An organization is working to secure its development process to ensure developers cannot deploy artifacts directly into the production environment. Which of the following security practice recommendations would be the best to accomplish this objective?
To secure the development process and ensure developers cannot deploy artifacts directly into the production environment, the best security practice would be to set up policies and systems with separation of duties. This approach ensures that no single individual has complete control over all aspects of a critical process, thereby reducing the risk of unauthorized or inappropriate actions. It is an essential practice in maintaining oversight and control in sensitive environments.
With 6 options, this should be a multiple selection. If so, I would go with A. Implement least privilege access to all systems AND C. Set up policies and systems with separation of duties. These are almost always the answers to these types of questions.