Question 4

Question

Your company utilizes a hybrid cloud architecture, connecting its on-premises network to an OCI VCN
using a FastConnect private peering connection. You need to ensure that instances within a specific
subnet in the VCN can only communicate with resources in a designated IP address range within the
on-premises network. What is the MOST effective way to achieve this specific network isolation?

Accepted Answer

Create a custom route table for the subnet with a route rule pointing to the Dynamic Routing
Gateway (DRG) and configure network security groups (NSGs) to limit traffic to the specified on-
premises IP address range.

Kevin H. · Answer

C but honestly not sure if you also need a security list tweak or just NSGs. Most practice exams point to custom route table with DRG plus NSG for this kind of restriction. Anyone seen it work another way?

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE