A systems engineer is building a microservices platform that reevaluates trust for each user request. The design includes user identity details, resource classification, and device posture checks. Which strategy focuses on aligning these factors so each request is guided by context-aware policies for subject and object interactions?
A system that grants privileges from fixed firewall rules
A design that relies on group membership checks
A context-based method that evaluates multiple attributes for every request
A solution that depends on a single token upon login
A context-based design that verifies user, device, and data attributes for each request enables continuous risk assessment. This dynamic approach adapts to different conditions and controls which users gain access to specific resources. Methods that rely on group membership alone or a single initial token do not reassess requests based on changing user or resource attributes, which limits the ability to enforce ongoing verification. Approaches dependent on static firewall rules fail to address the dynamic nature of these interactions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are context-aware policies in cybersecurity?
Open an interactive chat with Bash
What is the importance of reevaluating trust for each request?
Open an interactive chat with Bash
How does a context-based method differ from fixed firewall rules?