A security administrator at a Lab Company is required to implement a solution which will provide
the highest level of confidentiality possible to all data on the lab network.
The current infrastructure design includes:
Two-factor token and biometric based authentication for all users
Attributable administrator accounts
Logging of all transactions
Full disk encryption of all HDDs
Finely granular access controls to all resources
Full virtualization of all servers
The use of LUN masking to segregate SAN data
Port security on all switches
The network is protected with a firewall implementing ACLs, a NIPS device, and secured wireless
access points.
Which of the following cryptographic improvements should be made to the current architecture to
achieve the stated goals?
A.
PKI based authorization
B.
Transport encryption
C.
Data at rest encryption
D.
Code signing