Oracle Exam 1Z0-1072-23 Topic 7 Question 7 Discussion

Actual exam question for Oracle's 1Z0-1072-23 exam

Question #: 7
Topic #: 7

As a network architect you have deployed a public subnet on your Virtual Cloud Network (VCN) with this security list:

You have also created a network security group (NSG) as shown in the table here, and assigned it to your bastion host:

You have confirmed that routing is correct but when you SSH to the VM from your home over the Internet you are unable to connect.

What could be the problem?

AUser will be able to SSH to the VM from the Internet as SSH is open on the NSG.

BPublic subnet does not have a route rule to the Internet Gateway.

CInternet traffic should be allowed only on the NSG.

DSSH traffic is not allowed in the security list nor on the NSG from the Internet.

Show Suggested Answer

Suggested Answer: D

SSH traffic is not allowed in the security list nor on the NSG from the Internet is the correct answer. This is because the security list only allows ingress traffic from 10.0.0.24 on port 22, and the NSG only allows ingress traffic from 10.0.0.0/16 on port 22. Neither of them allows ingress traffic from 0.0.0.0/0 (the Internet) on port 22, which is required for SSH access. The other options are not correct, as they do not explain why SSH access is not possible. Reference: [Security Lists], [Network Security Groups]

by Sheridan at Oct 04, 2023, 10:19 AM

Limited Time Offer

25%

Off

Get Premium 1Z0-1072-23 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!