A security engineer has been asked to reduce the attack surface on an organization’s production environment. To limit access, direct VPN access to all systems must be terminated, and users must utilize multifactor authentication to access a constrained VPN connection and then pivot to other production systems form a bastion host. The MOST appropriate way to implement the stated requirement is through the use of a:
A. sinkhole.
B. multitenant platform.
C. single-tenant platform.
D. jump box
CS0-002: CompTIA CySA+ ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
D
“A jump box is a secure computer that all admins first connect to before launching any administrative task or use as an origination point to connect to other servers or untrusted environments”
b and c refer to cloud platforms.
“Sinkholing is a technique for manipulating data flow in a network; you redirect traffic from its intended destination to the server of your choosing”