An organization is using Oracle Cloud Infrastructure $($OCI$)$ for its cloud services. The network administrator has been asked to ensure that all instances within a specific subnet can only communicate with each other on port $22($SSH$)$ and should not accept any other inbound traffic from outside the subnet.

The administrator decides to use OCI's networking features to accomplish this task.

Which of the following should the administrator configure to meet the requirement?

answer

Assign a security group to each instance within the subnet, with a rule that allows inbound traffic on port $22$ from the subnet's CIDR range.

Configure a stateful security group that drops all network traffic except for SSH traffic on port $22$ for the entire subnet.

Create a security list for the subnet that allows inbound traffic on port $22$ from the subnet's CIDR range and denies all other inbound traffic.

Implement a network security group $($NSG$)$ in OCI and apply it to the subnet, allowing only port $22$ traffic and dropping all other traffic.