1. Observability helps understand system behavior, but it has limitations.

Which
of the following tasks cannot be accomplished solely through observability?
A. Identifying resource consumption
B. Optimizing resource utilization
C. Identifying infrastructure bottlenecks
D. Automating software deployments

ANS D

2. The DevOps team wants to validate the new version's performance and
stability before exposing it to the entire user base. The Team is adopting the
Canary Deployment strategy to roll out a new version of their application in a
production environment. They aim to minimize the impact of any potential issues
befime fully deploying the new version.
Which stage in the OCI DevOps service allows the team to gradually divert a
portion of the production traffic to the canary environment?
A. Invoke function stage
B. Manual approval stage
C. Load distribution stage
D. Shift traffic stage

ANS D

3. Your team is responsible for deploying a new version of an application that is

being used by your company's finance department. The application is critical to
the department's operations, and any downtime could have serious
consequences.
What is the recommended approach in OCI for creating environments for this
scenario?
A)Use a single Kubernetes cluster with two node pools, one for the blue-green
environment and one for the canary environment.
B)Use a single OCI region and create two separate Virtual Cloud Network
(VCNs), one for the blue environment and one for the green environment.
C) Deploy the application to two separate OCI tenancies to ensure complete
isolation between environments.
D)Configure two OKE clusters, selecting the blue-green traffic shift strategy using
a load balancer.
ANS D

4) As a developer working on software project to be deployed on OKE, you have

created a Helm chart for your application. You want to deploy the chart using OCI
DevOps service.
Which statement is true about deploying a Helm Chart using OCI DevOps
service?
A)Oracle Cloud Infrastructure (OCI) DevOps service supports deployment of
Helm charts to Container Instances.
B)The Helm chart must be located in the OCI Container Registry repository for
deployment.
C)A single chart can be installed only once into the same cluster, and create
single release.
D)The values.yaml file is a generic file located in the OCI Container Registry. You
must create a reference to this file.

ANS D

5)You are a DevOps engineer responsible for managing the deployment pipeline
of your organization's application hosted on Oracle Cloud Infrastructure (OCH
The pipeline is failing, and you need to troubleshoot the issue to identify the
potential cause and fix it. You need the following information to investigate
further:
Time spent for each deployment
Number of times a deployment has failed
Which OCI service can provide you with the necessary information to identify the
potential issue and help in debugging the same?
A. OCI Monitoring service
B. OCI Data Science service
C. OCI DevOps Agent
D. OCI Event service

ANS A

6)You're working with Docker images and containers, and you need to get rid of
an image that's no longer needed. However, when you use the command to
remove the image, you get the following error:
#docker rmi d123f4e55e12
Firror response from daemon: conflict: unable to delete d123f4e55e12 (cannot be
found) - image us being
used by running container of 262bd1285
Which steps would you take to delete the specified image?
A. To determine which container is using the image, use the 'docker ps a
command. Stop the running container with the command 'docider stop
d123f4e55e12', delete it with 'docker rm 0f1262bd1285", and delete the docker
image with the command 'docker rmi 0f1262bd1285".
B. To determine which container is using the image, use the 'docker ps -a
command. To delete the container, use the 'docker rm 0f1262bd1285' command
to delete the docker image, use the 'docker rmi d123f4e55e12' command.
C. To determine which container is using the image, use the 'docker ps a
command. Stop the running container with the command "docker ston
Ofl262bd1285", delete it with 'docker rm '0f1262bd1285', and delete the docker
image with docker rmi d123f4e55e12"
D. To determine which container is using the image, use the 'docker ps-a'
command. Kill the running container with 'docker Kill of1262bd1285, delete it with
*docker mc 011262hd1285", and delete the docker image with 'docker rmi
d123f4e55e12'.

