# 1z0-997-20 — Question 606

**Type:** multiple_choice
**Topics:** topic_1

## Question

A hospital in Austin has hosted its web-based medical records portal entirely in Oracle Cloud Infrastructure (OCI) using compute instances for its web-tier and DB
System database for its data tier. To validate compliance with Health Insurance Portability and Accountability (HIPAA), the hospital hired an IT security professional to check their systems.
It was found that there were a lot of unauthorized requests coming from a set of IP addresses originating from a county in Southeast Asia.
Which option can mitigate this type of attack? (Choose the best answer.)

## Correct Answer

_See scenario._

## Explanation

I think proper answer is D. WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications. Access rules can limit based on geography or the signature of the request.

**Reference:** examtopics_top_comment

---
Source: https://hiexam.net/q/oracle/1z0-997-20/606  
Practice (tracked): https://hiexam.net/study/1z0-997-20/practice