D is the Correct Answer. A common, practical example leveraging this capability is running most, if not all, applications on their own virtual network and only connecting those networks as needed. This dramatically reduces the blast radius if an attacker compromises an individual system. The attacker can no longer leverage this foothold to expand across the entire data center. Ref: Security-Guidance-v4.0, Pg82
Running applications on distinct virtual networks and only connecting networks as needed helps in the following way:
D. It reduces the blast radius of a compromised system.
By running applications on separate virtual networks and connecting networks as needed, the impact of a compromised system or a security breach is contained and limited. If a system or network within a virtual network is compromised, the isolation between networks helps prevent the lateral spread of the attack to other networks or systems. This containment reduces the "blast radius" of a compromised system, minimizing the potential damage and limiting the scope of the security incident. This approach enhances the overall security posture and resilience of the cloud environment by isolating and segregating different components and applications.
upvoted 5 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
saptati
Highly Voted 5 months, 1 week agoBrainiac
Highly Voted 7 months ago