A company is adding a single sign-on service that connects to multiple external providers to unify user access. Which procedure best identifies possible infiltration routes introduced by this new setup?
Use advanced perimeter devices to terminate inbound traffic from unknown sources
Map data flows and verify boundaries for each connection to detect new infiltration routes
Reinforce user education programs with social engineering assessments
Shift the environment to an isolated development model to remove external dependencies
Examining data flows and verifying boundaries for each connection leads to a precise map of potential infiltration paths. Without this step, new links to external providers may create entry points that go unnoticed. Firewalls are helpful but do not focus on the specific connections added. Training is valuable for general readiness but does not focus on the technical connections. Moving development offline would reduce some risk but does not address the real issue of analyzing newly created pathways.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are data flows and how do they relate to infiltration routes?
Open an interactive chat with Bash
What are boundaries for connections, and why are they important in security?
Open an interactive chat with Bash
How does single sign-on (SSO) affect an organization's security landscape?