CompTIA Security+ (SY0-701) — Question 20

A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods is most secure?

Answer options

• A. Implementing a bastion host
• B. Deploying a perimeter network
• C. Installing a WAF
• D. Utilizing single sign-on

Correct answer: A

Explanation

Implementing a bastion host is the most secure option because it acts as a controlled entry point for administrative access, limiting exposure and ensuring that only necessary traffic is allowed. Deploying a perimeter network and installing a WAF are useful but do not specifically address minimizing administrative access traffic as effectively. Utilizing single sign-on enhances user convenience but does not inherently secure the administrative access itself.