ANS C
7)Which of the following external repositories requires an HTTP access token
instead of a personal access token (PAT) to create a connection in the OC!
Chat Replay is disabled for this Premiere.
All
DevOps project service?
A. GitLabSaaS
B. Bitbucket Server
C. Gitlab Server
D. GitHub Enterprise Cloud

ANS D

8)Your application development tearn has an existing GitHub repository for their
code. You would like to mirror it on Oracle Cloud Infrastructure (OCT) to order
to deploy an application to an Oracle Container Engine for Kubernetes (OKE)
environment using the OCI DevOps service
Which action can be done AFTER you trigger a Build Pipeline?
A. Create a reference to a secret in the OCI Vault.
B. Apply a manifest to the Kubernetes cluster using the deployment pipeline.
C. Configure the SSH file so that their SSH key is used when connecting to OCI
code Repositories.
D. Configure an OCCI compartment for string DevOps resources.

ANS B

9)Your team is working on a project to deploy a microservice-based application

on a cloud platform using Terraform. Each microservice has specific
configurations and dependencies, and you want to ensure modularity, reusability,
and consistency across deployments.
Which Terraform features would you use to achieve these objectives efficiently?
A. Terrform Modules
B. Terrform Provides
C. Terrform Variables
D. Terrform Workspaces

ANS A

10) Your organization is planning to adopt Infrastructure as Code (laC) principles

to manage its cloud infrastructure efficiently. As part of the tranting program, the
team is discussing the concept of Infrastructure as Code and Terraform.
Which of the following statements best describes Infrastructure as Code (laC)
and
Terraform?
A. Infrastructure as Code (laC) refers to manually configuring infrastructure
components, while Terraform is a version control system for managing
infrastructure code.
B. Infrastructure as Code (laC) involves managing infrastructure using graphical
user interfaces, and Terraform is a scripting language used for this purpose
C. Infrastructure as Code (laC) is a concept used only in traditional IT
environments, and Terraform is a proprietary cloud platform for managing
infrastructure
D. Infrastructure as Code (laC) is a software engineering approach in which
infrastructure is managed using code, and Terraform is a configuration
management tool widely used for this purpose.

ANS D

11)As a Site Reliability Engineer (SRE) at a fast-growing startup, you are

responsible for monitoring the performance of the company's cloud nahve
applications hosted on Oracle Cloud Infrastructure (OCI). One of your major
concerns is identifying and troubleshooting application bottlenecks qurity to
ensure optimal performance for end users.
Which group of OCI services can you leverage to get real-time application
insights and troubleshoot performance issues effectively?
A. Oracle Container Engine for Kubernetes (OKE), Instance Group, and
Functions
B. OCI Logging, Monitoring, and Events
C. OCI Service Connector Hub, Events, and Application Performance
Management
D. OCI Resource Manager, Logging, and Cloud Guard

ANS C

12) Your customer has deployed their microservices based application on Oracle
Container Engine for Kubernetes (OKE) and they are using Oracle Cloud
Infrastructure Registry (OCIR) service as their Docker image repository. They
have deployed the OKE cluster using the 'custom create" option, and their Virtual
Cloud Network (VCN) has three public subnets with associated route tables,
security lists, and an internet gateway. They are facing an issue where their
application containers are failing to deploy. Upon investigation, they learn that the
images are not getting pulled from the designated OCIR repository. The YAML
configuration has the correct path to the images.
What is a valid concern that needs to be further investigated?
A. They need to add IAM credentials for each user that deploys applications to
the OKE cluster.
B. The VCN hosting the OKE cluster worker nodes needs to have a NAT gateway
to access OCIR repositories.
C. The OKE cluster needs to have a secret with credentials of their OCIR
repository and use that secret in the Kubernetes deployment manifest.
D. They need to add a security list rule for TCP port 22 to connect to the OCIR
service.

