Oracle Exam 1Z0-1067-23 Topic 5 Question 38 Discussion

Actual exam question for Oracle's 1Z0-1067-23 exam

Question #: 38
Topic #: 5

Your deployment platform within Oracle Cloud Infrastructure (OCI) leverages a compute instance with multiple block volumes attached. There are multiple teams that use the same compute instance and have access to these block volumes. You want to ensure that no one accidentally deletes any of these block volumes. You have started to construct the following IAM policy but need to determine which permissions should be used. allow group DeploymentUsers to manage volume-family where ANY { request.permission != , request.permission != , request.permission != } Which permissions can you use in place of in this policy? (Choose the best answer.)

ADELETE_VOLUME, DELETE_VOLUME_ATTACHMENT, DE-LETE_VOLUME_BACKUP

BERASE_VOLUME, ERASE_VOLUME_ATTACHMENT, ERASE_VOLUME_BACKUP

CVOLUME_DELETE, VOLUME_ATTACHMENT_DELETE, VOL-UME_BACKUP_DELETE

DVOLUME_ERASE, VOLUME_ATTACHMENT_ERASE, VOL-UME_BACKUP_ERASE

Show Suggested Answer

Suggested Answer: A

by Haley at Mar 23, 2025, 12:32 PM

Limited Time Offer

25%

Off

Get Premium 1Z0-1067-23 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Carol

2 months ago

This Terraform code is making me thirsty. I could go for a nice cold Object Storage bucket right about now.

upvoted 0 times

Beatriz

2 months ago

User 2: Yeah, those permissions would prevent accidental deletion of the block volumes by the teams using the compute instance.

upvoted 0 times

...

Lashaunda

2 months ago

User 1: I think the correct permissions to use in the policy are A) DELETE_VOLUME, DELETE_VOLUME_ATTACHMENT, DELETE_VOLUME_BACKUP.

upvoted 0 times

...

Mirta

2 months ago

Are you sure? I think it's creating a lifecycle policy to move data to Archival storage. Option D looks like the right pick to me.

upvoted 0 times

...

Glennis

2 months ago

Nah, man, this is creating a URL to manage the objects in the bucket. Option C is the way to go.

upvoted 0 times

...

Lea

2 months ago

I agree with Julianna, creating a URL for managing objects makes more sense in this context.

upvoted 0 times

...

Carlee

2 months ago

Ah, I see what's going on now. This is providing read and write access to the objects in the bucket. Option B is the correct choice.

upvoted 0 times

Fannie

18 days ago

D) VOLUME_ERASE, VOLUME_ATTACHMENT_ERASE, VOL-UME_BACKUP_ERASE

upvoted 0 times

...

Margot

20 days ago

C) VOLUME_DELETE, VOLUME_ATTACHMENT_DELETE, VOL-UME_BACKUP_DELETE

upvoted 0 times

...

Yolando

21 days ago

B) ERASE_VOLUME, ERASE_VOLUME_ATTACHMENT, ERASE_VOLUME_BACKUP

upvoted 0 times

...

Sabra

22 days ago

A) DELETE_VOLUME, DELETE_VOLUME_ATTACHMENT, DE-LETE_VOLUME_BACKUP

upvoted 0 times

...

Lashon

23 days ago

C) VOLUME_DELETE, VOLUME_ATTACHMENT_DELETE, VOL-UME_BACKUP_DELETE

upvoted 0 times

...

Marilynn

1 months ago

B) ERASE_VOLUME, ERASE_VOLUME_ATTACHMENT, ERASE_VOLUME_BACKUP

upvoted 0 times

...

Jettie

1 months ago

A) DELETE_VOLUME, DELETE_VOLUME_ATTACHMENT, DE-LETE_VOLUME_BACKUP

upvoted 0 times

...

Julianna

3 months ago

That's a good point, but I think it actually creates a URL to provide access to the bucket for managing objects.

upvoted 0 times

...

Vivan

3 months ago

The code looks like it's creating a pre-authenticated request for object access in an OCI Object Storage bucket. Option A seems to be the best answer here.

upvoted 0 times