View 1Z0-1109-25 Exam Questions

Q: 1

You are a DevOps project administrator. You are creating Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) policies that will be used in a DevOps CI/CD pipeline for deployment to an Oracle Container Engine for Kubernetes (OKE) environment. Which OCI IAM policy can be used?

Options


                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            Reese U. Jan 8, 2026 5:34 am
    
    Option A fits with what the official docs recommend for DevOps CI/CD setups on OCI. Regular groups are preferred for project admin roles managing devops-family resources, not dynamic groups. Saw similar structure on recent Oracle practice tests. Pretty sure it's A, but open if anyone's seen newer guidance.
  
        
            Nathan Jan 18, 2026 7:59 pm
    
    Yeah, I'd pick A too. Using a regular group for the deployment pipeline lines up with OCI docs for managing devops-family resources. Dynamic groups are more for automation with compute or functions, not admins. Open to counterpoints if I missed some recent change.
  
        
            AaronG Dec 30, 2025 11:36 pm
    
    A tbh
  
        
            Neha Jan 19, 2026 2:14 am
    
    A not B. Dynamic groups are mainly for resources like functions or compute, but the question says project admin and group. nitpicky but wording matters in OCI IAM.
  
        
            Ava X. Jan 1, 2026 11:38 am
    
    Had something like this in a mock, it's A.
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   A                
            

                        
                Explanation
                Choosen policy specifies an IAM policy allowing the group (in this case, the deployment pipeline) to
manage devops-family resources within a specific compartment. The devops-family is a group of
services that includes the OCI DevOps service, which is suitable for managing CI/CD pipelines,
deployments, and related operations for an OKE environment.


                                            
                        
        
        
                
                             
                    Question 2
                 
                    
        
        
            Q: 2
            Which of the following statement is INCORRECT with respect to a Dockerfile?
        

                                    Options
                
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            Liam N. Jan 7, 2026 6:12 pm
    
    Option A
  
        
            Aisha I. Jan 7, 2026 8:48 pm
    
    A , because WORKDIR also affects COPY and ADD as per Docker docs, so it's the incorrect statement here. Quick check in practice matches this too. Unless I'm missing some build context detail?
  
        
            HelpfulTester5762 Dec 30, 2025 3:20 pm
    
    D , since the trap is about specifying CMD and ENTRYPOINT in JSON, which isn't strictly required for both together.
  
        
            Reese J. Jan 2, 2026 6:16 pm
    
    C/D? Not quite sure which one is more wrong here tbh.
  
        
            ThoughtfulEngineer5896 Jan 4, 2026 10:42 am
    
    Its A, seen similar in exam reports. WORKDIR does affect COPY and ADD too.
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   A                
            

                        
                Explanation
                The WORKDIR instruction sets the working directory for all subsequent RUN, CMD, ENTRYPOINT,
COPY, and ADD instructions in the Dockerfile. This means that after specifying WORKDIR, all these
instructions will use the specified directory as their current working directory.
            
            
                        
                    

    
                    
                                            
                        
        
        
                
                             
                    Question 3
                 
                    
        
        
            Q: 3
            You are a DevOps engineer working on a project that requires you to push and pull Docker images to
and from Oracle Cloud Infrastructure Registry (Container Registry) using Docker CLI. You have been
given access to Container Registry and have installed Docker CLI on your local machine.
Which should you create and use to securely authenticate and store your Docker image in a private
Docker registry in OCI?
        

                                    Options
                
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            Ravi Jan 9, 2026 4:29 pm
    
    Option A is right, you need an Auth Token when logging into OCI's Container Registry with Docker CLI. The token works like a password for registry access, not your regular OCI password. I've seen similar questions on other Oracle exams too.
  
        
            QuietNeteng8581 Dec 30, 2025 2:23 am
    
    Its A for sure. OCI Auth Tokens are made for CLI authentication with private registries, you generate it in IAM and use as password when doing docker login. SSH keys are more for compute access, not registry, and D is unrelated here. Pretty confident unless OCI changed something super recently.
  
        
            Parker D. Jan 7, 2026 12:25 am
    
    C or B. Seen some practice tests mention SSH keys or JWTs for OCI, but docs lean to Auth Token-worth reviewing Oracle's own guide before sticking to A every time.
  
        
            Luke Jan 6, 2026 4:07 pm
    
    I don’t think it’s B. A
  
        
            JordanU Jan 15, 2026 9:11 am
    
    A here, pretty sure. OCI Auth Tokens are specifically for authenticating Docker CLI to the Container Registry, you generate them in IAM and use them like a password with docker login. Haven't seen any docs recommending JWT or SSH for this purpose, correct me if I'm missing something.
  
