Security test 3

A finance company is legally required to maintain seven

years of tax records for all of their customers. Which of

the following would be the BEST way to implement this

requirement?

A system administrator is designing a data center for an

insurance company’s new public cloud and would like

to restrict user access to sensitive data. Which of the

following would provide ongoing visibility, data security,

and control of cloud-based applications?

A security administrator has identified an internally

developed application that allows users to modify SQL

queries through a web-based front-end. To prevent this

modification, the administrator has recommended that

all queries be completely removed from the application

front-end and placed onto the back-end of the application

server. Which of the following would describe this

implementation?

A system administrator is implementing a fingerprint

scanner to provide access to the data center. Which of

these metrics should be kept at a minimum in order to

prevent unauthorized persons from accessing the

data center?

The IT department of a transportation company

maintains an on-site inventory of chassis-based network

switch interface cards. If a failure occurs, the on-site

technician can replace the interface card and have the

system running again in sixty minutes. Which of the

following BEST describes this recovery metric?

A company maintains a server farm in a large data

center. These servers are for internal use only and are not

accessible externally. The security team has discovered

that a group of servers was breached before the latest

updates were applied. Breach attempts were not logged

on any other servers. Which of these threat actors would

be MOST likely involved in this breach?