Compute Instances should have secure boot enabled

oci-compute
Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Description

Shielded Instances with Secure Boot enabled prevents unauthorized boot loaders and operating systems from booting. This prevents rootkits, bootkits, and unauthorized software from running before the operating system loads. Secure Boot verifies the digital signature of the system’s boot software to check its authenticity.

This rule checks that Secure Boot is enabled on OCI Compute instances. Secure Boot is a feature of Unified Extensible Firmware Interface (UEFI) that only allows approved operating systems to boot up. A threat actor with access to the operating system may seek to alter boot components to persist malware or rootkits during system initialization.

Remediation

For guidance on configuring Secure Boot on Shielded Instances, refer to the Shielded Instances section of the Oracle Cloud Infrastructure Documentation.