        
            SkepticalLead5210 Jan 18, 2026 11:31 pm
    
    C is not correct here, it's A. Docker CLI with OCI Container Registry needs an Auth Token, not an SSH key pair. OCI docs are clear on this for private registry access.
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   A                
            

                        
                Explanation
                To authenticate with the Oracle Cloud Infrastructure Registry (Container Registry) when using the
Docker CLI, you need to use an Auth Token. The Auth Token is created in the OCI console and acts as
a password for the Docker login command, providing secure access to the container registry.
            
            
                        
                    

    
                    
                                            
                        
        
        
                
                             
                    Question 4
                 
                    
        
        
            Q: 4
            How does the Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) Cluster Autoscaler
determine when to create new nodes for an OKE cluster?
        

                                    Options
                
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            Cameron M. Jan 10, 2026 1:15 am
    
    B tbh
  
        
            Hannah B. Jan 6, 2026 10:12 pm
    
    B . A trips people up, but autoscaler looks at pending pods, not just CPU spikes.
  
        
            Chris Jan 10, 2026 9:01 am
    
    Probably B, that's how autoscalers in Kubernetes work. Official docs and hands-on labs help clarify this if you want extra confirmation.
  
        
            Owen X. Dec 31, 2025 7:47 pm
    
    Option B here, since it's when pod resource requests can't be met that new nodes are created. Not entirely sure though.
  
        
            Mia Jan 12, 2026 4:48 pm
    
    B Saw a similar question on another practice, and it's about pending pods with unsatisfied resource requests, not utilization or custom metrics. Pretty sure it's B due to how autoscalers work in Kubernetes.
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   B                
            

                        
                Explanation
                The OKE Cluster Autoscaler automatically adjusts the number of worker nodes in an OKE cluster
based on the resource requests made by Kubernetes pods. When there are not enough resources
available (e.g., CPU or memory) on existing nodes to accommodate pending pods, the Cluster
Autoscaler will create new nodes to meet the resource demand.
            
            
                        
                    

    
                    
                                            
                        
        
        
                
                             
                    Question 5
                 
                    
        
        
            Q: 5
            As a cloud engineer, you are responsible for managing a Kubernetes cluster on the Oracle Cloud
Infrastructure (OCI) platform for your organization. You are looking for ways to ensure reliable
operations of Kubernetes at scale while minimizing the operational overhead of managing the
worker node infrastructure.
Which cluster option is the best fit for your requirement?
        

                                    Options
                
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            PriyaR Jan 6, 2026 7:18 am
    
    Option B. Serverless virtual nodes mean zero node admin overhead, so matches the question.
  
        
            Avery L. Jan 11, 2026 12:39 pm
    
    B
  
        
            Parker Y. Dec 31, 2025 3:17 am
    
    Its D
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   B                
            

                        
                Explanation
                Step 1: Understanding the Requirement
The goal is to ensure reliable operations of Kubernetes at scale while minimizing the operational
overhead of managing worker node infrastructure. In this context, a solution is needed that abstracts
away the complexity of managing, scaling, and maintaining worker nodes.
Step 2: Explanation of the Options
A . Using OCI OKE managed nodes with cluster autoscalers
While this option provides managed node pools and uses cluster autoscalers to adjust resources
based on demand, it still requires some level of management for the underlying worker nodes (e.g.,
patching, upgrading, monitoring).
Operational overhead: Moderate.
B . Using OCI OKE virtual nodes
Virtual nodes in OCI OKE are a serverless option for running Kubernetes pods. They remove the need
to manage underlying worker nodes entirely.
OCI provisions resources dynamically, allowing scaling based purely on pod demand.
There’s no need for node management, patching, or infrastructure planning, which perfectly aligns
with the requirement to minimize operational overhead.
Operational overhead: Minimal.
Best Fit for This Scenario: Since the requirement emphasizes minimizing operational overhead, this is
the ideal solution.
C . Using Kubernetes cluster add-ons to automate worker node management
Kubernetes add-ons like Cluster Autoscaler or Node Problem Detector help in automating some
aspects of worker node management. However, this still requires managing worker node
infrastructure at the core level.
Operational overhead: Moderate to high.
D . Creating and managing worker nodes using OCI compute instances
This involves manually provisioning and managing compute instances for worker nodes, including
scaling, patching, and troubleshooting.
Operational overhead: High.
Not Suitable for the Requirement: This option contradicts the goal of minimizing operational
overhead.
Step 3: Why Virtual Nodes Are the Best Fit
Virtual Nodes in OCI OKE:
Virtual nodes provide serverless compute for Kubernetes pods, allowing users to run workloads
without provisioning or managing worker node infrastructure.
Scaling: Pods are automatically scheduled, and the required infrastructure is dynamically provisioned
behind the scenes.
Cost Efficiency: You only pay for the resources consumed by the running workloads.
Use Case Alignment: Eliminating the burden of worker node infrastructure management while
ensuring Kubernetes reliability at scale.
Step 4:
            
