Which statement accurately describes ephemeral principals?
Correct : A
Ephemeral principals in Oracle Cloud Infrastructure (OCI) refer to temporary security credentials granted to resources, such as compute instances, to enable them to interact with OCI services securely. These credentials have a limited lifespan and are typically used in situations where resources need to authenticate temporarily without the need for long-lived credentials.
Use Case: Ephemeral principals are often used for instance principals, allowing compute instances to make API calls without the need to manage long-term keys or credentials.
Oracle Cloud Infrastructure Documentation: Using Instance Principals
Start a Discussions
Which TWO statements are true about performing a multipart upload using the Multipart Upload API?
Correct : C, D
When performing a multipart upload using the Multipart Upload API in Oracle Cloud Infrastructure (OCI) Object Storage, the following points are true:
C . Each part can be as large as 50 GiB: OCI allows each part of a multipart upload to be up to 50 GiB in size. This enables the efficient uploading of large objects in smaller, manageable parts.
D . You can keep adding parts as long as the total number is less than 10,000: The Multipart Upload API supports up to 10,000 parts for a single object. This allows the upload of very large objects by dividing them into multiple parts.
Incorrect Statements:
A . After uploading all parts, you must commit the upload to finalize the multipart upload and combine all parts into a single object.
B . The object must be split into parts before uploading when using the Multipart Upload API.
Oracle Cloud Infrastructure Documentation: Multipart Uploads
Start a Discussions
Which OCI service would you use to apply kernel security updates to all instances?
Correct : D
The OS Management Service in Oracle Cloud Infrastructure (OCI) is designed to manage and maintain the operating systems of your compute instances. This service allows you to apply kernel security updates, manage package installations, and monitor the status of updates across all instances in your environment.
Kernel Security Updates: With OS Management Service, you can automate and schedule kernel updates, ensuring that all instances are up-to-date with the latest security patches. This helps maintain the security and integrity of your infrastructure without needing to manually update each instance.
Other Options:
Container Registry: Used for storing and managing container images, not for applying OS updates.
Data Safe: A service focused on database security, not applicable for OS-level updates.
Artifact Registry: A repository for storing and managing software artifacts, not related to OS management.
Relevant OCI Documentation:
OS Management Service Overview
This documentation provides details on how to use OS Management Service to handle kernel security updates and other OS-level management tasks.
Start a Discussions
Which statement is true about pre-authenticated requests?
Correct : A
In Oracle Cloud Infrastructure (OCI), pre-authenticated requests (PARs) allow users to grant access to specific objects in Object Storage without requiring the recipient to have an OCI account or credentials. This feature is useful for sharing objects securely without exposing broader access.
Cannot Edit a PAR: Once a pre-authenticated request is created, you cannot edit it. If you need to change the settings, such as the expiration date or the object being shared, you must delete the existing PAR and create a new one.
Other Statements:
Deleting a PAR does indeed revoke access immediately, contradicting option B.
Providing OCI credentials (C) is not required for using PARs. The purpose of PARs is to avoid sharing credentials.
Deleting Buckets (D): PARs are designed for accessing objects, not for administrative actions like deleting buckets.
Relevant OCI Documentation:
Managing Pre-Authenticated Requests
This reference outlines the features and limitations of pre-authenticated requests, including the inability to edit them once created.
Start a Discussions
Which statement accurately describes the key features and benefits of OCI Confidential Computing?
Correct : C
OCI Confidential Computing is a security feature designed to protect data in use. This is particularly important for sensitive workloads where data must be secured not only when at rest or in transit but also while being processed.
Encrypts and Isolates In-Use Data: OCI Confidential Computing ensures that data and the applications processing it are isolated from the underlying infrastructure. This means that even if the infrastructure is compromised, the in-use data remains secure. The technology typically leverages secure enclaves or other hardware-based isolation mechanisms to achieve this.
Other Options:
Optimizing Network Performance (A), Automatic Scalability and Load Balancing (B), and Secure Data Storage (D) are important features, but they are not related to the core capabilities of Confidential Computing, which focuses on in-use data protection.
Relevant OCI Documentation:
OCI Confidential Computing Overview
This documentation provides a detailed explanation of how OCI Confidential Computing works and its benefits for securing sensitive data during processing.
Start a Discussions