LFCA Question #40: Real Exam Question with Answer & Explanation

Question

Options

• AAssign different developers on the team to work on test, pre-prod. and prod code.
• BImplement peer review for all the changes deployed into any of the environments
• CDevelop and deploy each environment with its own set of software tools.
• DUse different user/group IDs for deploying and running workload in each environment.

Explanation

To maintain basic security on a shared server, use distinct user and group IDs for deploying and running workloads in each environment, enforcing separation of privileges and access control.

Common mistakes.

• A. Assigning different developers does not inherently provide technical separation or security boundaries on a shared server; it is a process control.
• B. Implementing peer review is a good development practice for code quality and security, but it does not provide runtime isolation or access control between environments on a single server.
• C. Developing and deploying each environment with its own set of software tools might be resource-intensive and doesn't inherently create security isolation; the core issue is the privilege separation on the shared host.

Concept tested. Server environment security (principle of least privilege)

Reference. https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/implement-least-privilege

No community discussion yet for this question.