            
                        
                        
                References
                and OCI Resources
OCI Documentation:
OCI Kubernetes Virtual Nodes
OCI Container Engine for Kubernetes Overview
Best Practices for Kubernetes on OCI:
Best Practices for OCI Kubernetes Clusters
            
                    

    
                    
                                            
                        
        
        
                
                             
                    Question 6
                 
                    
        
        
            Q: 6
            How can you run applications on GPU worker nodes in clusters created using Container Engine for
Kubernetes (OKE)?
        

                                    Options
                
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            DirectReviewer1188 Dec 31, 2025 8:40 pm
    
    D talks about CPU resource requests, but if the question asked for 'CPU' not 'GPU' in the spec would your pick change?
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   C                
            

                        
                Explanation
                To run applications on GPU worker nodes in Oracle Kubernetes Engine (OKE), you need to:
Select a managed node pool and choose a GPU shape for the worker nodes.
Use a GPU image that has the necessary CUDA libraries pre-installed to ensure that GPU workloads
can be executed properly.
In the pod specification, specify the number of GPU resources required for the container to utilize the
GPU hardware during execution. This allows Kubernetes to schedule the pod on a node with an
available GPU.
            
            
                        
                    

    
                    
                                            
                        
        
        
                
                             
                    Question 7
                 
                    
        
        
            Q: 7
            What is the correct approach to upgrade an Oracle Container Engine for Kubernetes (OKE) Cluster to
a newer version of Kubernetes?
        

                                    Options
                
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            Jordan Jan 17, 2026 2:53 am
    
    Option A that's what I've seen in similar exam questions-really clear way to ask it.
  
        
            Morgan Z. Jan 8, 2026 10:55 am
    
    Honestly, B seems right to me. The OCI Console can handle the upgrade in one workflow, so it's a common trap here.
  
        
            Ava N. Jan 16, 2026 2:06 am
    
    My vote is A, but if the node pools aren't compatible with the new control plane version, you'll have issues. The upgrade order matters since nodes need to match the control plane version after. Pretty sure that's what the docs say too.
  
        
            Ava A. Jan 7, 2026 10:39 pm
    
    A for sure
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   A                
            

                        
                Explanation
                The correct approach to upgrade an Oracle Container Engine for Kubernetes (OKE) cluster involves
first upgrading the Kubernetes control plane, followed by upgrading the node pools. The control
plane must be upgraded first to ensure compatibility with newer versions of Kubernetes, as node
pools rely on the control plane for orchestration and management.
After upgrading the control plane, each node pool is upgraded to match the new Kubernetes version.
This phased approach ensures the cluster remains in a stable state during the upgrade.
            
            
                        
                    

    
                    
                                            
                        
        
        
                
                             
                    Question 8
                 
                    
        
        
            Q: 8
            As a DevOps engineer working on managing clusters on the OCI platform for your organization, which
statement is true about managing cluster add-ons in OCI OKE Cluster?
        

                                    Options
                
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            Noah Z. Jan 10, 2026 3:42 am
    
    Option A here. Essential add-ons like core DNS can't be disabled at cluster creation, they're required for cluster ops. Pretty sure that's what the docs highlight too. If anyone's seen different in recent OCI updates let me know.
  
        
            PracticalOps834 Jan 7, 2026 1:33 am
    
    A that's what came up in a similar question on my last practice. Essentials can't be skipped at creation.
  
        
            Logan E. Jan 14, 2026 1:37 pm
    
    I'd pick D, thinking disabling in the console removes the add-on from the cluster.
  
        
            QuickAuditor4289 Jan 3, 2026 5:07 pm
    
    A tbh, but best to check Oracle's official docs or run through their OKE hands-on labs if you're prepping.
  
        
            SkepticalAnalyst1590 Jan 18, 2026 2:38 am
    
    A imo, but I'd double check the official OCI docs or their practice exams to be certain.
  
        
            AlexB Jan 7, 2026 6:29 am
    
    Its D, thanks for making the options super clear on this one.
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   A                
            

                        
                Explanation
                Essential cluster add-ons are required for the basic functioning of the Kubernetes cluster and cannot
be disabled during cluster creation. These add-ons provide necessary features such as core DNS,
networking, and other critical functionalities for the cluster's operation.
            
