Exam 1z0-1072-20 topic 1 question 13 discussion

AB correct

A B are correct. REF: https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/securitylists.htm#Default "Stateful egress: Allow all traffic. This allows instances to initiate traffic of any kind to any destination. Notice that this means the instances with public IP addresses can talk to any internet IP address if the VCN has a configured internet gateway. And because stateful security rules use connection tracking, the response traffic is automatically allowed regardless of any ingress rules. For more information, see Stateful Versus Stateless Rules." If the instance cannot reach internet, it means that its default SL doesn't have a stateful egress rule (Even though default security lists arrive with default stateful egress rule enabling All traffic for all ports rule).

A,B is true. no route table= nothing no ingress= internet cant see internal IP no egress= cant see internet DRG and Nat is not necessary

You need to reach the internet, and its a public subnet. If it was a private subnet you would configure a NAT gateway.

correct .. AB

Answer is AB

A & B Since Statefulness means if Egress is configured, Ingres would be automatically configured as well, Egress goes our to the internet, hence A,B is correct.

AD. Ingress to define in which port connections from the outside are allowed.

A and B correct Stateful egress: Allow all traffic. This allows instances to initiate traffic of any kind to any destination. Notice that this means the instances with public IP addresses can talk to any internet IP address if the VCN has a configured internet gateway. And because stateful security rules use connection tracking, the response traffic is automatically allowed regardless of any ingress rules. For more information, see Stateful Versus Stateless Rules.

A+B will allow instances to go put to the internet, but we need D to get to them from internet. I vote A+D

It's definively A, D. There is no nedd of egress rules, as they are already defined in the default SL for any IP and port: "If you've configured the public subnet to use the default security list, remember that the list includes several helpful default rules that enable basic required access (examples: ingress SSH, egress access to all destinations)."

I belive it's A and B

answer is A nd B , because instances unable to reach internet that means egress need to be enabled

Ingress is when someone make a request for your CLOUD VM's, and this is not the case, as the VM's want's to access the internet, so A and B.

Stateful Rules Marking a security rule as stateful indicates that you want to use connection tracking for any traffic that matches that rule. This means that when an instance receives traffic matching the stateful ingress rule, the response is tracked and automatically allowed back to the originating host, regardless of any egress rules applicable to the instance. So it's A D No egress rule is needed when you define ingress rule

A,B are the correct answers. -DRG is used when you want to create a path between your network and destinations other than the internet, for example your on-prem network. -Stateful ingress rules are automatically created. -Nat gateway would be used if the created network was private.

AB The servers need a stateful egress rule for reaching the internet.