to a test environment. It is important to test and validate the resiliency measures in both test environments and production environments to ensure the application can effectively handle failures in real-world scenarios.
質問 # 38
In the shared responsibility model, who should perform patching, upgrading, and maintaining of the worker nodes in provisioned Oracle Container Engine for Kubernetes (OKE) clusters?
- A. Oracle Support does it.
- B. It is an automated process.
- C. It is the responsibility of the customer.
正解:C
解説:
In the shared responsibility model, Oracle is responsible for securing the underlying cloud infrastructure and platform services, while customers are responsible for securing their data and applications within the cloud4. For provisioned OKE clusters, Oracle manages the control plane (master nodes) of the Kubernetes cluster, while customers manage the data plane (worker nodes) of the cluster5. Therefore, it is the responsibility of the customer to perform patching, upgrading, and maintaining of the worker nodes in provisioned OKE clusters5. Customers can use tools such as Terraform or kubectl to automate these tasks5.
質問 # 39
As a developer, you have been tasked with implementing a microservices-based application. Which THREE technologies are best suited to accomplish the task? (Choose three.)
- A. Terraform
- B. Kubemetes
- C. Big Data
- D. Service Mesh
- E. Docker
- F. Anomaly Detection
正解:B、D、E
解説:
The three technologies best suited for implementing a microservices-based application are: Service Mesh: A service mesh is a dedicated infrastructure layer that provides features like service discovery, load balancing, encryption, authentication, and observability for microservices. It helps in managing the communication and interactions between microservices in a scalable and secure manner. Kubernetes: Kubernetes is an open- source container orchestration platform that enables the deployment, scaling, and management of containerized applications. It provides features like automated scaling, service discovery, load balancing, and self-healing capabilities, which are essential for managing microservices in a distributed environment.
Docker: Docker is a popular containerization platform that allows packaging applications and their dependencies into lightweight containers. It provides a consistent and portable environment for running microservices, enabling easy deployment and scalability. Docker also facilitates isolation and resource efficiency, making it an ideal choice for deploying microservices. While Big Data, Anomaly Detection, and Terraform are valuable technologies, they are not specifically focused on enabling the implementation of microservices-based applications.
質問 # 40
You developed a microservices-based application that runs in an Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) cluster. It has multiple endpoints that need to be exposed to the public internet.
What is the most cost-effective way to expose multiple application endpoints without adding unnecessary complexity to the application?
- A. Deploy an Ingress Controller and use it to expose each endpoint with its own routing endpoint.
- B. Use a NodePort service type in Kubernetes for each of your service endpoints using the node's public IP address to access the applications.
- C. Use a ClusterIP service type in Kubernetes for each of your service endpoints using a load balancer to expose the endpoints.
- D. Create a separate load balancer instance for each service using the lowest 100 Mbps option.
正解:A
解説:
An Ingress Controller is a Kubernetes resource that provides advanced routing and load balancing for your applications running on a Kubernetes cluster1. An Ingress Controller allows you to define rules that specify how to route traffic to different services in your cluster based on the host name or path of the incoming request1. By deploying an Ingress Controller and using it to expose multiple application endpoints, you can achieve the following benefits1:
* Cost-effectiveness: You only need to create one load balancer instance per cluster, instead of one per service, which reduces the cost of exposing your applications.
* Simplicity: You only need to manage one set of routing rules for all your services, instead of configuring each service separately, which simplifies the application deployment and maintenance.
* Flexibility: You can use different types of Ingress Controllers, such as NGINX or Traefik, that offer various features and customization options for your routing needs.
質問 # 41
A developer using Oracle Cloud Infrastructure (OCI) API Gateway needs to authenticate the API requests to their web application. The authentication process must be implemented using a custom scheme which accepts string-based parameters from the API caller. Which approach should the developer use in this scenario?
- A. Create an authorizer function using OCI Identity and Access Management 91AM) based authentication.
- B. Create a cross account functions authorizer.
- C. Create an authorizer function using request header authorization.
- D. Create an authorizer function using token-based authorization.
正解:D
解説:
In the given scenario, the developer should use the approach of creating an authorizer function using token- based authorization. Token-based authorization is a commonly used approach for authenticating API requests.
It involves generating and issuing tokens to API callers, which they can then include in the requests they make to the API. The tokens serve as proof of authentication and are validated by the server to ensure the caller's identity and access rights. By creating an authorizer function using token-based authorization, the developer can implement a custom scheme that accepts string-based parameters from the API caller. This allows the developer to define their own authentication logic and validate the provided tokens according to their requirements. The authorizer function can be configured in the OCI API Gateway to be invoked before forwarding the request to the web application. It will perform the necessary token validation and authentication checks, allowing only authorized requests to access the protected resources of the web application.
質問 # 42
Which of these is NOT a valid authentication method for accessing an OCI API Gateway deployment?
