Oracle Cloud Platform Data Integration 2020 Specialist — Question 40

You are developing a serverless application with Oracle Functions. Your function needs to store state in a database. Your corporate security standards mandate encryption of secret information like database passwords.
As a function developer, which approach should you follow to satisfy this security requirement? (Choose the best answer.)

Answer options

• A. Use the Oracle Infrastructure Console and enter the password in the function configuration section in the provided input field.
• B. Use Oracle Cloud Infrastructure Key Management to auto-encrypt the password. It will inject the auto-decrypted password inside your function container.
• C. Encrypt the password using Oracle Cloud Infrastructure Key Management. Decrypt this password in your function code with the generated key.
• D. All function configuration variables are automatically encrypted by Oracle Functions.

Correct answer: C

Explanation

The correct answer is C, as it ensures the password is securely encrypted and only decrypted within the function code using the generated key, adhering to security standards. Option A is incorrect because entering passwords in the console does not provide adequate security. Option B suggests auto-decryption, which may expose the password during runtime, and option D is misleading since not all configuration variables are automatically encrypted.