Oracle Cloud Infrastructure 2020 Architect Associate — Question 18

A customer launched a compute instance in the Virtual Cloud Network (VCN), which has an internet gateway, a service gateway, a default security lists and a default route table. The customer opened up Port 22 in the security lists attached to the compute instance subnet, however is still unable to connect to compute instances using SSH.
Which action can resolve this issue?

Answer options

• A. Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful egress rule to allow ICMP traffic in addition to the port 22.
• B. Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table: Destination CIDR: 0.0.0.0/0 Target: Service Gateway (SGW)
• C. Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table: Destination CIDR: 0.0.0.0/0 Target: Dynamic Routing Gateway (DRG)
• D. Modify the route table associated with the VCN subnet in which the instance resides. Add a following route to the route table: Destination CIDR: 0.0.0.0/0 Target: Internet Gateway (IGW)

Correct answer: A

Explanation

The correct answer is A because modifying the security list to allow ICMP traffic can help with connectivity issues related to SSH. The other options involve changes to the route table, which may not resolve the inability to connect via SSH if the security rules are not correctly configured to allow the necessary traffic.