B. Default deny: This is a security principle where access is denied by default, and only explicitly permitted actions are allowed. This approach minimizes the attack surface by ensuring that unauthorized access is not allowed, which helps reduce common application security issues like unauthorized access and privilege escalation.
I think both A and D are correct, however the answer sought is 'A', as it is specifically worded as, Which "opportunity" helps ? If you refer to "opportunities" in Domain 10 "Elasticity" is listed as an Opportunity Heading, including the justification.
Definitely D, even some choices seems to be selected from the text some quated below (reversing, for example, the "Increased use of Micro services" to confuse)
Segregation by default can indeed help reduce common application security issues. By implementing segregation by default, applications and systems are designed to separate different components, resources, or user access by default. This approach helps prevent unauthorized access, limit the impact of security breaches, and reduce the attack surface.
The opportunity that helps reduce common application security issues is:
D. Segregation by default
Segregation by default refers to the practice of isolating different components and resources within an application or system by default. By implementing proper segregation measures, such as network segmentation and access controls, organizations can reduce the risk of unauthorized access and limit the potential impact of security breaches. This approach helps prevent lateral movement and contains the impact of any compromised component or system. By enforcing segregation as a default principle, organizations can enhance application security and minimize the potential for common security issues.
10.1.5 Some of these have nothing directly to do with security, but the following trends offer opportunities to reduce common security issues:
• Segregation by default
From de guidance. Elasticity enables greater use of immutable infrastructure. When using elasticity tools like auto-scale groups each production system is launched dynamically, based on a baseline image, and may be automatically deprovisioned without human interaction.
Correct Answer is Option D: Segregation By Default
Reference: Segregation by default: Applications can easily be run in their own isolated cloud environments.
Depending on the provider, this could be a separate virtual network or account/sub-account.
Following trends offer opportunities to reduce common security issues: Segregation by default, Immutable infrastructure, Increased use of micro-services, PaaS and "serverless" architecture.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
romaso82
4 months agoromaso82
4 months, 1 week agoBFCrypto
1 year, 1 month agonegevon
1 year, 4 months agomoten
1 year, 6 months agoBrainiac
1 year, 6 months agoSecexpert
1 year, 7 months agomoota
1 year, 9 months agojre62294
1 year, 11 months agovavofa5697
1 year, 10 months agoA_Nevermind
2 years agoSQCISSP
2 years, 1 month agoICEYNYSE
2 years, 1 month agocjkuga
2 years, 1 month ago