In the context of cybersecurity, what does the concept of 'Threat Scope Reduction' primarily involve?
Encrypting all data in transit and at rest to ensure confidentiality and integrity.
Responding to security incidents after they occur by developing a comprehensive incident response plan.
Utilizing a security model that trusts all internal systems and requires strict verification for external entities only.
Minimizing the number of potential threats to an information system by limiting the attack surface and properly segmenting the network.
|General Security Concepts
|Threats, Vulnerabilities, and Mitigations
|Security Program Management and Oversight