Oracle Cloud Infrastructure 2025 Multicloud Architect Professional Advanced Practice Exam: Hard Questions 2025

A financial services company runs microservices on OKE in OCI and uses an external cloud for analytics. Regulatory policy requires that all PII remains in OCI, but anonymized events may be consumed by analytics in near real time. They also require least-privilege access with auditable controls and no long-lived shared secrets between clouds. Which architecture best meets these requirements with minimal operational risk?

An enterprise is designing a multicloud active/active web application: OCI hosts OKE in two regions, and another cloud hosts a parallel Kubernetes stack. Requirements: global traffic steering, deterministic failover without client-side retries, and consistent TLS policy. The team wants to minimize split-brain risk during partial internet outages and ensure health signals come from inside each environment, not just edge probing. Which design best fits?

A company must allow workloads running on a partner’s cloud to access a private OCI API (hosted behind a private load balancer) without exposing it to the internet. Requirements: end-to-end encryption, strong identity-based authorization, and the ability to quickly revoke partner access without rotating shared keys. What is the most appropriate solution?

You federate OCI IAM with an external IdP for SSO. Users successfully authenticate, but are intermittently denied when attempting to assume an OCI role mapped from IdP group membership. OCI Audit logs show ‘NotAuthorizedOrNotFound’ for dynamic group and policy evaluations, even though the user’s IdP assertion contains the expected groups. What is the most likely root cause and best fix?

A security team mandates that workloads on OCI and another cloud must use mutual TLS for east-west service calls. They want centralized certificate issuance, automated rotation, and assurance that private keys never leave a hardware-backed boundary in OCI. Which approach best satisfies these constraints?

An organization uses a hub-and-spoke network in OCI with a DRG in the hub VCN and multiple spoke VCNs attached via LPG/DRG attachments. They add a site-to-site VPN to an on-prem network (10.0.0.0/16) and later deploy a new spoke VCN using the same CIDR (10.0.0.0/16) by mistake. Immediately, traffic from some spokes to on-prem becomes unpredictable. What is the most appropriate remediation with least downtime and best long-term posture?

A multicloud application requires private connectivity between OCI and another cloud with strict latency SLOs. The team establishes dedicated connectivity (interconnect/FastConnect) and uses BGP. After a maintenance event, traffic unexpectedly shifts to the IPSec VPN backup path even though the dedicated link is up. They observe BGP sessions established on both paths. What is the most likely cause and correct fix?

An OCI-hosted service in a private subnet must call an API endpoint hosted in another cloud privately over interconnect. DNS resolution is split-horizon: inside OCI, the API hostname should resolve to a private address reachable over the private link; outside, it resolves to a public address. The team reports intermittent failures where OCI workloads sometimes resolve the public address and attempts go out through the NAT gateway, failing due to firewall rules. What is the most likely configuration issue and best fix?

A critical multicloud workload runs active/passive: OCI is primary, another cloud is secondary. The database uses asynchronous replication to the secondary cloud. The business requires an RPO near zero and an RTO under 15 minutes, but they also require avoiding data corruption during a region-wide OCI outage with partial network partition (replication link flapping). Which DR strategy best addresses these constraints?

A team uses infrastructure-as-code to deploy multicloud connectivity, IAM federation, and OCI networking. After a rollback of a failed change, they observe that some OCI policies still reference deleted dynamic groups, and new deployments intermittently fail due to eventual consistency of IAM propagation. They need a robust operational pattern that reduces drift and handles consistency without extending outage windows. What is the best approach?