John is hosting several Web sites on a single server. One is an e-commerce site that handles credit card transactions, while the other sites do not handle credit card data. Does this present a security problem, and if so, what?
A.
There is no issue with different types of sites on one server
B.
Credit card processing requires HIPAA compliance, the other sites do not
C.
Credit card processing requires PCI compliance, the other sites do not
D.
The other sites may allow privilege escalation to the e-commerce site
Explanation:
PCI requirements are very specific. When commingling the different sites, they will all need to be PCI compliant.Answer option B is incorrect. Credit cards require PCI compliance, not HIPAA.
Answer option A is incorrect. There can be significant security concerns.
Answer option D is incorrect. Privilege escalation is not the most significant concern.