A security architect is establishing requirements to design resilience in un enterprise system trial will be extended to other physical locations.

A security architect is establishing requirements to design resilience in un enterprise system trial will be extended to other physical locations.

The system must

• Be survivable to one environmental catastrophe

• Re recoverable within 24 hours of critical loss of availability

• Be resilient to active exploitation of one site-to-site VPN solution
A . Load-balance connection attempts and data Ingress at internet gateways
B . Allocate fully redundant and geographically distributed standby sites.
C . Employ layering of routers from diverse vendors
D . Lease space to establish cold sites throughout other countries
E . Use orchestration to procure, provision, and transfer application workloads lo cloud services
F . Implement full weekly backups to be stored off-site for each of the company’s sites

View Answer

Answer: B

Explanation:

To design resilience in an enterprise system that can survive environmental catastrophes, recover within 24 hours, and be resilient to active exploitation, the best strategy is to allocate fully redundant and geographically distributed standby sites.

Here’s why:

Geographical Redundancy: Having geographically distributed standby sites ensures that if one site is affected by an environmental catastrophe, the other sites can take over, providing continuity of operations.

Full Redundancy: Fully redundant sites mean that all critical systems and data are replicated, enabling quick recovery in the event of a critical loss of availability.

Resilience to Exploitation: Distributing resources across multiple sites reduces the risk of a single point of failure and increases resilience against targeted attacks.

References:

CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl

NIST Special Publication 800-34: Contingency Planning Guide for Federal Information Systems

ISO/IEC 27031:2011 – Guidelines for Information and Communication Technology Readiness for Business Continuity