Oracle Cloud Platform Data Integration 2020 Specialist — Question 60

As a cloud-native developer, you have written a web service for your company. You have used Oracle Cloud Infrastructure (OCI) API Gateway service to expose the HTTP backend. However, your security team has suggested that your web service should handle Distributed Denial-of-Service (DDoS) attack. You are time- constrained and you need to make sure that this is implemented as soon as possible.
What should you do in this scenario? (Choose the best answer.)

Answer options

• A. Use OCI virtual cloud network (VCN) segregation to control DDoS.
• B. Use a third party service integration to implement a DDoS attack mitigation.
• C. Use OCI API Gateway service and configure rate limiting.
• D. Re-write your web service and implement rate limiting.

Correct answer: C

Explanation

The correct answer is C because configuring rate limiting in the OCI API Gateway service provides an immediate and effective way to mitigate DDoS attacks by controlling the number of requests received. Option A is less effective as VCN segregation does not directly address DDoS mitigation. Option B introduces unnecessary complexity and potential delays, while option D requires a complete rewrite of the web service, which is not time-efficient given the constraints.