The Chief Security Officer (CISO) at a multinational banking corporation is reviewing a plan to upgrade the entire corporate IT infrastructure. The architecture consists of a centralized cloud environment hosting the majority of data, small server clusters at each corporate location to handle the majority of customer transaction processing, ATMs, and a new mobile banking application accessible from smartphones tablets, and the Internet via HTTP. The Corporation does business having varying data retention and privacy laws.
Which of the following technical modifications to the architecture and corresponding security controls should be implemented to provide the MOST complete protection of data?
A) Revoke exiting root certificates, reissue new customer certificates, and ensure all transaction are digitally signed to minimize fraud, implement encryption for data in-transit between data centers
B) Ensure all data is encryption according to the most stringent regulatory guidance applicable, implement encryption for data in-transit between data centers, increase data availability by replicating all data, transaction data, logs between each corporate location
C) Store customer data based on national borders, ensure end to end encryption between ATMs, end users, and servers, test redundancy and COOP plans to ensure data is not inadvertently shifted from one legal jurisdiction to another with more stringent regulations
D) Install redundant servers to handle corporate customer processing, encrypt all customer data to ease the transfer from one country to another, implement end to end encryption between mobile applications and the cloud
A member of a digital forensics team, Joe arrives at a crime scene and is preparing to collect system data. Before powering the system off, Joe knows that he must collect the most volatile date first.
Which of the following is the correct order in which Joe should collect the data?
A) CPU cache, paging/swap files, RAM remote logging data
B) RAM, CPU cache, Remote logging data, page/swap files
C) Paging/swamp files, CPU cache, RAM, remote logging data
D) CPU cache, RAM, paging/swap files, remote logging data