Page |1
OCI Architect Practice Exams 1-3
Questions and Correct Answers/ Latest
Update / Already Graded
Which two statements are true about encryption on Oracle Cloud
Infrastructure (OCI)?
Ans: By default, object storage and block storage are
encrypted at rest
By default, DB systems offers an encrypted database
You are deploying a highly available web application in Oracle Cloud
Infrastructure and have decided to use a public load balancer. The back
end web servers will be distributed across all three availability domains
(ADS).
How many subnets should you create to deliver a secure, highly
available application?
three subnets in total; one regional public subnet to host your back-
end web servers and two AD specific private subnets to host your
private load toad balancer
All rights reserved © 2025/ 2026 |
, Page |2
Ans: two subnets in total; one regional private subnet to host
your back-end web servers and one regional public subnet to
host your public load balancer
Which two statements about fault domains are true? (Choose two.)
Ans: A fault domain is a grouping of hardware and
infrastructure within an availability domain
Each availability domain contains three fault domain
You have an application running on Oracle Cloud Infrastructure. You
identified that the read and write operations are slowing your
application down enough to impair user access. The application is
currently using a VM.Standard1.2 compute without any block storage
attached to it.
Which two options allow you to increase disk performance? (Choose
two.)
Ans: Terminate the compute instance preserving the boot
volume. Create a new compute instance using a VM Dense IO
shape using the boot volume preserved
All rights reserved © 2025/ 2026 |
, Page |3
Terminate the compute instance preserving the boot volume.
Create a new compute instance using a VM Standard shape and
attach a new block volume to host your application
You have created a virtual cloud network (VCN) with three private
subnets. Two of the subnets contain application servers and the third
subnet contains a DB System. The application requires a shared file
system so you have provisioned one using the file storage service
(FSS). You also created the corresponding mount target in one of the
application subnets. The VCN security lists are properly configured so
that both application servers and the DB System can access the file
system. The security team determines that the DB System should have
read-only access to the file system.
What change would you make to satisfy this requirement?
Ans: Create an NFS export option that allows READ_ONLY
access where the source is the CIDR range of the DB System
subnet
You have been tasked with creating one virtual cloud network (VCN)
each for two line of business (LOB) applications. LOB A and LOB B will
need to communicate with each other. To ensure that you can utilize
VCN peering, which network CIDR ranges should be used
Ans: VCN A (10.0.0.0/16) and VCN B (10.1.0.0/16)
All rights reserved © 2025/ 2026 |
, Page |4
Which two statements ate true about restoring a block volume from a
manual or policy based block volume backup?
Ans: It can be restored as a new volume to any AD in the same
region
It can be restored as new volumes with different sizes from the
backups
Which two actions will occur when a back-end server that is registered
with a backend set is marked to drain connections? (Choose two.)
Ans: It keeps the connections to that instance open and
attempts to complete any in-flight requests
It disallows new connections to that backend server
Which service would you use if your big data workload required shared
access and NFS-based connectivity ?
Ans: file storage
Where do you find the tnsnames.ora for your Autonomous Data
Warehouse (ADW) database?
Ans: The tsnames.ora file is included in credentials.zip file that
you download from service console of ADW
All rights reserved © 2025/ 2026 |
OCI Architect Practice Exams 1-3
Questions and Correct Answers/ Latest
Update / Already Graded
Which two statements are true about encryption on Oracle Cloud
Infrastructure (OCI)?
Ans: By default, object storage and block storage are
encrypted at rest
By default, DB systems offers an encrypted database
You are deploying a highly available web application in Oracle Cloud
Infrastructure and have decided to use a public load balancer. The back
end web servers will be distributed across all three availability domains
(ADS).
How many subnets should you create to deliver a secure, highly
available application?
three subnets in total; one regional public subnet to host your back-
end web servers and two AD specific private subnets to host your
private load toad balancer
All rights reserved © 2025/ 2026 |
, Page |2
Ans: two subnets in total; one regional private subnet to host
your back-end web servers and one regional public subnet to
host your public load balancer
Which two statements about fault domains are true? (Choose two.)
Ans: A fault domain is a grouping of hardware and
infrastructure within an availability domain
Each availability domain contains three fault domain
You have an application running on Oracle Cloud Infrastructure. You
identified that the read and write operations are slowing your
application down enough to impair user access. The application is
currently using a VM.Standard1.2 compute without any block storage
attached to it.
Which two options allow you to increase disk performance? (Choose
two.)
Ans: Terminate the compute instance preserving the boot
volume. Create a new compute instance using a VM Dense IO
shape using the boot volume preserved
All rights reserved © 2025/ 2026 |
, Page |3
Terminate the compute instance preserving the boot volume.
Create a new compute instance using a VM Standard shape and
attach a new block volume to host your application
You have created a virtual cloud network (VCN) with three private
subnets. Two of the subnets contain application servers and the third
subnet contains a DB System. The application requires a shared file
system so you have provisioned one using the file storage service
(FSS). You also created the corresponding mount target in one of the
application subnets. The VCN security lists are properly configured so
that both application servers and the DB System can access the file
system. The security team determines that the DB System should have
read-only access to the file system.
What change would you make to satisfy this requirement?
Ans: Create an NFS export option that allows READ_ONLY
access where the source is the CIDR range of the DB System
subnet
You have been tasked with creating one virtual cloud network (VCN)
each for two line of business (LOB) applications. LOB A and LOB B will
need to communicate with each other. To ensure that you can utilize
VCN peering, which network CIDR ranges should be used
Ans: VCN A (10.0.0.0/16) and VCN B (10.1.0.0/16)
All rights reserved © 2025/ 2026 |
, Page |4
Which two statements ate true about restoring a block volume from a
manual or policy based block volume backup?
Ans: It can be restored as a new volume to any AD in the same
region
It can be restored as new volumes with different sizes from the
backups
Which two actions will occur when a back-end server that is registered
with a backend set is marked to drain connections? (Choose two.)
Ans: It keeps the connections to that instance open and
attempts to complete any in-flight requests
It disallows new connections to that backend server
Which service would you use if your big data workload required shared
access and NFS-based connectivity ?
Ans: file storage
Where do you find the tnsnames.ora for your Autonomous Data
Warehouse (ADW) database?
Ans: The tsnames.ora file is included in credentials.zip file that
you download from service console of ADW
All rights reserved © 2025/ 2026 |