ANS C
13) You are tasked with creating and managing a microservices-based
application using Oracle Cloud Infrastructure Registry (OCIR).
Chat Replay is disabled for this Premiere.
All
Which statement accurately describe OCIR capabilities?
From your search
From the series
Fro
>
A. In each region that is enabled for your tenancy, you are charged for stored
images as well as managed OCIR services.
B. Container Registry cannot be used as a public docker registry, restricting its
usage only within the Oracle network.
Quit DevOps NOW
Jensen Huang
DON'T Become a DevOps Engineer - Do THIS Instead
Tech With Soleyman
26K views 11 days ago
C. OCIR is restricted to specific OCI regions, limiting its availability for global
deployment scenarios.
D. You can create up to 500 repositories in Oracle Cloud Infrastructure Registry,
consuming a maximum of 500 GB in total, in every enabled region of your
tenancy.

ANS D

14) You are a developer and have been asked to develop an e-commerce
website for your organization. It must support a variety of clients including
desktop browsers, mobile browsers and native mobile applications.
Which two approaches can you use to build the application to achieve
deployment independence, easier technology upgrades, and resiliency to
architecture changes?
A. Use monolithic approach to as it makes it easier to incrementally adapt to
newer technology.
B. User microservices architecture as it eliminates any long-term commitment to
a technology stack.
C. Choose monolithic approach over microservices as it has better fault isolation
capability.
D. User monolithic approach, as it allows you to easily redeploy your applications
to perform frequent updates,
E. Implement each module as an independent service/process which can be
replaced, updated, or deleted without disrupting the rest of the application.

ANS B,E

15)As an engineer working on containerizing your application on the OCI

platform, which of the following statement is true about OCI container instance
A. You can configure the number of resources that the container consumes in
absolutes or percentages.
B. The amount of time the container instance waits for the OS to shut down
before powering off is managed internally.
C. Be default, the container can use only 50% of resources in the container
instance.
D. The image resource for a container instance can only be selected from Oracle
Cloud Infrastructure Registry (also known as Container Registry), which(correct
answer + overall explanation)?

ANS A

16) A software development team is working on a prototype using Node.js and

MongoDB as their programming language and database, respectively.
They need to develop and test isolated web applications or RESTful APIs. They
are looking for a simple, quick, and secure way to run containers without
managing any servers.
Which OCI service is best suited for this use case?
A. Container Instances
B. OCI DevOps Project
C. OCI Functions
D. Compute Instances

ANS A

17) What is a prerequisite for creating a secret in the Oracle Cloud Infrastructure
Vault service?
A. The user must create a compute instance to run the secret service.
B. You must first create a hash digest of the secret value.
C. You must have an auth token to encrypt the secret.
D. You must have a Vault-managed key to encrypt the secret.

ANS D

18)Which OCI DevOps project resource is responsible for defining the stages for
compiling, testing, and running software applications before deployment?
A. Deployment pipelines
B. Development pipelines
C. Integration pipelines
D. Build pipelines

ANS D

19)As a cloud engineer, you are responsible for managing a Kubernetes cluster
on the Oracle Cloud Infrastructure (OCI) platform for your organization. You are
looking for ways to ensure reliable operations of Kubernetes at scale while
minimizing the operational overhead of managing the worker node infrastructure,
Which cluster option is the best fit for your requirements?
A. Using OCI OKE virtual nodes to eliminate worker node infrastructure
management
B. Using OCI OKE managed nodes with cluster autoscalers to eliminate worker
node infrastructure management
C. Using Kubernetes cluster add-ons on automate worker node management
D. Creating and managing worker nodes using OCI compute instances

ANS A
20) You as a DevOps Engineer are tasked to manage an application to be
deployed in Oracle Cloud Infrastructure Container Engine for Kubernetes (OKP)
This requires pulling Images from Oracle Cloud Infrastructure Registry (OCIR)
during deployment.
Which three statements are true?
A. Use kubectl to create a Docker registry secret.
B. Add a containers section that specifies the name and location of the images
you want to pull form OCIR, along with other deployment details.
C. Add an Auth section to the manifest file that specifies the name of the Docker
secret you crate using Auth Token to access OCIR.
D. Add an imagePullSecrets section to the manifest file that specifies the name
of the Docker secret you created to access OCIR.
E. Add a snapshot section that specifies the name and location of the images
you want to pull from OCIR, along with other deployment details.

