Oracle Cloud Infrastructure 2019 Developer Associate — Question 10

You are designing a two-tier web application in Oracle Cloud Infrastructure (OCI). Your clients want to access the web servers from anywhere, but want to prevent access to the database servers from the Internet.
Which is the recommended way to design the network architecture?

Answer options

• A. Create public subnets for web servers and private subnets for database servers in your virtual cloud network (VCN), and associate separate internet gateways for each subnet.
• B. Create a public subnet for web servers and associate a dynamic routing gateway with that subnet, and a private subnet for database servers with no association to dynamic routing gateway.
• C. Create public subnets for web servers and private subnets for database servers in your VCN, and associate separate security lists and route tables for each subnet.
• D. Create a single public subnet for your web servers and database servers, and associate only your web servers to internet gateway.

Correct answer: D

Explanation

The correct answer is D because it allows web servers to be accessible from the internet while consolidating both server types in a single subnet. Options A and C incorrectly suggest creating private subnets for database servers, which is not necessary for the client's requirements. Option B does not provide internet access for web servers due to the lack of a proper gateway association.