Compute Instances should have secure boot enabled

oci-compute
이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Shielded Instances with Secure Boot enabled prevents unauthorized boot loaders and operating systems from booting. This prevents rootkits, bootkits, and unauthorized software from running before the operating system loads. Secure Boot verifies the digital signature of the system’s boot software to check its authenticity.

This rule checks that Secure Boot is enabled on OCI Compute instances. Secure Boot is a feature of Unified Extensible Firmware Interface (UEFI) that only allows approved operating systems to boot up. A threat actor with access to the operating system may seek to alter boot components to persist malware or rootkits during system initialization.

Remediation

For guidance on configuring Secure Boot on Shielded Instances, refer to the Shielded Instances section of the Oracle Cloud Infrastructure Documentation.