ANS A,B,D

21) Which command creates the docker registry secret required in the application
manifests for OKE to pull images from Oracle Cloud Infrastructure Registry?
a) kubectl create secret docker-registry <secret-name> docker-server
<region-key>.ocir.io-docker-username <oci-username>-docker-password-Coci
auth-token-docker-email-<email-address>
b)kubectl create secret docker-registry
<secret-name>--docker-server-<region-key>.ocir.io -docker-username
<tenancy-namespace>/<oci-username>
docker-password-<oci0auth-token>'--docker-email<email-address>
c)kubectl create passwd docker-registry
<secret-name>--docker-server-<region-key> ocir.io-docker-username
<oci-username>-docker-password coc auth-token>
docker-email<email-address>
d)kubectl create passwd docker-registry
<secret-name>--docker-server-region-key>.ocir.io --docker-username
<tenancy-namesspace>/<oci-username
docker-password="<oci-auth-token>*--docker-email=<email-address>

ANS B
22)XYZ. Inc. is using Oracle Cloud Infrastructure (OCI) DevOps Project to deploy
their e-commerce application to production. They recently received a customer
request to add a new feature to the application, which requires modification of the
existing code.
How can XYZ Inc. use OCI services to automatically push the modified code
changes to the production?
A. Use OCI Ansible modules to automate deployment of the new changes to the
production environment.
B. Use the OCI Resource Manger to automatically apply the changes to the
production environment after successful testing.
C. Manual builds can be run from the OCI DevOps Build Pipelines to deploy the
changes.
D. Use the OCI DevOps Trigger feature to automate build and deployment on
every code commit.

ANS D

23) A DevOps engineer is asked to access an Oracle Cloud Infrastructure

Container Engine for Kubernetes (OKE) cluster to deploy new applications and
manage existing ones.
Which two statements are true?
A. The only available option when a cluster's Kubernetes API endpoint has a
public IP address is to control the cluster locally using kubectl and the
Kulsernetes Dashboard
B. Generating an API singing key pair is not required while setting up cluster
access using local machine if the public key is not already uploaded in the
console.
C. To access the cluster using kubectl, you have to set up a Kubernetes manifest
file for the cluster. The kubeconfig file by default is named config and stored the
SHOME/.manifest directory.
D. When a cluster's Kubernetes API endpoint has a public IP address, you can
access the cluster in Cloud Shell by setting up a kubeconfig file

ANS D

24)An operations team wants to leverage and advanced features of Container

Engine for Kubernetes (OKE) and requires granular control over eluster add-ons,
workload identity, an improved worker node management. They also prioritize
security measures and require a financially-backend service level agreement
(SLA) for Kubernetes API server uptime.
Which type of cluster should they choose to meet their requirements?
A. Federated clusters
B. Virtual clusters
C. Enhanced clusters
D. Specialized clusters

ANS C

25) As a DevOps engineer at XYZ Corp, you have been assigned the task of
setting up a new OKE (Oracle Kubernetes Engine) cluster to manage the
organization's Kubernetes applications hosted on Oracle Cloud Infrastructure
(OCI). Your goal is to ensure a smooth and efficient process while preparing foe
the cluster creation.
Which of the following statements is false regarding the preparation process for
setting up a new OKE cluster?
A. Container Engine for Kubernetes cannot utilize existing network resources for
the creation of the new cluster
B. Container Engine for Kubernetes automatically creates and configures new
network resources for the new cluster.
C. It is necessary to ensure sufficient quota on different resource types in your
OCI tenancy for the cluster setup.
D. Access to an Oracle Cloud Infrastructure tenancy is required to set up the new
OKE cluster.

ANS A

26) Examine this partial Python code which executes successfully.

