A financial services company is deploying a three-tier web application in OCI. The compliance team has mandated that network traffic between the web and application tiers must be strictly controlled, allowing only specific TCP ports. Additionally, the security posture must be easily auditable and scalable as more application servers are added. Which OCI networking security feature should be used to meet these requirements most effectively?
A data analytics firm uses OCI File Storage Service (FSS) to share large datasets among a cluster of compute instances. The performance of data processing jobs has degraded. Initial investigation reveals that the FSS is experiencing high IOPS and throughput, but the compute instances are underutilized. You need to propose a solution to improve performance without changing the compute instance shapes. What is the most direct way to enhance the FSS performance?
You are designing an IAM policy to grant a group of junior administrators the ability to manage compute instances within a specific compartment named 'Staging'. However, you must prevent them from terminating any instance that has a defined tag `Protection: 'Critical'`. Which two IAM policy statements, when combined, would achieve this goal? (Select TWO)
A startup is deploying a containerized application using OCI Container Engine for Kubernetes (OKE). For cost optimization, they plan to use a mix of VM instances and preemptible (spot) instances for their worker nodes. The application has some stateful components that require persistent storage. Which OCI storage service should be configured with the CSI (Container Storage Interface) plugin to provide reliable, high-performance, and network-attached block storage for the Kubernetes pods?
A global e-commerce platform is hosted in the OCI Frankfurt region. To provide faster page loads for customers in North America and Asia, the architect decides to use the OCI Traffic Management service. They need to configure a steering policy that directs users to the geographically closest of three endpoints: one in Frankfurt, one in Ashburn, and one in Tokyo. If one endpoint fails its health check, traffic should automatically be redirected to the next closest healthy endpoint. Which Traffic Management steering policy should be implemented?
During a routine audit, it was discovered that a developer inadvertently launched a large number of high-cost GPU compute instances in a development compartment, leading to a significant budget overrun. To prevent this from recurring, the cloud administrator needs to implement a control that automatically prevents the creation of resources that would exceed a predefined budget for that compartment. Which OCI feature should be used?
True or False: When using an OCI NAT Gateway in a public subnet, you must also add a route rule to the private subnet's route table that directs traffic destined for the internet to the NAT Gateway.
An architect is tasked with designing a highly available and fault-tolerant compute architecture. The application requires that if an entire Availability Domain (AD) fails, the application remains operational with minimal performance degradation. The application servers are stateless. What is the most cost-effective and resilient OCI compute configuration to achieve this?
A media company stores large video files in an OCI Object Storage Standard tier bucket for processing. After 30 days, these files are accessed infrequently but must be available for retrieval within two hours. After 180 days, they are rarely accessed and can tolerate a retrieval time of up to four hours. To optimize storage costs, what is the correct lifecycle policy configuration?
You are troubleshooting a connectivity issue between a compute instance in a private subnet and the OCI Object Storage service endpoint. The instance needs to upload backup files. You have confirmed that the instance has the correct IAM permissions. A Service Gateway is attached to the VCN, and the private subnet's security list allows all egress traffic. What is the most likely missing configuration piece?