Query: 3.2 Ensure Secure Boot is enabled on Compute Instance

Description

Shielded Instances with Secure Boot enabled prevents unauthorized boot loaders and operating systems from booting. This prevent rootkits, bootkits, and unauthorized software from running before the operating system loads. Secure Boot verifies the digital signature of the system's boot software to check its authenticity. The digital signature ensures the operating system has not been tampered with and is from a trusted source. When the system boots and attempts to execute the software, it will first check the digital signature to ensure validity. If the digital signature is not valid, the system will not allow the software to run. Secure Boot is a feature of UEFI(Unified Extensible Firmware Interface) that only allows approved operating systems to boot up.

Query

Tables used in this query:

• oci_core_instance
• oci_identity_compartment

Controls using this query:

• 3.2 Ensure Secure Boot is enabled on Compute Instance
• 3.2 Ensure Secure Boot is enabled on Compute Instance

SQL