Question: 1/50
A team is designing a new public-facing web application on OCI. Requirements: (1) TLS must terminate at the edge, (2) traffic must be distributed across multiple application instances, and (3) the application instances must not have public IP addresses. Which architecture best meets these requirements?
Create a public Load Balancer in a public subnet and place application instances in a private subnet; allow only Load Balancer-to-instance traffic via security rules
Create a public Network Load Balancer in a private subnet and place application instances in a public subnet; attach a TLS certificate to the instances
Expose each application instance using an ephemeral public IP and use DNS round-robin with health checks
Use an Internet Gateway with route rules to directly forward 443 traffic to private IPs of instances in a private subnet