You are responsible for managing the network infrastructure of a multi-tenant SaaS application deployed on OCI. Each tenant has their own dedicated VCN. To simplify management and provide a centralized point for connectivity to your on-premises network via FastConnect, you are using a DRG. However, you need to ensure that tenants are logically isolated from each other, and no traffic can flow directly between tenant VCNs through the DRG. How can you achieve tenant isolation while still allowing each tenant to connect to your on-premises network through the centralized DRG?
Which of the following is a disadvantage of using a public internet-based VPN connection for migrating large datasets from another cloud provider to OCI?
You are using the OCI Application Load Balancer (ALB) for your web application. You want to implement a blue/green deployment strategy to minimize downtime during application updates. You have two backend sets: 'blue' (the current version) and 'green' (the new version). What is the most efficient way to switch traffic from the 'blue' backend set to the 'green' backend set using the ALB's traffic management capabilities?
You are automating the deployment of a highly available OKE cluster across multiple availability domains (ADs) using Terraform. The OKE cluster needs to communicate with a database service running on a Compute instance in a separate private subnet within the same VCN. During the Terraform deployment, you encounter an error indicating that the Kubernetes pods cannot resolve the private IP address of the database instance. You’ve verified that DNS resolution works correctly for other resources within the VCN. What is the MOST probable reason for this DNS resolutionfailure?
A company wants to leverage a best-of-breed approach for their application stack. They plan to use OCI for its Autonomous Database, Azure for its container orchestration (AKS), and AWS for its object storage (S3). Considering cost optimization and minimizing data egress charges, which strategy is the MOST efficient for transferring large datasets between these services?
For a multi-tier architecture with a strict compliance requirement to log all user access to private resources, which Bastion service configuration is most suitable?
When using Service Connector Hub to route VCN Flow Logs to Object Storage for long-term analysis, which Service Connector Hub task type is essential for ensuring the logs are correctly processed and stored?
You are using Terraform to deploy a multi-tier application architecture consisting of a public subnet hosting a load balancer, a private subnet hosting application servers, and another private subnet hosting a database. The Terraform code successfully creates all the required infrastructure, including route tables and security lists. However, after deployment, you realize that the load balancer cannot reach the application servers in the private subnet. You have verified that the load balancer is healthy and the application servers are running. What is the most likely cause of this connectivity problem?
You are tasked with migrating a critical, latency-sensitive application from Azure to OCI. Due to compliance requirements, all data must be encrypted in transit. Which connectivity option provides the BEST combination of security and performance for this migration?
You have configured DNSSEC for your domain hosted on OCI DNS. You understand the importance of regularly rotating your Key Signing Key (KSK) to maintain security best practices. Which of the following statements regarding KSK rotation in OCI DNS is TRUE?