1Z0-1072
Coming Soon
Expected availability announced soon
This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.
OCI Architect Associate
The Oracle Cloud Infrastructure Architect Associate certification course teaches core OCI architecture, networking, compute, storage, and security concepts, enabling architects to design and implement secure, scalable cloud solutions.
90
Minutes
50
Questions
65
Passing Score
$245
Exam Cost
Who Should Take This
It is intended for IT professionals who already work with Oracle Cloud services, such as solution architects, cloud engineers, or system administrators, and have at least six months of hands‑on OCI experience. These learners aim to validate their practical knowledge, advance their career, and qualify for the 1Z0‑1072 exam.
What's Covered
1
OCI Architecture Fundamentals
2
Networking
3
Compute
4
Storage
5
Identity and Security
6
Database
7
Governance and Observability
8
Application Development
What's Included in AccelaStudy® AI
Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats
Course Outline
60 learning goals
1
OCI Architecture Fundamentals
2 topics
Architecture Components
- Describe OCI architecture: regions, availability domains, fault domains, and physical infrastructure hierarchy.
- Identify tenancy elements: root compartment, administrator group, default policies, service limits, and initial network resources.
- Explain compartment hierarchy design for resource isolation, cross-compartment policies, and organizational mapping.
- Analyze multi-AD versus single-AD deployment strategies to meet availability and data residency requirements.
Resource Management
- Describe OCI resource identifiers (OCIDs), tagging strategies, and metadata for resource tracking and governance.
- Explain resource lifecycle states and how to manage instance and service provisioning through Console, CLI, and Terraform.
2
Networking
3 topics
VCN Architecture
- Describe VCN components: subnets, route tables, gateways (Internet, NAT, Service, DRG), DHCP options, and local peering gateways.
- Configure VCN with public/private subnets, CIDR allocation, and gateway selection for internet and hybrid connectivity.
- Implement security lists and NSGs with stateful and stateless rules for defense-in-depth traffic filtering.
- Configure route tables with rules for LPG, DRG, service gateway, and internet gateway for complex traffic flows.
- Analyze VCN designs to identify routing issues, security gaps, and connectivity problems in multi-subnet architectures.
Connectivity
- Identify connectivity options: local/remote VCN peering, FastConnect, IPSec VPN, and DRG transit routing.
- Configure site-to-site VPN with IPSec tunnels, BGP or static routing, and shared secret management for on-premises connectivity.
- Explain FastConnect provisioning with partner or colocation models, virtual circuits, and BGP peering configuration.
- Compare FastConnect and VPN for hybrid connectivity based on bandwidth, latency, redundancy, and cost tradeoffs.
Load Balancing and DNS
- Identify flexible load balancer and network load balancer and describe listeners, backend sets, health checks, and bandwidth shapes.
- Configure load balancer with routing policies, SSL termination, session persistence, and WAF integration.
- Explain DNS zones, records, traffic steering policies, and resolver endpoints for name resolution across VCNs.
- Evaluate load balancing architectures for multi-tier applications requiring HA, SSL offloading, and path-based routing.
3
Compute
2 topics
Compute Architecture
- Identify compute shapes: VM standard, flexible, optimized, GPU, bare metal, dedicated hosts, and preemptible instances.
- Configure instance pools with placement constraints, autoscaling (metric and schedule), and cross-AD distribution.
- Explain custom images, image import/export, instance configurations, and instance metadata service v2 for standardized deployments.
- Analyze workload requirements to select compute shapes balancing CPU, memory, network bandwidth, and cost constraints.
Containers and Serverless
- Describe OKE components: control plane, managed/virtual node pools, pod networking (VCN-native, flannel), and Kubernetes RBAC.
- Configure OKE clusters with node pool scaling, PVC storage, load balancer services, and Container Registry integration.
- Implement Functions with event triggers, API Gateway integration, and Streaming for event-driven serverless architectures.
- Evaluate VM versus container versus serverless strategies based on scaling, cold start, state management, and operational complexity.
4
Storage
2 topics
Block and File Storage
- Identify Block Volume tiers (balanced, higher, ultra-high) with IOPS, throughput, and size characteristics.
- Configure Block Volume with groups, cross-region replication, automated backups, and performance tuning.
- Configure File Storage with mount targets, export options, NFS controls, and snapshots for shared workloads.
