A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:
Customers to upload their log files to the “big data” platform
Customers to perform remote log search
Customers to integrate into the platform using an API so that third party business intelligence tools can be used for the purpose of trending, insights, and/or discovery
Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).
A . Secure storage and transmission of API keys
B . Secure protocols for transmission of log files and search results
C . At least two years retention of log files in case of e-discovery requests
D . Multi-tenancy with RBAC support
E . Sanitizing filters to prevent upload of sensitive log file contents
F . Encryption of logical volumes on which the customers’ log files reside
Answer: A, B, D
Leave a Reply