Oracle Cloud Infrastructure 2022 Architect Professional — Question 30
You have 10 Oracle Linux Compute instances within the ociarchpro compartment running in Oracle Cloud Infrastructure (OCI). The instances are placed in a private subnet inside a Virtual Cloud Network (VCN). You plan to leverage the Oracle Vulnerability Scanning service to gain visibility into potential vulnerabilities. Your goal is to improve the overall security posture.
You create a Scan recipe with the following settings:
Type: Compute -
Name: ociproscanrecipe -
CIS benchmark scanning: Enabled -
CIS benchmark profile: Medium (More than 40% of the benchmarks failing is a high risk)
Schedule: Daily -
You create a target with the following settings:
Type: Compute -
Compartment: ociarchpro -
Scan recipe: ociproscanrecipe -
Targets: All compute instances in the selected target compartment and its sub-compartments
However, you are not able to see the result of host scans for the compute target.
For the given scenario, which is NOT a valid troubleshooting task?
Answer options
- A. Check whether the target was created less than 24 hours ago.
- B. Enable the scanning plugin on the Oracle Cloud Agent if you manually disabled it on the target compute instances.
- C. Create a service gateway for the Virtual Cloud Network (VCN) and configure a route rule.
- D. Disable agent-based scanning in the recipe.
Correct answer: C
Explanation
The correct answer is C because creating a service gateway and configuring a route rule is not related to the scanning process itself; it pertains to network access. Options A, B, and D are valid troubleshooting tasks as they directly address potential reasons for not receiving scan results, such as the timing of the target creation or the configuration of the scanning plugin.