A global manufacturing company has migrated its engineering design systems to a distributed architecture with processing in public cloud services and proprietary data stored in company data centers. The CISO needs to approve a security audit strategy. Which approach would BEST address the security concerns of this distributed environment?
Focus security evaluation efforts on the cloud services as they present greater external exposure
Conduct coordinated assessments with specialized expertise for each infrastructure component
Perform evaluations of data center security followed by cloud security
Apply security testing procedures across the architecture
The correct answer is to conduct coordinated assessments with specialized expertise for each infrastructure component.
A distributed architecture with components in multiple locations creates unique security challenges because of the interconnections between different environments and data flows across boundaries. This complexity requires specialized knowledge of each infrastructure component and their integration points. Using coordinated teams with relevant expertise ensures comprehensive evaluation of all components, including the critical interconnections between environments.
A cloud-focused audit alone would miss critical security controls protecting the company-hosted data. Similarly, focusing mainly on company data centers would miss cloud-specific risks. Using generalized security testing would not address the specific technical requirements of either environment. Performing sequential evaluations introduces delays and potential gaps in understanding how the different environments interact from a security perspective.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the unique security challenges of a distributed architecture?
Open an interactive chat with Bash
Why is specialized expertise important for security assessments?
Open an interactive chat with Bash
What are the pitfalls of focusing solely on cloud services during a security audit?
Open an interactive chat with Bash
ISC2 CISSP
Security Assessment and Testing
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access