Object Storage
- Describe Object Storage tiers (Standard, Infrequent Access, Archive), durability, and access characteristics.
- Implement bucket configurations: versioning, lifecycle rules, retention policies, replication, pre-authenticated requests.
- Explain Object Storage events, multipart uploads, and server-side encryption for data processing pipelines.
- Analyze requirements to architect multi-tier storage solutions balancing block, object, and file storage for performance and cost.
5
Identity and Security
2 topics
IAM Configuration
- Describe IAM policy syntax: subjects, verbs, resource types, conditions, compartment scope, and policy inheritance.
- Configure dynamic groups and instance principals for service-to-service authentication without stored credentials.
- Implement Identity Domains with SAML/OIDC federation, SCIM provisioning, and MFA policies for enterprise identity management.
- Analyze access control scenarios to design compartment hierarchies and IAM policies for multi-team organizations.
Security Services
- Identify Vault, Cloud Guard, Security Zones, Bastion, WAF, and Certificates and their security capabilities.
- Configure Vault for key management: master encryption keys, data encryption keys, secrets, and key rotation policies.
- Implement Cloud Guard detectors and responders for automated security posture monitoring and remediation.
- Configure Bastion service for secure SSH and RDP access to private resources without public IP exposure.
- Analyze security requirements to design encryption, threat detection, and access control strategies for compliance.
6
Database
1 topic
Database Services
- Identify database options: Autonomous DB, VM/BM DB Systems, Exadata Cloud, MySQL HeatWave, NoSQL, and PostgreSQL.
- Configure Autonomous Database: workload type, auto-scaling, private endpoints, access control lists, and backup policies.
- Explain Data Guard and Active Data Guard for HA and DR across availability domains including switchover and failover.
- Configure DB System backups: automatic, on-demand, retention policies, and point-in-time recovery procedures.
- Analyze database requirements to select the optimal OCI service based on workload, performance, licensing, and cost.
7
Governance and Observability
2 topics
Governance
- Describe tagging strategies: defined tags, namespaces, freeform tags, cost-tracking tags, and default tag rules.
- Configure Budgets with threshold alerts and Cost Analysis for monitoring spending across compartments and services.
- Explain compartment quotas, service limits, and limit increase requests for resource consumption governance.
Observability
- Identify observability stack: Monitoring, Logging, Logging Analytics, Events, Notifications, and APM.
- Configure alarms with metric queries, composite conditions, notification channels, and suppression rules.
- Explain Audit, Logging, and Service Connector Hub for centralized log management and compliance reporting.
- Analyze operational needs to design monitoring, logging, and alerting meeting SLA and compliance requirements.
8
Application Development
1 topic
App Dev Services
- Identify app dev services: API Gateway, Streaming, Queue, Events, Notifications, and Email Delivery.
- Configure API Gateway with routes, authentication (JWT, custom), rate limiting, CORS, and request/response transformations.
- Explain DevOps service: build pipelines, deployment pipelines (OKE, Functions, Instance Group), artifacts, and triggers.
- Describe Streaming (Kafka-compatible) and Queue services for asynchronous messaging and event-driven architectures.
- Analyze app architecture requirements to select OCI services for API management, messaging, and CI/CD automation.
Scope
Included Topics
- All domains in the OCI Architect Associate (1Z0-1072) exam: Core Services, Networking, IAM, Security, Database, Governance, Compute, Storage, App Dev.
- Intermediate architecture: VCN design, subnet planning, security, load balancing, autoscaling, cross-AD deployment, and HA patterns.
- OCI compute, storage, networking, database (Autonomous, DB Systems, MySQL), and app dev services (Functions, API Gateway, OKE, Streaming, DevOps).
- Architecture best practices for high availability, DR, security hardening, cost optimization, and performance tuning on OCI.
Not Covered
- Expert multi-region architecture and complex enterprise governance covered in the Professional exam.
- Application code, SDK programming, and framework-specific implementation details.
- Oracle Database internals, PL/SQL, and advanced DBA tasks beyond service selection.
- Third-party tools and vendor-specific patterns beyond OCI-native services.
Official Exam Page
Learn more at Oracle
1Z0-1072 is coming soon
Adaptive learning that maps your knowledge and closes your gaps.
Create Free Account to Be Notified