You are designing a multi-tier application in OCI, deploying the application tier in a public subnet and the database tier in a private subnet within the same VCN. The application tier requires access to specific external internet resources for software updates and third-party API calls. However, the database tier should not have direct internet access. Which of the following is the most secure and efficient method to achieve this configuration?
You are responsible for managing access to an Oracle Autonomous Database (ADB) instance inyour OCI environment. You need to configure a secure connection to the ADB from compute instances located in a private subnet. You want to limit access to the ADB to only the designated compute instances. Which type of endpoint, in conjunction with appropriate security rules, provides the MOST granular control over network access to the Autonomous Database?
You are designing a hybrid cloud solution where sensitive data must be transferred between your on-premises data center and an OCI VCN. You require a dedicated, private connection with guaranteed bandwidth and low latency. In addition to FastConnect, what additional product would you implement to achieve encryption of the traffic traversing the FastConnect link and to ensure data confidentiality?
You have configured DNSSEC for your domain hosted on OCI DNS. You understand the importance of regularly rotating your Key Signing Key (KSK) to maintain security best practices. Which of the following statements regarding KSK rotation in OCI DNS is TRUE?
Which aspect of OCI's security framework is essential for continuous monitoring and verification of packet flows, a core requirement of Zero Trust Packet Routing?
