Q: 10
You are managing a critical application hosted on OCI. To enhance security, you have enabled DNSSEC
for your domain using OCI DNS. You want to automate the process of monitoring the health and
validity of your DNSSEC configuration and receive alerts if any issues are detected. Which OCI service
can be MOST effectively used for this DNSSEC monitoring purpose?
Options
Discussion
Pretty sure it's B here. OCI Monitoring lets you track DNSSEC-related metrics and set up alerts automatically if something goes wrong. Not 100% but that's what I'd pick based on how Oracle sets up their monitoring tools. Agree?
Why not just use D for direct DNS log analysis? Does B really cover DNSSEC specifics?
Nah, I think it's B for sure. Monitoring Service is built exactly for setting up alarms on metrics like DNSSEC health, while Logging Analytics is better for digging into logs but not as direct with alerting. Easy to mix them up since both use log data, but B lines up more with Oracle's alerting setup. Anyone disagree?
B , official docs and OCI practice tests both push Monitoring for automated health checks with alerting. Logging Analytics is more for deep-dive log analysis, but not the best call here.
Maybe D. Seen similar questions in some practice exams and Logging Analytics often comes up for log-driven alerting.
I'm not convinced B is the best pick. I think D would fit better since Logging Analytics can analyze DNS logs and flag anomalies, including DNSSEC issues, and you could set up queries to alert you. Audit and Vulnerability Scanning feel off-topic here. Maybe I'm missing something but D seems a valid choice too, unless there's a caveat with alerting. Thoughts?
I don't think it's D. Logging Analytics is great for in-depth log searches but doesn't really do automated DNSSEC health alerts out of the box. B fits if you want to set alarms and get proactive notifications, which is what the question asks. I think B is it, though D does trip people up sometimes.
I don’t think it’s B. D is a trap option but Logging Analytics feels closer for DNSSEC log insights.
B makes sense here since OCI Monitoring is what you'd use for actual metric tracking and alerting, not just analyzing logs. D (Logging Analytics) is more about digging into log patterns but doesn't do the automated health/alarm piece as directly. Pretty sure Monitoring is what Oracle recommends for this.
D , had something like this in a mock and Logging Analytics seemed the right pick for DNSSEC log monitoring.
Be respectful. No spam.
