1. Q. What is one of the differences between a microservices and serverless function?

R: Microservices are used for long running operations and serverless functions for short running
operations.

2. Q. Which TWO are characteristics of microservices?

R: Microservices communicate over lightweight APIs.

R: Microservices can be independently deployed.

3. Q. You are building a container image and pushing it to the Oracle Cloud Infrastructure
Registry (OCIR). You need to make sure that these images never get deleted from the repository.
Which action should you take?

R: Set global policy of image retention to "Retain All Images".

R: Edit the tenancy global retention policy.

4. Q. How do you perform a rolling update in Kubernetes?

R: kubectl update -c <container> ESTA NO

R: kubectl rolling-update <deployment-name> """"image=image:v2

5. Q. You have created a repository in Oracle Cloud Infrastructure Registry in the us-ashburn-1
(iad) region in your tenancy with a namespace called "heyoci".

R: iad.ocir.io/heyoci/myapp:0.0.2-beta

R: us-ashburn-1.ocir.io/heyoci/myapp:0.0.2-beta.

6. Q. You are building a cloud native, serverless travel application with multiple Oracle Functions
in Java, Python and Node.js. You need to build and deploy these functions to a single application
named travel-app.

R: fn deploy --app travel -app --all

7. Q. Which conecept is NOT related to Oracle Cloud Infrastructure Resource Manager?

R: Queue.

8. Q. You encounter an unexpected error when invoking the Oracle Function named
"myfunction" in application "myapp". Which can you use to get more information on the error?

R: DEBUG=1 fn invoke myapp myfunction.

9. Q. You need to execute a script on a remote instance through Oracle Cloud Infrastructure
Resource Manager. Which option can you use?
R: Download the script to a local desktop and execute the script.

R: Use remote-exec ESTE NO

10. Q. A service you are deploying to Oracle Cloud Infrastructure (OCI) Container Engine for
Kubernetes (OKE) uses a docker image from a private repository in OCI Registry (OCIR). Which
configuration is necessary to provide access to this repository from OKE?

R: Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the
imagePullsecrete property in the application deployment manifest.

11. Q. In the same kubernetes manifest file below, what annotations should you add to creat a
private load balancer in Oracle Cloud Infrastructure Container Engine for Kubernetes?

R: service.beta.kubernetes.io/oci-load-balancer-internal: "true" service.beta.kubernetes.io/oci-

load-balancer-subnet1: "ocid1.subnet.oc1..aaaa....vdfw"

12. Q. per CAP theorem, in which scenario do you NOT need to make any trade-off between the
guarantees?

R: When there are no network partitions.

13. Q. In a Linux environment, what is the default location of the configuration file that Oracle
Cloud Infrastructure CLI uses for profile information?

R: $HOME/.oci/config.

14. Q. Which pattern can help you minimize the probability of cascading failures in your system
during partial loss of connectivity or a complete service failure?

R: Circuit breaker pattern.

15. Q. What is the open source engine for Oracle Functions?

R: Fn Project

16. Q. In regards to the communication between services, which communication type is tipically
prefered for cloud-native applications?

R: Basic, asynchronous communication.

17. Q. Which TWO statements are true for serverless computing and serverless architectures?

R: Serverless function execution is fully managed by a third party.

R: Applications running on a FaaS (Functions as a Service) platform.

18. Q. Which statement is incorrect with regards to the Oracle Cloud Infrastructure (OCI)
Notifications service?

R: It may be used to receive an email each time an OCI Autonomous Database backup is
completed.
19. Q. You are working on a serverless DevSecOps application using Oracle Functions. You have
deployed a Python funtion that uses the Oracle Cloud Infrastructure (OCI) Python SDK to stop
any OCI Compute instance that does not comply with your corporate security standards. There
are 3 non-compliant OCI Compute instances. However, when you invoke this function none of
the instances were stopped. How should you troubleshoot this?

R: Enable function logging in the OCI console, include some print statements in your function code
and use logs to troubleshoot this.

20. Q. You are implementing logging in your services that will be running in Oracle Cloud
Infrastructure Container Engine for Kubernetes. Which statement describes the appropriate
logging approach?

R: All services log to standard output only.

21. Q. A programmer is developinga Node.js application which will run in a Linux server on their
on-premises data center. This application will access various Oracle Cloud Infrastructure (OCI)
services using OCI SDKs. What is the secure way to access OCI services with OCI identity and
Access Management (IAM)?

R: Create a new OCI IAM user, add the user to a group associated with a policy that grants the
desired permissions to OCI services. In the on-premises Linux server, generate the keypair used for
signing API request and upload the public key to the IAM user.

