OCI 1Z0-1085-25 Glossary: Key Terms
March 31, 2026
OCI 1Z0-1085-25 glossary of tenancy setup, IAM, networking, compute, storage, and monitoring terms.
Use this glossary to clean up high-confusion OCI foundations terms, then route misses back to the right support page.
High-value terms
| Term |
Short meaning |
Why it matters on 1Z0-1085-25 |
| Availability domain |
Distinct OCI data-center fault domain within a region |
Core resilience and placement term |
| Compartment |
Logical isolation and governance boundary for OCI resources |
Core OCI governance term |
| Dynamic group |
Identity grouping based on resource attributes instead of named users |
Common IAM distinction |
| Fault domain |
Additional placement boundary inside an availability domain |
High-yield availability concept |
| NSG |
Network security group applied at the resource level |
Commonly confused with security lists |
| Object Storage |
OCI storage for unstructured objects, not mounted block devices |
Core service-map term |
| Policy statement |
IAM syntax used to grant permissions in a scope |
Common OCI foundations question term |
| Region |
Geographic boundary containing OCI resources and availability domains |
Core scope term |
| Security list |
Subnet-level virtual firewall rule set |
Commonly confused with NSGs |
| Service gateway |
Gateway that lets a VCN privately access supported Oracle services |
Common networking tie-break term |
| Tenancy |
Top-level OCI account boundary |
Core organizational term |
| VCN |
Virtual Cloud Network, OCI’s private network boundary |
Core networking term |
Common confusion pairs
| Pair |
Keep this distinction clear |
| tenancy vs compartment |
top-level account boundary versus governed subdivision inside it |
| security list vs NSG |
subnet-scope rules versus resource-level rules |
| Object Storage vs Block Volume |
object and bucket storage versus attached block storage |
| Dynamic group vs user group |
resource identity grouping versus people identity grouping |
| region vs availability domain |
larger geographic scope versus fault-isolated zone inside it |
| internet gateway vs NAT gateway |
direct public internet path versus outbound-only internet access for private resources |
| route table vs security control |
path selection versus traffic permission |
Fast recall anchors
Use these when answer choices all feel “OCI-ish” but only one matches the real platform role:
- tenancy: top-level account boundary
- compartment: governance subdivision
- VCN: network boundary
- security list: subnet rules
- NSG: resource rules
- Object Storage: object data
- Block Volume: attached disk
- policy: permission statement
- dynamic group: resources, not people
If three terms blur together
| Cluster of terms |
Keep this clean mental split |
| tenancy vs compartment vs VCN |
account boundary vs governance boundary vs network boundary |
| security list vs NSG vs route table |
permission at subnet scope vs permission at resource scope vs traffic path selection |
| Object Storage vs Block Volume vs File Storage |
object data vs attached volume vs shared file system |
| region vs availability domain vs fault domain |
geography vs data-center-level isolation vs additional placement isolation |
Where to review next
| If the confusion is really about… |
Best page to revisit |
| weekly sequence and weak-spot planning |
Study Plan |
| IAM, networking, and service-map traps |
Cheat Sheet |
| final questions and study strategy |
FAQ |
| canonical Oracle and OCI references |
Resources |
Revised on Sunday, May 10, 2026