A company is adding a single sign-on service that connects to multiple external providers to unify user access. Which procedure best identifies possible infiltration routes introduced by this new setup?
Shift the environment to an isolated development model to remove external dependencies
Use advanced perimeter devices to terminate inbound traffic from unknown sources
Map data flows and verify boundaries for each connection to detect new infiltration routes
Reinforce user education programs with social engineering assessments
Examining data flows and verifying boundaries for each connection leads to a precise map of potential infiltration paths. Without this step, new links to external providers may create entry points that go unnoticed. Firewalls are helpful but do not focus on the specific connections added. Training is valuable for general readiness but does not focus on the technical connections. Moving development offline would reduce some risk but does not address the real issue of analyzing newly created pathways.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'mapping data flows' mean in this context?
Open an interactive chat with Bash
What are 'boundaries' in network security, and why are they important?
Open an interactive chat with Bash
How does this procedure compare to just using perimeter devices like firewalls?