Which type of cluster can self-managed nodes be added to in OCI Container
Engine for Kubernetes (OKE)?
A. Virtual clusters
B. Managed clusters
C. Basic clusters
D. Enhanced clusters
ANS D
27) A company uses OCI Resource Manager to manage their infrastructure as
code. They need to check if their current infrastructure matches the configuration
in their stack.
Which feature helps identify differences between the actual state and the last
executed stack?
A. Drift Detection
B. Resource Discovery
C. Stack Monitoring
D. Configuration Compliance

ANS A

28) You have been asked to provision a new production environment on Oracle
Cloud Infrastructure (OCT). After working with the solution architect you decide
that you are going to automate this process.
Which OCI service can help automate the provisioning of this new environment?
A. OCI Streaming Service
B. Oracle Functions
C. OCI Resource Manager
D. Oracle Container Engine for Kubernetes

ANS C

29) You host your application on a stack in Oracle Cloud Infrastructure (OCI)
Resource Manager. Because of recent growth in your user base, you decide to
aidd
a CIDR block to your VCN, add a subnet, and provision a compute instance in it.
Which statement is true?
A. You need to provision the new resources in the OCI console first, then add
them later to the Terraform configuration and state.
B. You need to provision a new stack because Terraform uses immutable
infrastructure.
C. You can make the changes to the Terraform code, run an Apply job, and
Resource Manager will provision the new resources.
D. You can make the changes to the Terraform code, run a Drift Detection job,
and Resource Manager will provision the new resources.
ANS C
30) As a DevOps engineer working with OCI DevOps, you are managing artifacts
for a microservices application. Based on your understanding of working wh
DevOps projects and artifacts, which statements is true?
A. In the build pipeline, to store the Managed Build stage outputArtifacts, you
need an OCI Object storage.
B. It is recommended to make artifacts immutable to prevent any modifications
after they are uploaded.
C. One created, the artifact's name, type, and source cannot be modified.
D. Artifacts can be used directly by OCI DevOps without the need for them to be
located or mirrored in an OCT Artifact or Container registry.

ANS B

31) Which is a proper rule to follow when creating container repositories inside
the Oracle Cloud Infrastructure (OCT) Registry?
A. Each image should have a separate container repository, but multiple versions
of the same image can be stored in one repository.
B. When naming a container repository, you may use capital letters but not
hyphens. For example, you may use BGdevopssrorefront, but not ghdevops
storefront.
C. When creating a container repository, check Immutable Artifacts box, as it
keeps other developers from altering the files.
D. Vulnerability scanning is enabled for all repositories by default, so no explicit
action is needed

ANS A

32) You are working on a DevOps project to deploy Oracle Cloud Infrastructure
(OCI) compute instances running web services. The development team mdicated
that when the compute Instances are deployed, it should automatically create
OCI Object Storage buckets with respective instance names.
Which two can help you meet this requirement?
A. OCI CLI command "oci os bucket create auto <value>"
B. Service Connector Hub
C. Oracle Functions
D. Events Service
E. Cloud Agent Plugin for the compute instance ANS C,D
33)You are part of the cloud DevOps team managing thousands of compute
Instance running in Oracle Cloud Infrastructure (OCI). The OCI Logging service
an configured to collect logs from these Instances using a Unified Monitoring
Agent. A requirement has been created to archive logging data inte OCI Object
Storage.
What OCI capability can help you achieve this requirement?
A. ObjectCollection Rule
B. IAM policy
C. Service Connector Hub
D. Logging Query

ANS C

34) How does the Oracle Cloud Infrastructure Container Engine for Kubernetes
(OKE) Cluster Autoscaler determine when to crate a new nodes for an OKE
cluster?
A. When the rate of requests to the application crosses a configured threshold.
B. When the CPU or memory utilization crosses a configured threshold.
C. When the custom metrics from the services exceed a configured threshold.
D. When the resource requests from pods exceed a configured threshold.

