Oracle Cloud Infrastructure 2020 Architect Associate — Question 20

Your company uses the Oracle Cloud Infrastructure (OCI) Object Storage service to share large data sets with its data science team. The data science team consists of 20 people who work from offices in Washington, D.C., and Tokyo. While working in these offices, employees are assigned an IP address from the public IP range 129.146.31.0/27
Which two steps should you take to ensure that the Object Storage bucket used in this scenario was only accessible from these office locations? (Choose two.)

Answer options

• A. Write an IAM policy that includes the conditional statement where request.networkSource.name = CorpNet
• B. Set the bucket visibility to public and only share the URL with the data science team via email
• C. Create a pre-authenticated request for each data set and only share with the data science team via email
• D. Create a Network Source named CorpNetwork with a CIDR block of 129.146.31.0/27
• E. Create a Network Source named CorpNetwork with a CIDR block of 129.146.0.0/16
• F. Write an IAM policy that includes the conditional statement where request.region = 129.146.31.0/27

Correct answer: A, D

Explanation

The correct steps are A and D. Option A ensures that only requests from the specified network source can access the bucket, while option D sets up a network source that accurately reflects the IP range used by the offices. Options B and C do not restrict access based on IP address, and options E and F specify incorrect CIDR blocks or conditions that do not pertain to the scenario.