Question 38


A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool has not been built to cater to a broader set of internal teams yet. The engineer has sought feedback from internal stakeholders, and a list of summarized requirements is as follows:

  • The tool needs to be responsive so service teams can query it, and then perform an automated response action.
  • The tool needs to be resilient to outages so service teams can perform the user access review at any point in time and meet their own SLAs.
  • The tool will become the system-of-record for approval, reapproval, and removal life cycles of group memberships and must allow for data retrieval after failure.

Which of the following need specific attention to meet the requirements listed above? (Choose three.)

A. Scalability

B. Latency

C. Availability

D. Usability

E. Recoverability

F. Maintainability

Correct Answer: BCE