A financial services company is transitioning from a monolithic application to a microservices architecture where dozens of small services will communicate via APIs. During a security architecture review, the CISO expresses concerns about the increased attack surface. Which security control would be most effective at addressing the specific vulnerabilities introduced by this architectural change?
Network segmentation with dedicated VLANs for each microservice
API gateway with centralized authentication and authorization
Container security scanner for vulnerability detection
Web Application Firewall configured for HTTP inspection
API gateways are specifically designed to address the security challenges that arise when implementing microservices architectures. They provide a centralized point for authentication, authorization, rate limiting, and monitoring of all API traffic between microservices. This helps manage the expanded attack surface by enforcing consistent security policies across all service-to-service communications.
While network segmentation is valuable for general security, it doesn't specifically address API-level threats between microservices. Web Application Firewalls are more focused on traditional web application threats rather than service-to-service API communications. Container security scanners help find vulnerabilities in container images but don't address the runtime communication security between microservices.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the roles of an API gateway in microservices architecture?
Open an interactive chat with Bash
What specific vulnerabilities are associated with microservices architectures?
Open an interactive chat with Bash
How does an API gateway enhance security in a microservices environment?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access