Log in
Computer Science
1
answer
1
watching
106
views

someone is saying B and other is saying C .... Please guide the same 

A company is outsourcing to an MSSP that performs managed detection and response services. The MSSP requires a server to be placed inside the network as a log aggregate and allows remote access to MSSP analyst. Critical devices send logs to the log aggregator, where data is stored for 12 months locally before being archived to a multitenant cloud. The data is then sent from the log aggregate to a public IP address in the MSSP datacenter for analysis.

A security engineer is concerned about the security of the solution and notes the following.

* The critical devise send cleartext logs to the aggregator.

* The log aggregator utilize full disk encryption.

* The log aggregator sends to the analysis server via port 80.

* MSSP analysis utilize an SSL VPN with MFA to access the log aggregator remotely.

* The data is compressed and encrypted prior to being achieved in the cloud.

Which of the following should be the engineer's GREATEST concern?

 

Options: A Hardware vulnerabilities introduced by the log aggregate server
B Network bridging from a remote access VPN
C Encryption of data in transit
D Multinancy and data remnants in the cloud

Watch
1
answer
1
watching
106
views

For unlimited access to Homework Help, a Homework+ subscription is required.

Avatar image
Liked by aminul2005 and 1 others

Unlock all answers

Get 1 free homework help answer.
Already have an account? Log in
Share

Related questions

Need your Help (URGENT)

A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security.

Which of the following encryption methods should the cloud security engineer select during the implementation phase?

Options: A Instance-based
B Storage-based
C Proxy-based
D Array controller-based

someone is saying Option A and other is saying Option D 

 

Need Immediate attention here 

A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security.

Which of the following encryption methods should the cloud security engineer select during the implementation phase?

Options: 

A Instance-based
B Storage-based
C Proxy-based
D Array controller-based

 

Which of the following allows computation and analysis of data within a ciphertext without knowledge of the plaintext?

Options:

A Lattice-based cryptography
B Quantum computing
C Asymmetric cryptography
D Homomorphic encryption   Note : someone is saying answer is answer C and other is saying D i am confused ... please help to guide the same 

Weekly leaderboard

Home
Homework Help 3,900,000
Computer Science 2,000
Start filling in the gaps now
Log in