22. Q. You are developping a serverless application with Oracle Functions and Oracle
Infrastructure Object Storage. Your function needs to read a JSON file object from an Object
Storage bucket named "input-bucket" in compartment "qa-compartment". Your corporate
security standards mandate the use of Resource Principals for this use case. Which TWO
statements are needed to implement this use case?

R: Set up a policiy with the following statements to grant read access to the bucket: allow
dynamic-group read-file-dg to read objects in compartment qa-compartment where
target.bucket.name='input-bucket'

R: Set up the following dynamic group for your functio's OCID: Name: read-file-dg-Rule:
resource.id = 'ocid1.fnfunc.oc1.phx.aaaaaaaakeaobctakezjz5iaujj7g25q7sx5mvr55pms6f4da'

23. Q. In order to effectively test your cloud-native applications, you might utilize separate
environments (development, testing, staging, production, etc). Which Oracle Cloud
Infrastructure (OCI) service can you use to create and manage your infrastructure?

R: OCI Resource Manager.

24. Q. A developer using Oracle Cloud Infrastructure (OCI) API Gateway must authenticate the
API requests to their web application. The authentication process must be implemented using a
custom scheme which accepts string parameters from the API caller. Which method can the
developer use in this scenario?

R: Create an authorizer function using token-based authorization.

25. Q. You are deploying an API via Oracle Cloud Infrastructure OCI API Gateway and you want
to implement request policies to control access. Which is NOT available in OCI API Gateway.

R: Controlling access to OCI resources.

26. Q. A pod security policy PSP is implemented in your Oracle Cloud Infrastructure Container
Engine for Kubernetes cluster. Which rule can you use to prevent a container from running as
root using PSP?

R: MustRunAsNonRoot.

27. Q. A leading insurance firm is hosting its customer portal in Oracle Cloud Infrastructure OCI
Container Engine for Kubernetes with an OCI Autonomous Database. Their support team
discovered a lot of SQL injection attempts and cross-site scripting attacks to the portal, which is
starting to affect the production environment. What should they implement to mitigate this
attack?

R: Web Application Firewall.

28. Q. How can you find details of the tolerations field for the sample YAML file below?

R: kubectl explain pod.spec.tolerations

29. Q. What is the minimum amount of storage that a persistent volume claim can obtain in
Oracle Cloud Infrastructure Container Engine for kubernetes OKE?

R: 50 Gb.

30. Q. Given a service deployed on Oracle Cloud Infrastructure Container Engine for Kubernetes
OKE, which annotation should you add in the sample manifest file below to specify a 400 Mbps
load balancer?

R: service.beta.kubernetes.io/oci-load-balancer-shape: 400 Mbps.

31. You created a pod called "nginx" and its state is set to Pending. Which command can you run
to see the reason why the "nginx" pod is the pending state?

R: kubectl describe pod nginx.

32. Q. Which statement accurately describes Oracle Cloud Infrastructure OCI Load Balancer
integration with OCI Container Engine for Kubernetes OKE?

R: OKE service provisions an OCI Load Balancer Instance for each Kubernetes service with
LoadBalancer type in the YAML configuration.
33. Q. As a cloud-service developer, you are designing an application that depends on Oracle
Cloud Infrastructure OCI Object Storage wherever the application is running. Therefore,
provisioning of storage buckets should be part of your Kubernetes deployment process for the
application. Which should you leverage to meet this requirement?

R: OCI service broker for kubernetes.

34. Q. Your organization uses a federal identity provider to loging to your Oracle Cloud
Infrastructure OCI environment. As a developer, you are writing a script to automate some
operation and want to use OCICLI to do that. Your security team doesn't allow storing private
keys on local machines. How can you authenticate with OCI CLI?

R: Run oci session authenticate and provie your credentials.

35. Q. Which header is NOT required when signing GET requests to Oracle Cloud Infrastructure
APIs?

R: content-type.

36. Q. You are tasked with developing an application that requires the use of Oracle Cloud
Infrastructure OCi APIs to POST messages to a stream in the OCI Streaming service. Which
statement is incorrect?

R: The request does not require an Authorization header.

37. Q. You are a consumer of Oracle Cloud Infrastructure OCI Streaming service. Which API
should you use to read and process the stream?

R: GetMessages.

38. Q. You have written a Node.js function and deployed it to Oracle Functions. Next, you need
to call this function from a microservice written in Java deployed on Oracle Cloud Infrastructure
OCI Container Engine for Kubernetes OKE. Which can help you to achieve this?

R: Use the OCI Java SDK to invoke the function from the microservice.

39. Q. Which testing approaches is a must for achieving high velocity of deployments and
releases of cloud-native applications?

R: Automated testing.

40. Q. You have TWO microservices, A and B running in production. Service A relies on APIs from
service B. You want to test changes to service A without deploying all of its dependencies, which
includes service B. Which approach should you take to test service A?

