Valid 1z0-1124-25 Dumps shared by ExamDiscuss.com for Helping Passing 1z0-1124-25 Exam! ExamDiscuss.com now offer the newest 1z0-1124-25 exam dumps, the ExamDiscuss.com 1z0-1124-25 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 1z0-1124-25 dumps with Test Engine here:
A company has deployed a VCN in OCI with multiple subnets. Security requirements dictate that instances in different subnets within the same VCN should not be able to directly communicate with each other unless explicitly permitted. You are tasked with implementing this policy. What is the most appropriate approach to meet this requirement?
Correct Answer: C
* Requirement:Restrict inter-subnet communication unless permitted. * Options Analysis: * A:Removing default route breaks all routing, overly restrictive; incorrect. * B:Separate VCNs are excessive, complex; less practical. * C:NSGs provide granular, explicit control; optimal approach. * D:External firewall adds complexity, not VCN-native; inefficient. * NSG Advantage:Instance-level rules enforce policy within VCN. * Conclusion:NSGs are the most appropriate solution. NSGs enable precise security within a VCN. The Oracle Networking Professional study guide states, "Network Security Groups (NSGs) allow you to define strict ingress and egress rules for instances, ensuring inter-subnet communication is explicitly permitted as per security policies" (OCI Networking Documentation, Section: Network Security Groups). This is more efficient than VCN separation or external firewalls.