ANS D

35) How can you run applications on GPU worker nodes in clusters created using
Container Engine for Kubernetes (OKE)?
A. By selecting a managed node pool, a GPU shape, and a GPU image that has
CUDA libraries pre-installed, and specifying the mumber of GPL required in the
pod spec.
B. By selecting a virtual node pool, a GPU shape, and a GPU image, and
ensuring that the CUDA libraries are included in the application container
C. By selecting a managed node pool, a GPU shape, and a GPU image, and
specifying the number of CPU resources in the pod spec.
D. By selecting a managed node pool, a GPU shape, and a GPU image, and
ensuring that the CUDA libraries for different GPUs are pre-installed on the wrice
nodes

ANS A
36) You host a microservices based application on the Oracle Cloud
Infrastructure Container Engine for Kubernetes (OKE). Due to increased
popularny of your application, you need to provision more resources to meet the
growing demand.
Which two statements are true for the given scenario?
A. Create a second OKE cluster and scale the application across it.
B. Enable cluster autoscaling by autoscaling node pools by deploying
Kubernetes Metrics Server and using the Kubernetes Vertical Pod Autoscaler to
adjust the resource requests and limits.
C. Scale a node pool up and down to change the number of worker nodes in the
node pool, and the availability domains and suhnets in which to place thes
D. Scale a cluster up and down by changing the number of node pools in the
cluster.
E. Enable autoscaling by autoscaling Pods by deploying Kubernetes Autoscaler
to collect resource metrics form each worker node in the cluster

ANS B,C

37) As a DevOps engineer, you are tasked with streamlining the build process for
a web application and decide to eliminate a specific testing stage from a build
pipeline.
What happens to the associated resources when the stage is removed?
A. The associated resources are marked for deletion, but they are not deleted
until manually removed.
B. The associated resources are still available, but the stage is marked for
deletion.
C. The associated resources are removed, but the stage itself remains available.
D. Both the associated resources and the stage are completely removed from the
build pipeline.

ANS D

38)A small company is moving to a DevOps framework to better accommodate

their intermittent workloads, which are dynamic and irregular. They want to adopt
a consumption-based pricing model.
Which Oracle Cloud Infrastructure service can be used as a target deployment
environment?
A. Functions
B. Bare metal compute instance
C. Oracle Kubernetes (OKE)
D. Virtual machine compute instance

ANS A

39) You're using Oracle Cloud Infrastructure (OCT) DevOps to automate your
application deployment for frequent releases. In one of your automation steps,
you'll create a deployment pipeline.
What does this deployment pipeline do in OCI DevOps?
A. It takes a commit ID from your source code repositories and uses that source
code to ru your build instructions.
B. It is a set of stages for your build process for building, testing and compiling
software artifacts.
C. It is used to store, manage, develop source code with OCI DevOps Code
Repositories.
D. It is a sequence of steps for delivering and deploying your artifacts to a target
environment.

ANS D

40) You are using the Oracle Cloud Infrastructure (OCI) DevOps service and you
have successfully built and tested your software applications in your Build
Pipeline. The resulting output needs to be stored in a container repository.
Which stage should you add next to your Build Pipeline?
A. Export packages
B. Trigger deployment
C. Deliver artifacts
D. Managed build

ANS C

41) Your company is working on a high-profile project and any code push to
production requires approvals. You company is using Oracle Cloud Infrastruchire
(OCI) DevOps service for automating this process. You want to push an artifact
to production and would like to add approvers to the approval workflow in the
Deployment Pipeline.
How can you add approvers?
A. Add approvers to the Deployment Pipeline and give them access via OCI IAM
policy.
B. Add approvers to the buildspec file before pushing the code to the OCI Code
Repository.
C. Email approvers before you run the Deployment Pipeline.
D. Manually and approvers" names and email addresses in the Deployment
Pipeline page.