- A. API Key
- B. HTTP Basic
- C. OAuth
- D. SAML Token
正解:D
解説:
OCI API Gateway supports the following authentication methods for accessing an API deployment3:
* HTTP Basic: The client sends a username and password with each request. The credentials are validated against a user database in Oracle Identity Cloud Service (IDCS).
* API Key: The client sends an API key with each request. The API key is validated against a list of keys stored in IDCS or OCI Vault.
* OAuth: The client obtains an access token from an authorization server (such as IDCS) and sends it with each request. The access token is validated against the authorization server and optionally checked for required scopes.
* JWT Token: The client obtains a JSON Web Token (JWT) from an identity provider (such as IDCS or OCI IAM) and sends it with each request. The JWT is validated against the identity provider's public key and optionally checked for required claims. SAML Token is not a valid authentication method for accessing an OCI API Gateway deployment. SAML is an XML-based standard for exchanging authentication and authorization data between different parties, such as a service provider and an identity provider4. SAML tokens are typically used for web browser single sign-on (SSO) scenarios, not for API access4.
質問 # 43
Which of these is a valid use case for OCI Queue?
- A. Managing network traffic between services
- B. Sending real-time streaming data
- C. Storing and retrieving large files
- D. Building decoupled and scalable systems
正解:D
解説:
OCI Queue is a fully managed serverless service that helps decouple systems and enable asynchronous operations2. Queue handles high-volume transactional data that requires independently processed messages without loss or duplication2. A valid use case for OCI Queue is building decoupled and scalable systems, such as event-driven architectures or microservices-based applications2. For example, you can use Queue to decouple your application and build an event-driven architecture. Decoupling ensures that individual application components can scale independently and that you can future-proof your design so that as new application components are built, they can publish or subscribe to the queue2.
質問 # 44
How are cloud native application versions deployed to an OKE cluster when using a blue/green deployment strategy?
- A. Current applications are slowly replaced with new application versions.
- B. Both old and new application versions are deployed to production at the same time.
- C. New application versions are deployed in minor increments to a select group of people.
正解:B
解説:
Blue/Green deployment strategy allows releasing a new version of an application using two identical environments where one of them is active at a given time. The current version of the application is provisioned on the active environment, whereas the new version gets deployed to the standby environment1. The traffic is shifted from the active to the standby environment by updating the ingress resource2. Therefore, both old and new application versions are deployed to production at the same time, but only one of them receives the traffic. Verified References: Announcing new deployment strategies for OCI DevOps Service, Blue-Green OKE Deployment
質問 # 45
A developer has created another version of a microservice and wants 10% of the traffic to flow towards it for testing purposes. The application is already configured using OCI (Oracle Cloud Infrastructure) Service Mesh. Which of the following steps is the right approach to achieve this goal?
- A. Use Kubernetes HPA (Horizontal Pod Autoscaler) to scale the new version of the microservice to handle 10% of the traffic automatically.
- B. Create a new entry in the routeRules field of the ingress gateway route table manifest to configure traffic splitting between the old and new versions of the microservice and set the percentage to 10%.
- C. Create a new Kubernetes deployment for the new version of the microservice and set the traffic splitting percentage to 10% in the Kubernetes service manifest.
- D. Create a new entry in the routeRules field of the virtual service route table manifest to configure traffic splitting between the old and new versions of the microservice and set the percentage to 10%.
正解:D
質問 # 46
Which concept in OCI Queue is responsible for hiding a message from other consumers for a predefined amount of time after it has been delivered to a consumer?
- A. Maximum retention period
- B. Visibility timeout
- C. Polling timeout
- D. Delivery count
正解:B
解説:
Visibility timeout is the concept in OCI Queue that is responsible for hiding a message from other consumers for a predefined amount of time after it has been delivered to a consumer1. The visibility timeout can be set at the queue level when creating a queue, or it can be specified when consuming or updating messages1. If a consumer is having difficulty successfully processing a message, it can update the message to extend its invisibility1. If a message's visibility timeout is not extended, and the consumer does not delete the message, it returns to the queue1. Verified References: Overview of Queue
質問 # 47
What is the difference between continuous delivery and continuous deployment in the DevOps methodology?
(Choose the best answer.)
- A. Continuous delivery involves automation of developer tasks, whereas continuous deployment involves manual operational tasks.
- B. Continuous delivery utilizes automatic deployment to a development environment, whereas continuous deployment involves automatic deployment to a production environment.
- C. Continuous delivery requires automatic linting, whereas continuous deployment testing must be run manually.
- D. Continuous delivery is a process that Initiates deployment manually, whereas continuous deployment is based on automating the deployment process.
