What is true of security as it relates to cloud network infrastructure?
What is true of security as it relates to cloud network infrastructure?
For secure cloud network infrastructure, it is crucial to implement a default deny policy with cloud firewalls. This approach ensures that all inbound and outbound traffic is initially blocked, providing a strong security posture. Specific rules are then added to allow only the necessary and trusted traffic, reducing the risk of unauthorized access or data breaches. This method helps to create a more controlled and predictable security environment.
On page 90 of the guidance, it says "Implement default deny with cloud firewalls". But it also says "Always restrict traffic between workloads in the same virtual subnet using a cloud firewall (security group) policy whenever possible." So doesn't this mean that "D" would be the better answer, oh wait, D says default "allow" not deny. Almost got trapped. The answer is E.