A systems engineer is building a microservices platform that reevaluates trust for each user request. The design includes user identity details, resource classification, and device posture checks. Which strategy focuses on aligning these factors so each request is guided by context-aware policies for subject and object interactions?
A solution that depends on a single token upon login
A context-based method that evaluates multiple attributes for every request
A system that grants privileges from fixed firewall rules
A context-based design that verifies user, device, and data attributes for each request enables continuous risk assessment. This dynamic approach adapts to different conditions and controls which users gain access to specific resources. Methods that rely on group membership alone or a single initial token do not reassess requests based on changing user or resource attributes, which limits the ability to enforce ongoing verification. Approaches dependent on static firewall rules fail to address the dynamic nature of these interactions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a context-based method in microservices security?
Open an interactive chat with Bash
What is device posture and why is it important in security?
Open an interactive chat with Bash
How does this approach differ from static firewall rules?