R: Test using API mocks.

41. Q. With the volume of communication that can happen between different components in
cloud-native applications, it is vital to not only test functionality, but also service resiliency.
Which statement is true with regards to service resiliency?

R: Resiliency is about recovering from failures without downtime or data loss.

42. Q. You have a containerized app that requires an Autonomous Transacton Processing ATP
database. Which option is not valid for connecting to ATP from a container in Kubernetes?

R: Enable Oracle REST Data services for the required schemas and connect via HTTPS.

43. Q. You are developing a serverless application with Oracle Functions. Your function needs to
store state in a database. Your coporate security standards mandate encryption of secret
information like database passwords.

R: Encrypt the password using Oracle Cloud Infrastructure Key management. Decrypt this
password in your function code with the generated key.

44. Q. Which TWO are benefits of distributed systems?

R: Scalability

R: Resiliency

45. Q. Which TWO statements are true for service choreography?

R: Decision logic in service choreography is distributed

R: Services involved in choreography communicate through messages/messaging systems.

46. Q. You are using Oracle Cloud Infrastructure OCI Resource Manager to manage your
infrastructure lifecycle and wish to receive an email each time a TerraForm actions begins. How
should you use the OCI Events service to do this without writing any code?

R: Create an OCI notificacion topic and email subscription with te destination eamil address. Then
create an OCI Events rule matching "Resource Manager Job - Create" condition, and select the
notification topic for the corresponding action.

47. Q. Your Oracle Cloud Infrastructure Container Engine For Kubernetes OKE administrator has
created an OKE cluster with one node pool in a public subnet. You have been asked to provide a
log file from one of the nodes for troubleshooting purpose. Which step should you take to
obtain the log file?

R: SSH into the nodes using private key.

48. Q. Which TWO are required to enable Oracle Cloud Infrastructure OCI Container Engine for
Kubernetes OKE Cluster Access form the kubectl CLI?

R: Install and configure the OCI CLI

R: A Configured OCI API signing key pair.

49. Q. Which TWO statements accurately describe an Oracle Functions application?

R: A logical group of functions

R: A common context to store configuration variables that are available to all functions in the
applicaation.

50. Q. You are developing a serverless application with Oracle Functions. You have created a
function in compartment named prod. When you try to invoke your function you get the
following error:

Error invoking function.status: 502 message: dhcp options ocid1....... does not exist or Oracle
Functions is not authorized to use it. How can you resolve this error?

R: Create a policy: Allow service FaaS to use virtual-network.family in compartment prod.

51. Q. You are working on a cloud native e-commerce application on Oracle Cloud infrastructure
OCI. Your application architecture has multiple OCI services, including Oracle Functions. You
need to trigger these functions directly from the other OCI services, without having to run
custom code.

R: OCI Registry.

52. Q. As a cloud-native developer, you have written a web service for your company. You have
used Oracle Cloud Infrastructure OCI API Gateway service to expose the HTTP backend.
However, your security team has suggested that your web service should handle distributed
Denial-of-service DDoS attack. You are time-constrained and you need to make sure that this is
implemented as soos as possible.

R: Use OCI API Gateway service and configure rate limiting.

53. Q. You are developping a distributed application and you need a call to path to always return
a specific JSON content. To fulfill requirement you deploy an Oracle Cloud Infrastructure API
Gateway with the below API deployment specification. What is the correct value for type?

R: STOCK_RESPONSE_BACKEND

54. Q. Which is NOT a valid option to execute a function deployed on Oracle Functions?

R: Invoke from Docker CLI.

55. Q. In which circunstance you are NOT required to make any trade-off between the
guarantees as per CAP theorem?

R: No Network partitions.

56. Q. What does resiliency mean with regard to Cloud Computing?

R: Resiliency mean to gracefully recover from failures with minimal downtime and data loss.
57. Q. With regard to Persistent Volume Claim PVC, what is the minimum amount of storage
request in OCI?

R: 50 Gb

58. Q. As an OCI developer you noticed that production environment is prone to SLQ injection
and cross-site scripting attacks. What should you implement to mitigate such attacks?

R: Web Application Firewall WAF

59. Q. What are the advantages of Distributed Systems?

R: Scalability

R: Transparency

R: Resiliency

60. Q. What is the default shape load balancers are created in OCI?

R: 100 Mbps

61. Q. Differentiate between an OCI serverless function and microservice. Which of the following
statement is CORREC?

R: Serverless functions are used for short lived tasks where as microservices is for long lived tasks.

62. Q. Which of the following are correct action type as per OCI Event Rule?

R: Oracle Notification Service

R: Oracle Functions Service.

63. Q. When signing GET request to OCI APIs, which headers are required?

R: x-dale

R: host

R: request-target

64. Q. Which Oracle Functions can invoke authentication automatically?

R: Fn Project CLI

R: OCI CLI o Oracle Cloud Infrastructure CLI

65. Q. By default, where is the configuration file located at in OCI CLI?

R: ~/.oci/config
66. Q. Which OCI service should you use to share and manage infrastructure configurations and
state files across multiple teams (production, user acceptance testing and development)?

R: Resource Manager.

67. Q. Which language is NOT supported when developping a polygot application using OCI
functions?

R: SQL

68. Q. With regard to OCI load balancer bandwidth, which of the following parameter is
supported?

R: Shape.

69. Q. Which SDKs are supported on OCI?

R: SDK for Java

R: SDK for .NET

R: SDK for Python.

70. Q.A function is deployed in OCI functions which is written in Python. How can you invoke
this function from a microservice written in Java?

R: Using Java SDK to call the function from microservice.

71. Q. What are the possible ways to invoke a function that is deployed to Oracle Functions?

R: Oracle Cloud Infrastructure CLI

R: Fn Project CLI

R: Signed HTTP request to the function's invoke endpoint. ESTA NO

72. Q. With regard to Oracle Funtions, what is the maximum memory threshold?

R: 1024MB

73. Q. With regard to service choreography, select the correct statement?

R: Choreography focuses on the exchange of messages.

R: Decision logic is distributed.

74. Q. Which statement accurately describes Oracle Cloud Infrastructure (OCI) Load Balancer integration
with OCI Container Engine for Kubernetes (OKE)?

R: OKE service provisions an OCI Load Balancer instance for each Kubernetes service with LoadBalancer type in
the YAML configuration.

R: OKE service provisions a single OCI Load Balancer instance shared with all the Kubernetes services with
LoadBalancer type in the YAML configuration
75. Q. Which two are required to enable Oracle Cloud Infrastructure (OCI) Container Engine for
Kubernetes (OKE) cluster access from the kubectl CLI? (Choose two.)

R: Install and configure the OCI CLI

R: A configured OCI API signing key pair

76. Q. You have a containerized app that requires an Autonomous Transaction Processing (ATP) Database.
Which option is not valid for connecting to ATP from a container in Kubernetes? (Choose the best answer.)

R: Enable Oracle REST Data Services for the required schemas and connect via HTTPS.

77. Q. You are tasked with developing an application that requires the use of Oracle Cloud Infrastructure
(OCI) APIs to POST messages to a stream in the OCI Streaming service.

R: The request does not require an Authorization header.

78. Q. You are developing a polyglot serverless application using Oracle Functions.

R: PL/SQL

79. Q. You are processing millions of files in an Oracle Cloud Infrastructure (OCI) Object Storage bucket.
Each time a new file is created, you want to send an email to the customer and create an order in a database.
The solution should perform and minimize cost. Which action should you use to trigger this email?

R: Use OCI Events service and OCI Notification service to send an email each time a file is created.

80. Q. What is one of the differences between a microservice and a serverless function? (Choose the best
answer.)

R: Microservices are used for long running operations and serverless functions for short running operations.

81. Q. Which two "Action Type" options ar“ NOT available in an Oracle Cloud Infrastructure (OCI) Events
rule definition? (Choose two.)

R: Email
R: Slack

82. Q. Which is NOT a supported SDK on Oracle Cloud Infrastructure (OCI)? (Choose the best answer.)

R: .NET SDK

83. Q. You want to push a new image in the Oracle Cloud Infrastructure (OCI) Registry. Which two actions
do you need to perform?

R: Assign a tag via Docker CLI to the image.

R: Generate an auth token to complete the authentication via Docker CLI.

84. Q. You have been asked to create a stateful application deployed in Oracle Cloud Infrastructure (OCI)
Container Engine for Kubernetes (OKE) that requires all of your worker nodes to mount and write data to
persistent volumes.

R: Use OCI File Services as persistent volume.

R: Use OCI Block Volume backed persistent volume.

85. Q. Your organization uses a federated identity provider to login to your Oracle Cloud Infrastructure
(OCI) environment. As a developer, you are writing a script to automate some operation and want to use
OCI CLI to do that. Your security team doesn’t allow storing private keys on local machines.
R: Run oci session authenticate and provide your credentials

86. Q. Which one of the statements describes a service aggregator pattern?

R: It involves implementing a separate service that makes multiple calls to other backend services

87. Q. In the sample Kubernetes manifest file below, what annotations should you add to create a private
load balancer in Oracle Cloud Infrastructure Container Engine for Kubernetes?

R: service.beta.kubernetes.io/oci-load-balancer-internal: "true" service.beta.kubernetes.io/oci-load-balancersubnet1:

"ocid1.subnet.oc1..aaaaa....vdfw"