You have been asked to set up connectivity between a client's on-premises network and Oracle Cloud Infrastructure (OCI). The requirements are:
Low latency: The applications are financial and require low latency connectivity into OCI. Consistency: The application isn't tolerant of performance variation.
Performance: The communications link needs to support up to 1.25 Gbps.
Encryption: The communications link needs to encrypt any data in transit between the on-premises network and OCI Virtual Cloud Network (VCN).
The client wants to implement the above with as low a cost as possible, while meeting all of the requirements. What should you suggest? (Choose the best answer.)
Your customer is running a set of compute instances inside a private subnet to manage their workloads on Oracle Cloud Infrastructure (OCI) tenancy. You have set up auto scaling feature to provide consistent performance to their end users during period of high demand.
Which step should be met for auto scaling to work? (Choose the best answer.)
Service gateways or public IP addresses: The compute instance must have either a public IP address or a service gateway to be able to send compute instance metrics to the Monitoring service.
For metric-based autoscaling, monitoring is enabled on the instances in the instance pool, and the Monitoring service is receiving metrics that are emitted by the instance. When you initially create an instance pool using instances that support monitoring, monitoring is enabled by default, regardless of the settings in the pool's instance configuration.
You have been asked to ensure that in-transit communication between an Oracle Cloud Infrastructure (OCI) compute instance and an on-premises server (192.168.10.10/32) is encrypted. The instances communicate using HTTP. The OCI Virtual Cloud Network (VCN) is connected to the on-premises network by two separate connections: a Dynamic IPsec VPN tunnel and a FastConnect virtual circuit. No static configuration has been added.
What solution should you recommend? (Choose the best answer.)
You set up a bastion host in your VCN to only allow your IP address (140.19.2.140) to establish SSH connections to your Compute Instances that are deployed in a private subnet. The Compute Instances have an attached Network Security Group with a Source Type: Network Security Group (NSG), Source NSG: NSG-050504. To secure the bastion host, you added the following ingress rules to its Network Security Group:
However, after checking the bastion host logs, you discovered that there are IP addresses other than your own that can access your bastion host.
What is the root cause of this issue? (Choose the best answer.)
You have the following compartment structure within your company's Oracle Cloud Infrastructure (OCI) tenancy:
You want to create a policy in the root compartment to allow SystemAdmins to manage VCNs only in CompartmentC.
Which policy is correct? (Choose the best answer.)
Complete Compartment path is required. It is also advisable to do so, as policies are name based ones.