ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-501 All Questions

View all questions & answers for the SY0-501 exam
Go to Exam

Exam SY0-501 topic 1 question 191 discussion

Actual exam question from CompTIA's SY0-501
Question #: 191
Topic #: 1
[All SY0-501 Questions]

The Chief Security Officer (CISO) at a multinational banking corporation is reviewing a plan to upgrade the entire corporate IT infrastructure. The architecture consists of a centralized cloud environment hosting the majority of data, small server clusters at each corporate location to handle the majority of customer transaction processing, ATMs, and a new mobile banking application accessible from smartphones, tablets, and the Internet via HTTP. The corporation does business having varying data retention and privacy laws.
Which of the following technical modifications to the architecture and corresponding security controls should be implemented to provide the MOST complete protection of data?

  • A. Revoke exiting root certificates, re-issue new customer certificates, and ensure all transactions are digitally signed to minimize fraud, implement encryption for data in-transit between data centers
  • B. Ensure all data is encryption according to the most stringent regulatory guidance applicable, implement encryption for data in-transit between data centers, increase data availability by replicating all data, transaction data, logs between each corporate location
  • C. Store customer data based on national borders, ensure end-to end encryption between ATMs, end users, and servers, test redundancy and COOP plans to ensure data is not inadvertently shifted from one legal jurisdiction to another with more stringent regulations
  • D. Install redundant servers to handle corporate customer processing, encrypt all customer data to ease the transfer from one country to another, implement end- to-end encryption between mobile applications and the cloud.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Hot_156 at June 1, 2020, 8:26 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Hot_156
Highly Voted 5 years, 1 month ago
IDHAFI I Dont Have A F... Idea
upvoted 40 times
...
Hanzero
Highly Voted 4 years, 9 months ago
I don't wanna read this essay lol
upvoted 25 times
...
CyberDog
Most Recent 3 years, 11 months ago
I have no idea, God help me
upvoted 1 times
...
FNavarro
4 years, 4 months ago
Lol. It's just a bunch of words, it's not that challenging guys... What provides the MOST complete protection of data: A. Upgrade PKI. Encrypt data in transit B. Use strong encryption, encrypt data in transit, focus on data availability C. Encrypt data in transit, focus on data availability, focus on regulation D. Focus on data availability, encrypt data at rest, encrypt data in transit
upvoted 6 times
...
Belmondo
4 years, 6 months ago
I have taken Sec + exam before (and missed by 20) so rest assured the questions are not all this brutal. I blew by "...(CISCO) at a multinational banking.. which would have helped with process of elimination. I have to read slower to comprehend better.
upvoted 3 times
...
MichaelLangdon
4 years, 7 months ago
If all the questions on the exam are like this I am finished.
upvoted 14 times
...
MichaelLangdon
4 years, 7 months ago
Lmaooo how in God’s green earth is Gibson and Messer materials supposed to prepare u for a question like this. ffs
upvoted 17 times
...
silentnotifications
4 years, 8 months ago
When I saw some of the comments, I couldn't help but laugh because they seriously want us to read this novel and know what detail to focus on? Nofa King way.
upvoted 9 times
...
hlwo
4 years, 9 months ago
The answer is c . The key word is "The corporation does business having varying data retention and privacy laws." each country has its own law when it come to retention a data. C is the only answer that talk about other country you can tell form this " national border"
upvoted 2 times
...
Dimitricl
4 years, 10 months ago
The key on this question is "The architecture consists of a centralized cloud environment hosting the majority of data". If you will put your data in the cloud, you need to accomplish with legal regulations, based on where the data is and where will be moved.
upvoted 3 times
...
thefoxx
4 years, 11 months ago
It's a horrible question this!
upvoted 9 times
rameces
4 years, 10 months ago
very long
upvoted 5 times
...
...
kdce
5 years ago
C, for Co's, redundancy and encryption reqmts
upvoted 2 times
...
AWS_NEWBIE_2020
5 years, 1 month ago
Considering the completion of data protection, c is the answer for its redundancy, encryption, and loss prevention.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel