Which three services Integrate with Oracle Cloud Infrastructure (OCI) Key Management?
DATA ENCRYPTION
Protect customer data at-rest and in-transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms andkey management
The Oracle Cloud InfrastructureBlock Volume servicealways encrypts all block volumes, boot volumes, and volume backups at rest by using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption. By default all volumes and their backups are encrypted using the Oracle-provided encryption keys. Each time a volume is cloned or restored from a backup the volume is assigned a new unique encryption key.
TheFile Storage serviceencrypts all file system and snapshot data at rest. By default all file systems are encrypted using Oracle-managed encryption keys. You have the option to encrypt all of your file systems using the keys that you own and manage using the Vault service.
Object Storageemploys 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on the server. Each object is encrypted with its own data encryption key. Data encryption keys are always encrypted with a master encryption key that is assigned to the bucket. Encryption is enabled by default and cannot be turned off. By default, Oracle manages the master encryption key.
https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Concepts/overview.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Concepts/objectstorageoverview.htm
https://docs.cloud.oracle.com/en-us/iaas/Content/File/Concepts/filestorageoverview.htm
Oracle Cloud InfrastructureKey Managementis a managed service that enables you to encrypt your data using keys that you control.
IAM, Autoscaling and functions cannot be used with Key Management and hence are incorrect options.
https://docs.cloud.oracle.com/en-us/iaas/Content/KeyManagement/Concepts/keyoverview.htm
Currently there are no comments in this discussion, be the first to comment!