正解:B
解説:
The two correct differences between continuous delivery and continuous deployment in the DevOps lifecycle are: Continuous delivery is a process that initiates deployment manually, while continuous deployment is based on automating the deployment process. In continuous delivery, the software is ready for deployment, but the decision to deploy is made manually by a human. On the other hand, continuous deployment automates the deployment process, and once the software passes all the necessary tests and quality checks, it is automatically deployed without human intervention. Continuous delivery utilizes automatic deployment to a development environment, while continuous deployment involves automatic deployment to a production environment. In continuous delivery, the software is automatically deployed to a development or staging environment for further testing and validation. However, the actual deployment to the production environment is performed manually. In continuous deployment, the software is automatically deployed to the production environment, eliminating the need for manual intervention in the deployment process. These differences highlight the level of automation and human involvement in the deployment process between continuous delivery and continuous deployment approaches in the DevOps lifecycle.
質問 # 48
You developed a microservices-based application that runs in an Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) cluster. Your security team wants to use SSL termination for this application.
What should you do to create a secure SSL termination for this application using the fewest steps possible?
- A. Generate a self-signed certificate using Let's Encrypt. Use that certificate on OCI Load Balancer. Create the Kubernetes service using this load balancer.
- B. Create a self-signed certificate and its corresponding key. Create a Kubernetes secret using the certificate and the key. Then add these annotations to the Kubernetes service: annotations: service.beta.
kubernetes.io/oci-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load-balancer-tls-secret:
ssl certificate-secret - C. Create a self-signed certificate and its corresponding key. Create a Kubernetes secret using the certificate and the key. Then add these annotations to the Kubernetes service: annotations: service.beta.
kubernetes.io/oci-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load-balancer-security- list management-mode: "Frontend" - D. Add these annotations to the kubernetes service: annotations: service.beta.kubernetes.io/oci-load- balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load-balancer-ssl-secret-key: ssl secret-key
正解:B
解説:
The correct answer is: "Create a self-signed certificate and its corresponding key. Create a Kubernetes secret using the certificate and the key. Then add these annotations to the Kubernetes service: annotations: service.
beta.kubernetes.io/oci-load-balancer-ssl-ports: '443' service.beta.kubernetes.io/oci-load-balancer-tls-secret: ssl certificate-secret." To create a secure SSL termination for your microservices-based application running in an OCI Container Engine for Kubernetes (OKE) cluster, you can follow these steps: Create a self-signed certificate and its corresponding key: Generate a self-signed SSL certificate and its private key using a tool like OpenSSL. Create a Kubernetes secret: Create a Kubernetes secret using the certificate and key obtained in the previous step. This secret will securely store the certificate and key within the Kubernetes cluster. Add annotations to the Kubernetes service: Modify the Kubernetes service that exposes your application and add the following annotations to enable SSL termination: annotations: service.beta.kubernetes.io/oci-load- balancer-ssl-ports: '443' (specify the SSL port as 443) annotations: service.beta.kubernetes.io/oci-load- balancer-tls-secret: ssl certificate-secret (specify the name of the Kubernetes secret containing the certificate and key) By following these steps, you can create a secure SSL termination for your application using a self- signed certificate and Kubernetes secret. The annotations added to the Kubernetes service ensure that the SSL port is configured correctly and the TLS secret is utilized for SSL termination when traffic reaches the load balancer. The other options provided are not the most suitable approaches for achieving secure SSL termination in an OCI Container Engine for Kubernetes (OKE) cluster: Adding annotations related to the OCI load balancer SSL secret key is not the correct approach for SSL termination in this scenario. Using Let's Encrypt to generate a self-signed certificate and configuring it on the OCI Load Balancer is not necessary when you can create and manage the SSL certificate within the Kubernetes cluster using a Kubernetes secret.
質問 # 49
A company is developing a new application that needs to process transactions in real time. The company wants to ensure that all transactions are processed in order and that no transaction is lost. Which of these is a correct strategy for leveraging OCI Queue in this scenario?
- A. Use a single queue to process all transactions.
- B. Use a priority queue to prioritize requests.
- C. Use a separate queue for each application instance.
- D. Use a separate queue for each type of transaction.
正解:A
解説:
OCI Queue is a service for enabling asynchronous (decoupled) communication in a serverless manner3. Queue handles high-volume transactional data that requires independent processing without loss or duplication3. Queue supports ordering of messages within a queue by using the FIFO (first-in-first-out) delivery option3. Therefore, using a single queue to process all transactions ensures that all transactions are processed in order and that no transaction is lost. Verified References: Overview of Queue
質問 # 50
......
Oracle 1z0-1084-24 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
リアル試験問題と解答Oracle 1z0-1084-24問題集はここに:https://drive.google.com/open?id=1kyfzLCMTfihFiONePEtAdhDJ2H6YYSQ8
最新 [2025年03月] 効果的な学習法で試験合格できる1z0-1084-24:https://www.jpntest.com/shiken/1z0-1084-24-mondaishu