Oracle Cloud Infrastructure 2021 Architect Associate — Question 32

Which of the following statements is true about the Oracle Cloud Infrastructure (OCI) Object Storage server-side encryption?

Answer options

• A. Each object in a bucket is always encrypted with the same data encryption key.
• B. Encryption of data encryption keys with a master encryption key is optional.
• C. Encryption is enabled by default and cannot be turned off.
• D. Customer-provided encryption keys are always stored in OCI Vault service.

Correct answer: C

Explanation

The correct answer is C, as Oracle Cloud Infrastructure Object Storage has encryption enabled by default and does not allow it to be disabled. Option A is incorrect because each object can use a unique data encryption key. Option B is wrong since encrypting data encryption keys with a master key is not optional, and option D is misleading as customer-provided keys are not necessarily stored in the OCI Vault service.