Oracle Cloud Infrastructure 2021 Multicloud Architect Associate — Question 47

Which two statements are TRUE about Object Storage data security and encryption in Oracle Cloud Infrastructure (OCI)? (Choose two.)

Answer options

• A. Client-side encryption is managed by the customer.
• B. Data needs to be decrypted on the client side before retrieving it.
• C. OCI Vault Management is used by default to provide data security.
• D. All traffic to and from Object Storage service is encrypted using TLS.
• E. A VPN connection to OCI is required to ensure secure data transfer to an object storage bucket.

Correct answer: A, D

Explanation

Option A is correct because client-side encryption is indeed the responsibility of the customer, allowing them to manage their own encryption keys. Option D is also correct as all communication with the Object Storage service is encrypted with TLS. Options B, C, and E are incorrect; B incorrectly states the decryption requirement, C misrepresents the default security management, and E inaccurately implies that a VPN is mandatory for secure data transfer.