            
                        
                    

    
                    
                                            
                        
        
        
                
                             
                    Question 9
                 
                    
        
        
            Q: 9
            A team wants to deploy artificial intelligence and machine learning workloads in their OCI Container
Engine for Kubernetes (OKE) cluster. They prioritize strong isolation, cost-efficiency, and the ability to
leverage serverless capabilities.
Which solution is best suited for their requirements?
        

                                    Options
                
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            AvaS Jan 2, 2026 9:48 pm
    
    Nah, D is tempting for isolation but the question wants an OKE serverless solution. A checks all the boxes here.
  
        
            Ryan N. Jan 1, 2026 3:58 pm
    
    Hmm, I still say D. Container Instances look serverless and feel more isolated to me, so I'm sticking with that.
  
        
            SofiaV Jan 1, 2026 3:20 pm
    
    Guessing D for strong isolation with serverless-Container Instances might be more cost-efficient too.
  
        
            Layla Y. Dec 31, 2025 3:14 am
    
    Yeah, A fits best for serverless plus strong isolation. Virtual nodes cover all their needs here.
  
        
            Noah D. Jan 14, 2026 9:43 am
    
    C/D? Managed nodes could work for cost, but serverless and isolation make me think D might fit too. Not certain though.
  
        
            Drew O. Jan 4, 2026 2:24 pm
    
    Self-managed nodes don't give the security or serverless benefits, so A is the better call. Virtual nodes check off isolation and cost-efficiency (no infra to manage). B would need manual ops. Disagree?
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   A                
            

                        
                Explanation
                Virtual nodes in OKE provide a serverless experience for deploying Kubernetes workloads, which
means you do not have to manage or scale the underlying infrastructure. This solution is particularly
cost-efficient because you only pay for the resources used by the pods, and it provides strong
isolation for workloads.
Virtual nodes are well suited for AI/ML workloads as they allow users to easily scale compute
resources without being constrained by the limits of individual worker nodes.
            
            
                        
                    

    
                    
                                            
                        
        
        
                
                             
                    Question 10
                 
                    
        
        
            Q: 10
            You are a developer and have been asked to develop an e-commerce website for your organization. It
must support a variety of clients including desktop browsers, mobile browsers and native mobile
applications.
Which two approaches can you use to build the application to achieve deployment independence,
easier technology upgrades, and resiliency to architecture changes? (Choose two.)
        

                                    Options
                
                                        
                                        
                                        
                                        
                                        
                                    
                    
        
             
                 
             

             
             
                          
             
             
             
             
                          
                
             
                     

                
          
            Discussion
          
          
            
            
          
          
                    
            Grace M. Jan 5, 2026 12:58 pm
    
    B and E are right here. Microservices fit best for deployment independence and easier tech upgrades since each service can be swapped out or updated separately. Monoliths don’t give the same flexibility. Pretty sure about this, but open to other ideas.
  
        
            Ethan I. Jan 5, 2026 2:12 am
    
    B tbh, D is a trap here since monoliths aren't great for upgrades or independence.
  
        
            Robin I. Jan 13, 2026 9:58 am
    
    B and E for sure. Microservices let you update individual parts and swap tech stacks without downtime. Saw a similar question on another Oracle exam, same logic.
  
        
            Parker H. Jan 4, 2026 10:04 pm
    
    If the question said "best for rapid MVP delivery" instead of focusing on deployment independence, would monolithic options like A make more sense?
  
          
          
            
          
          
            
            
              
              Be respectful. No spam.
            
          
        
        
        
            
            
            
                Correct Answer:
                
                   B, E                
            

                        
                Explanation
                By implementing each module as an independent service/process (which is a core feature of
microservices architecture), you can replace, update, or delete services without affecting the rest of
the application. This ensures deployment independence and makes it easier to adapt to architecture
changes or technology upgrades without major disruptions.
Microservices architecture allows each service to be built with the best-suited technology stack for
its specific function. This flexibility ensures that you are not tied to a single technology for the entire
application, making future technology upgrades easier and eliminating long-term technology
commitments.



        
        
            
        

        
        
                        Question 1 of 20 · Page 1 / 2



      
      
        
          
            Premium Access Includes
            
                              
                  ✓
                  Quiz Simulator                
                              
                  ✓
                  Exam Mode                
                              
                  ✓
                  Progress Tracking                
                              
                  ✓
                  Question Saving                
                              
                  ✓
                  Flash Cards                
                              
                  ✓
                  Drag & Drops                
                              
                  ✓
                  3 Months Access                
                              
                  ✓
                  PDF Downloads                
                          
          

                      Get Premium Access

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE