Question 3
You have been brought In to help secure an existing application that leverages Object Storage buckets to distribute content.
The data is currently being shared from public buckets and the security team Is not satisfied with this approach. They have stated that all data must be stored In storage buckets. Your application should be able to provide secure access to the dat a.
The URL that is provided for access to the data must be rotated every 30 days.
Which design option will meet these requirements?
Use Pre-Authentlcated request, even though there will be multiple URLs this will provide better security.
Create a private bucket only to share the data.
Create a new group and map users to this group, create a IAM policy providing access to Object Storage service only to this group. Users can then simply login to OCI console and retrieve needed flies.
Create multiple bucket and classify them as Public and Private. Use public bucket for non-sensitive data and private bucket for sensitive data.
Correct answer: B