168k views
3 votes
A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool has not been built to cater to a broader set of internal teams yet. The engineer has sought feedback from internal stakeholders, and a list of summarized requirements is as follows:

✑ The tool needs to be responsive so service teams can query it, and then perform an automated response action.
✑ The tool needs to be resilient to outages so service teams can perform the user access review at any point in time and meet their own SLAs.
✑ The tool will become the system-of-record for approval, reapproval, and removal life cycles of group memberships and must allow for data retrieval after failure.

Which of the following need specific attention to meet the requirements listed above? (Choose three.)

A. Scalability
B. Latency
C. Availability
D. Usability
E. Recoverability
F. Maintainability

1 Answer

5 votes

Final answer:

To meet the summarized requirements, the internal user access review tool must focus on C.Availability, E. Recoverability, and A.Scalability to ensure resilience to outages, data retrieval after failures, and coping with increased loads.

Step-by-step explanation:

The internal user access review tool described requires improvements in three specific areas to meet the summarized requirements provided by internal stakeholders. These areas are:

  • Availability - This relates to the tool being resilient to outages, ensuring service teams can perform user access reviews at any point to meet their Service Level Agreements (SLAs).
  • Recoverability - It is imperative for the tool to allow for data retrieval after a failure, as the tool will become the system-of-record for lifecycle management of group memberships.
  • Scalability - Considering that the tool is popular and plans are to extend its use to more teams, it needs to efficiently handle an increased load without performance degradations.

Ensuring the system has high availability, recoverability, and scalability will meet the needs for responsiveness, resilience, and data retrieval capabilities as required.

User Alexander Monteiro
by
7.7k points