Which is NOT a valid log category for the Oracle Cloud Infrastructure Logging service?
Correct Answer: D
The Oracle Cloud Infrastructure Logging service has several log categories that users can utilize: Custom Logs: Users can create their own logs to collect application-specific data. Audit Logs: These logs contain audit records that provide information about activities performed on resources, generated by OCI Audit service. Service Logs: These are logs generated by OCI services, providing information about the functioning and performance of the services. Execution Logs is not a valid log category in OCI Logging. There are no "execution logs" as a defined category for the Logging service.
Question 12
Which two are prerequisites for creating a secret in Oracle Cloud Infrastructure Vault service? (Choose two.)
Correct Answer: B,C
You need the required permissions (such as policies allowing secret management) to create and manage secrets in Oracle Cloud Infrastructure (OCI) Vault service. These permissions are essential for performing operations such as creating, reading, and managing secrets. Vault managed key is required to encrypt the secret before it is stored in the OCI Vault. The managed key acts as the encryption key for securing the secret, ensuring its confidentiality.
Question 13
You are using the Oracle Cloud Infrastructure (OCI) DevOps service and you have successfully built and tested your software applications in your Build Pipeline. The resulting output needs to be stored in a container repository. Which stage should you add next to your Build Pipeline?
Correct Answer: C
Step 1: Understanding the Requirement The objective is to store the resulting build output from a Build Pipeline in a container repository. In OCI DevOps, the build output is stored as an artifact, which can include Docker images or other build-generated files. To store these artifacts in a container repository, you need to explicitly deliver artifacts in the pipeline. Step 2: Explanation of the Options A . Trigger deployment This stage is used to trigger a deployment pipeline, which comes after the artifacts are already stored and prepared for deployment. Not applicable: This stage is downstream of storing artifacts and is used for deploying software, not for saving the build output to a repository. B . Managed build The managed build stage is where you compile, test, and package the application. This has already been completed successfully according to the question. Not applicable: The question specifies that the build has been completed, so this stage is not relevant at this point. C . Deliver artifacts The Deliver Artifacts stage in OCI DevOps pipelines is designed to store the output of the build process in an artifact repository, such as: OCI Container Registry (OCIR) for Docker images. Artifact Registry for build artifacts like binaries or JAR files. Applicable and Correct answer: This is the correct next step for storing the resulting D . Export packages This is not a standard OCI DevOps pipeline stage. It may be relevant in other contexts but is not related to OCI DevOps for storing build artifacts. Step 3: Key Concepts of "Deliver Artifacts" in OCI DevOps Purpose: Save build outputs (artifacts) to an artifact repository. Artifact Types: Includes Docker container images, binaries, JAR files, or other build outputs. Repositories Supported: OCI Container Registry (OCIR) OCI Artifact Registry Configuration: Specify the artifact source (build stage output). Define the destination repository (e.g., OCIR). Step 4: References and OCI Resources OCI DevOps Build Pipelines: Build Pipeline Documentation Deliver Artifacts Stage OCI Container Registry (OCIR): OCI Container Registry Overview OCI Artifact Registry: OCI Artifact Registry Overview
Question 14
As a DevOps engineer working on containerizing a microservices-based application to be hosted on OCI Cloud platforms, which step can help ensure that the container images have not been modified after being pushed to Oracle Cloud Infrastructure Registry (OCIR)?
Correct Answer: D
To ensure that container images have not been modified after being pushed to the Oracle Cloud Infrastructure Registry (OCIR), you should sign the image. This involves using the Container Registry CLI to create a digital signature for the image, which associates the image with a master encryption key and key version stored in the OCI Vault service. This signature can then be verified at the time of deployment, ensuring that the image has not been tampered with since it was signed.
Question 15
Which command creates the docker registry secret required in the application manifests for OKE to pull images from Oracle Cloud Infrastructure Registry?
Correct Answer: D
To create a Docker registry secret to pull images from the Oracle Cloud Infrastructure Registry (OCIR), you need to specify the correct parameters such as the region key, namespace, OCI username, and OCI authentication token. Chosen command is correct because: The kubectl create secret docker-registry command creates a Docker registry secret. The --docker-server=<region-key>.ocir.io specifies the correct endpoint for OCIR. The --docker-username=<tenancy-namespace>/<oci-username> provides both the tenancy namespace and the OCI username, which is the required format for authentication with OCIR. The --docker-password='<oci-auth-token>' specifies the OCI auth token, which acts as a password for authentication. The --docker-email=<email-address> is also included. The other commands have errors, such as missing tenancy namespace or using incorrect flags (passwd instead of secret).
