A global financial institution is re-architecting their application infrastructure to improve security between internal system components. They require a solution that provides identity-based authentication between application components, enforces granular access policies, and integrates with their container orchestration platform. Which of the following would be the BEST solution?
API gateway with OAuth 2.0
VLAN segmentation with ACLs
Container orchestration RBAC
Service-to-service security with mesh architecture
The best solution is an architecture that implements secure service-to-service communication with mutual TLS authentication. This approach provides infrastructure to manage communication security between application components with built-in authentication and authorization capabilities. It verifies service identity and enforces fine-grained access policies for inter-component communications. API gateways primarily focus on external-to-internal traffic rather than internal component communications. While container orchestration platform RBAC manages permissions within the orchestration platform itself, it doesn't address the communication security between deployed applications. Traditional network segmentation with ACLs represents a perimeter-based approach that cannot provide the identity-based, application-level security required for modern architectures.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is service-to-service security and how does it work?
Open an interactive chat with Bash
What is mutual TLS authentication and why is it important?
Open an interactive chat with Bash
How do access policies work in a service mesh architecture?
Open an interactive chat with Bash
ISC2 CISSP
Identity and Access Management (IAM)
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access