Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 139

An organization wants to secure data in a cloud environment. Its security model requires that all users be authenticated and authorized. Security configuration and posture must be continuously validated before access is granted or maintained to applications and data. There is also a need to allow certain application traffic and deny all other traffic by default. Which technology must be used to implement these requirements?

Answer options

• A. virtual routing and forwarding
• B. access control policy
• C. virtual LAN
• D. microsegmentation

Correct answer: B

Explanation

The correct answer is access control policy, as it governs user authentication and authorization while allowing or denying access to applications based on specific criteria. The other options do not provide the necessary framework for continuous validation and traffic control; for instance, virtual routing and forwarding and virtual LAN do not directly relate to user access management, while microsegmentation focuses on network segmentation rather than access policies.