Compute Instances should have secure boot enabled
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
Shielded Instances with Secure Boot enabled prevents unauthorized boot loaders and operating systems from booting. This prevents rootkits, bootkits, and unauthorized software from running before the operating system loads. Secure Boot verifies the digital signature of the system’s boot software to check its authenticity.
This rule checks that Secure Boot is enabled on OCI Compute instances. Secure Boot is a feature of Unified Extensible Firmware Interface (UEFI) that only allows approved operating systems to boot up. A threat actor with access to the operating system may seek to alter boot components to persist malware or rootkits during system initialization.
For guidance on configuring Secure Boot on Shielded Instances, refer to the Shielded Instances section of the Oracle Cloud Infrastructure Documentation.