ANS A

42) As a DevOps engineer working on containerizing a microservices-based

application to be hosted on OCI Cloud platforms, which step can help ensure that
the container images have not been modified after being pushed to Oracle Cloud
Infrastructure Registry (OCIR)?
A. Enabling scanning of container images stored in OCI Registry
B. Scanning the image upon ingestion and comparing the image size for changes
C. Signing the image using the Container Registry CLI and creating an image
signature that associates the image with the master encryption key and key
version in the Vault service
D. Deploying a manife

ANS C

44) As an engineer building and deploying applications using an OCI DevOps

project, which action can help ensure the security and reliability of the code in the
build and deployment pipelines?
A. Using third-party tools like Ansible, Terraform, or DevOps to analyze code for
security defects or bugs in code quality
B. Using version control tools like Git or SVN to track and manage changes in the
codebase
C. Using Application Dependency Management (ADM) to identify security
weaknesses in software applications by checking their dependencies
D. Using Jira to track user stories and bug fixes in the development process
ANS C
45) The Kubernetes Master node serves as the central control plane for
managing the cluster's resources and orchestrating workload deployment What
are primary responsibilities of the Kubernetes Master node?
A. The Master node oversees the scheduling and allocation of cluster resources,
ensuring optimal utilization across nodes.
B. The Master node monitors network traffic within the cluster, ensuring secure
communication and efficient data transfer between nodes.
C. The Master node is primarily tasked with executing application workloads and
ensuring their availability within the cluster.
D. The Master node serves as a repository for storing container images,
facilitating rapid deployment and scaling of applications.

ANS A

46) How can you scale a deployment named nodejs-deployment to have two
replicas?
A. kubectl adjust deployment nodejs-deployment --replicas-2
B. kubectl scale deployment nodejs-deployment-replicas-2
C. kubectl resize deployment nodejs-deployment-replicas-2
D. kubectl set replicas deployment nodejs-deployment-replicas-2

ANS B

47)A company wants to implement CI/CD automation process on Oracle Cloud

Infrastructure (OCI) DevOps. An automatic trigger is created in such a way that
when someone pushed the code from a Git repository to the OCI Code
Repository, it trigger builds all the way to the deployment pipeline
Which DevOps IAM policy statements are required for this automations?
A. Build Pipeline: Allow dynamic-group <BuildPipeline> to manage all-resources
in compartment <compartment name>
B. No DevOps IAM policy statements are required.
C. Code Repo: Allow dynamic-group <Code Repository to manage all-resources
in compartment <compartment name;
Build Pipeline: Allow dynamic-group <BuildPipeline> to manage all-resources in
compartment <compartment name; Deployment Pipeline: Allow dynamic-group
<DeploymentPipeline to manage all-resources in compartment <compartiment
name>;
D. Code Repo: Allow dynamic-group <Code Repository> to manage
all-resources in compartment <compartment name>
Build Pipeline: Allow dynamic-group <BuildPipeline to manage all-resources in
compartment <compartment name>; (correct answer + overall explanations)?

ANS D

48) As a DevOps Engineer, you are tasked with securely storing and versioning
your application's source code and automatically build, test, and deplay your
application to Oracle Cloud Infrastructure (OCI) platform. You are told to
automate manual task and help software teams in managing complex ens
moments at scale.
Chat Replay is disabled for this Premiere.
All
Which three OCI services can you choose to accomplish these tasks?
A. Oracle Cloud Logging Analysis
B. Container Engine for Kubernetes
C. Oracle Cloud Infrastructure Registry
D. DevOps project
E. Oracle APEX Application Development

ANS B,C,D

49)In Kubernetes clusters created by Container Engine for Kubernetes, how is

data in etcd encrypted at rest by default?
A. Oracle encrypts data using a master encryption key it manages.
B. Data is stored without encryption.
C. Data is encrypted using TL.S.
D. Users must manage their own encryption keys.

ANS A

50) Pods running in your Oracle Container Engine for Kubernetes (OKE) cluster
often need to communicate with other pods in the cluster or with service outade
the cluster. As the OKE cluster administrator, you have been tasked with
configuring permissions to restrict pod-to-pod communications except as
explicilly allowed.
Where can you define these permissions?
A. Dynamic Groups
B. RBAC Roles
C. Network Policies
D. IAM Policies

ANS C