Oracle Cloud Infrastructure 2022 Architect Professional — Question 52

A hospital in Austin has hosted its web-based medical records portal entirely in Oracle Cloud Infrastructure (OCI) using compute instances for its web-tier and DB System database for its data tier. To validate compliance with Health Insurance Portability and Accountability (HIPAA), the hospital hired an IT security professional to check their systems.
It was found that there were a lot of unauthorized requests coming from a set of IP addresses originating from a country in Southeast Asia.
Which option can mitigate this type of attack?

Answer options

• A. Block the attacking IP addresses by creating a Network Security Group rule to deny access to the compute instance where the web server is running.
• B. Block the attacking IP addresses by implementing an OCI Web Application Firewall policy using Access Control Rules.
• C. Block the attacking IP addresses by creating a Security List rule to deny access to the subnet where the web server is running.
• D. Implementing a OCI Web Application Firewall Bot Management policy to identify the attacking IP addresses and mitigate the threat.

Correct answer: B

Explanation

The correct answer is B, as implementing an OCI Web Application Firewall policy allows for more sophisticated filtering and protection against web-based attacks, utilizing Access Control Rules to specifically target and block malicious traffic. Options A and C, while they can block IP addresses, do not provide the advanced capabilities of a Web Application Firewall. Option D focuses on bot management, which may not directly address the unauthorized requests in this context.