OCI 1Z0-1072-25 Glossary: Key Terms
March 31, 2026
OCI 1Z0-1072-25 glossary of tenancy, networking, resilience, cost, and service placement terms.
Use this glossary to clean up high-confusion OCI architecture terms, then route misses back to the right support page.
High-value terms
| Term |
Short meaning |
Why it matters on 1Z0-1072-25 |
| Availability domain |
Distinct OCI data-center fault domain within a region |
Core availability and placement term |
| Compartment |
Logical isolation and governance boundary for OCI resources |
Core governance and scoping term |
| Dynamic group |
Identity grouping based on resource attributes instead of named human users |
Common IAM distinction |
| Fault domain |
Additional placement boundary inside an availability domain |
High-yield resilience concept |
| Gateway |
OCI networking attachment that provides a path from a VCN to another network scope |
Core pathing term |
| NSG |
Network security group applied at the resource level |
Commonly confused with security lists |
| Public subnet |
Subnet pattern that allows public endpoints for appropriate resources |
Common placement term |
| Route table |
Rule set that determines where subnet traffic is sent next |
Core pathing term |
| Security list |
Subnet-level virtual firewall rule set |
Commonly confused with NSGs |
| Service gateway |
Path from a VCN to Oracle services without using the public internet |
Common architecture tie-break term |
| VCN |
Virtual Cloud Network, OCI’s private network boundary |
Core networking term |
| Workload placement |
Architectural decision about which tier or service belongs where |
Common scenario-design term |
Common confusion pairs
| Pair |
Keep this distinction clear |
| compartment vs VCN |
governance and access boundary versus network boundary |
| security list vs NSG |
subnet-scope rules versus resource-level rules |
| internet gateway vs service gateway |
public internet path versus private access to Oracle services |
| public subnet vs private subnet |
public endpoints allowed versus workloads kept off the public edge |
| HA design vs DR design |
local fault tolerance versus larger outage or recovery planning |
| route table vs security control |
traffic path selection versus traffic permission |
| load balancer vs DNS |
traffic distribution endpoint versus name resolution layer |
Fast recall anchors
Use these when answer choices all feel “OCI-ish” but only one matches the real architectural role:
- compartment: governance boundary
- VCN: network boundary
- security list: subnet-level permission
- NSG: resource-level permission
- gateway: path out of or into the network boundary
- route table: decides where traffic goes
- load balancer: distributes traffic
- availability domain: fault-isolated placement zone
If three terms blur together
| Cluster of terms |
Keep this clean mental split |
| compartment vs VCN vs subnet |
governance boundary vs network boundary vs segmented network slice |
| security list vs NSG vs route table |
subnet permission vs resource permission vs path selection |
| internet gateway vs NAT gateway vs service gateway |
public ingress or egress path vs outbound internet for private hosts vs private path to Oracle services |
| HA vs backup vs DR |
local resilience vs data protection vs larger recovery strategy |
Where to review next
| If the confusion is really about… |
Best page to revisit |
| weekly sequence and weak-spot planning |
Study Plan |
| networking and placement traps |
Cheat Sheet |
| last-week questions |
FAQ |
| canonical Oracle and OCI references |
Resources |
Revised on Sunday, May 10, 2026