A global organization has engaged multiple hardware support vendors who require periodic access to network infrastructure across several data centers. Which security implementation best addresses both vendor access management and the organization's risk posture?
Network segmentation with role-based firewalls
Just-in-time access control with automated revocation
Just-in-time access control with automated revocation is the correct answer because it provides temporary access that is automatically terminated after a predetermined period or when the maintenance task is complete. This approach minimizes the security risk window by ensuring vendors can only access systems when necessary and for the minimum required duration. It also creates comprehensive audit trails and eliminates the risks associated with persistent access privileges.
The other options are inadequate:
Dedicated VPN connections with pre-shared keys don't address access duration limits and create ongoing access paths.
Network segmentation with role-based firewalls limits scope but doesn't address the temporal aspect of access control.
Proxied connections with session recording provide visibility but don't inherently restrict when or for how long access is granted.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is just-in-time (JIT) access control?
Open an interactive chat with Bash
How does automated revocation improve an organization's security posture?
Open an interactive chat with Bash
Why are dedicated VPN connections with pre-shared keys insufficient for vendor access control?
Open an interactive chat with Bash
ISC2 CISSP
Communication and Network Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .