Question

A company is migrating systems from an on-premises facility to a third-party managed datacenter. For continuity of operations and business agility, remote access to all hardware platforms must be available at all times. Access controls need to be very robust and provide an audit trail.

Which of the following security controls will meet the company's objectives? (Choose two.)

A. Integrated platform management interfaces are configured to allow access only via SSH
B. Access to hardware platforms is restricted to the systems administrator's IP address
C. Access is captured in event logs that include source address, time stamp, and outcome
D. The IP addresses of server management interfaces are located within the company's extranet
E. Access is limited to interactive logins on the VDI
F. Application logs are hashed cryptographically and sent to the SIEM

Answer 1

Two security controls that will meet the company's objectives are: configuring platform management interfaces to allow access only via SSH and capturing access in event logs.

Step-by-step explanation:

Two security controls that will meet the company's objectives are:

Integrated platform management interfaces are configured to allow access only via SSH: By configuring the platform management interfaces to allow access only via SSH (Secure Shell), the company can ensure that remote access is secure and encrypted. SSH provides strong authentication and data integrity, making it an effective security control.

Access is captured in event logs that include source address, time stamp, and outcome: By capturing access in event logs that include source address, time stamp, and outcome, the company can maintain a robust audit trail. This allows them to track and monitor access to the hardware platforms, enhancing their security controls.

Answer 2

The company should ensure that integrated platform management interfaces allow access only via SSH and that access is captured in event logs with sufficient detail for auditing purposes. These measures offer strong encryption and authentication as well as an effective audit trail.

Step-by-step explanation:

To ensure continuity of operations and business agility with robust access controls and an audit trail during the migration to a third-party managed datacenter, the following security controls should be implemented:

• A. Integrated platform management interfaces are configured to allow access only via SSH. Secure Shell (SSH) provides a secure channel over an unsecured network, ensuring that access to hardware is both encrypted and authenticated.
• C. Access is captured in event logs that include the source address, time stamp, and outcome. This provides a comprehensive audit trail that can be used to monitor access to the systems and detect any unauthorized activities.

Option B might seem like a good measure for restricting access, but it can be too limiting and not scalable. Option D could expose sensitive interfaces to potential external threats if not properly secured, and Options E and F, while useful, do not directly correlate to the requirement for remote access and robust access controls with an audit trail.