CapEx is Capital expenditures comprise major purchases that will be used in the future. OpEx Operating expenditures (expenses) represent day-to-day costs that are necessary to keep a business running.
Question 32
Which OCI storage service does not provide encryption for data at rest?
Correct Answer: C
NVMe stands for non-volatile memory express. It is a storage protocol created to fasten the transfer of data between enterprise and client systems and solid-state drives (SSDs) over a computer's high-speed Peripheral Component Interconnect Express bus. The characteristics are: 1) Local NVMe is NVMe SSD-based temporary storage. 2) It is the locally-attached NVMe devices to the OCI compute instance 3) It is used very high storage performance requirements, lots of throughput, lots of IOPS, local storage and when you don't want to go out on network 4) Oracle does not protect in any way through RAID, or snapshots, or backup out of the box and data is not encrypted at rest.
Question 33
Which three services Integrate with Oracle Cloud Infrastructure (OCI) Key Management?
Correct Answer: B,C,F
DATA ENCRYPTION Protect customer data at-rest and in-transit in a way that allows customers to meet their security and compliance requirements for cryptographic algorithms and key management The Oracle Cloud Infrastructure Block Volume service always encrypts all block volumes, boot volumes, and volume backups at rest by using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption. By default all volumes and their backups are encrypted using the Oracle-provided encryption keys. Each time a volume is cloned or restored from a backup the volume is assigned a new unique encryption key. The File Storage service encrypts all file system and snapshot data at rest. By default all file systems are encrypted using Oracle-managed encryption keys. You have the option to encrypt all of your file systems using the keys that you own and manage using the Vault service. Object Storage employs 256-bit Advanced Encryption Standard (AES-256) to encrypt object data on the server. Each object is encrypted with its own data encryption key. Data encryption keys are always encrypted with a master encryption key that is assigned to the bucket. Encryption is enabled by default and cannot be turned off. By default, Oracle manages the master encryption key. Reference: https://docs.cloud.oracle.com/en-us/iaas/Content/Block/Concepts/overview.htm https://docs.cloud.oracle.com/en-us/iaas/Content/Object/Concepts/objectstorageoverview.htm https://docs.cloud.oracle.com/en-us/iaas/Content/File/Concepts/filestorageoverview.htm Oracle Cloud Infrastructure Key Management is a managed service that enables you to encrypt your data using keys that you control. IAM, Autoscaling and functions cannot be used with Key Management and hence are incorrect options.
