Oracle Exam 1Z0-997-23 Topic 6 Question 2 Discussion

Actual exam question for Oracle's 1Z0-997-23 exam

Question #: 2
Topic #: 6

[All 1Z0-997-23 Questions]

You designed and deployed your Autonomous Data Warehouse (ADW) so that it is

accessible from your on-premise data center and servers running on both private and public

networks in Oracle Cloud Infrastructure (OCI).

As you are testing the connectivity to your ADW database from the different access paths, you

notice that the server running on the private network is unable to connect to ADW.

Which two steps do you need to take to enable connectivity from the server on the private network to

ADW? (Choose two.)

AAdd an entry in the Security List of the ADW allowing ingress traffic for CIDR block
10.2.2.0/24

BAdd an entry in the route table (associated with the private subnet) with destination of
0.0.0.0/0; target type of NAT Gateway, add a stateful egress rule to the security list (associated
with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols.

CAdd an entry in the access control list of ADW for IP address 129.146.160.11

DAdd an entry in the route table (associated with the private subnet) with destination of
0.0.0.0/0; target type of Internet Gateway, add a stateful egress rule to the security list
(associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols.

EAdd an entry in the access control list of ADW for CIDR block 10.2.2.0/24.

Show Suggested Answer

Suggested Answer: B, E

Option A is incorrect because adding an entry in the Security List of the ADW allowing ingress traffic for CIDR block 10.2.2.0/24 will not enable connectivity from the server on the private network to ADW.This is because ADW does not use security lists to control access to its database service2.

Option B is correct because adding an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/0; target type of NAT Gateway, will allow outbound internet access from the server on the private network without exposing its private IP address3. Additionally, adding a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols will allow outbound traffic from any source port to any destination port.

Option C is incorrect because adding an entry in the access control list of ADW for IP address 129.146.160.11 will not enable connectivity from the server on the private network to ADW. This is because this IP address belongs to the NAT gateway, not to the server on the private network.

Option D is incorrect because adding an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/0; target type of Internet Gateway, will expose the private IP address of the server on the private network to the public internet3. This is not recommended for security reasons and may also cause routing conflicts.

Option E is correct because adding an entry in the access control list of ADW for CIDR block 10.2.2.0/24 will allow access from any IP address within that range, including the server on the private network2.

by Raina at Sep 02, 2023, 08:58 AM

Limited Time Offer

25%

Off

Get Premium 1Z0-997-23 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!