Certified Information Systems Security Professional (CISSP) — Question 197

An organization has approved deployment of a virtual environment for the development servers and has established controls for restricting access to resources. In order to implement best security practices for the virtual environment, the security team MUST also implement which of the following steps?

Answer options

• A. Implement a dedicated management network for the hypervisor.
• B. Deploy Terminal Access Controller Access Control System Plus (TACACS+) for authentication.
• C. Implement complex passwords using Privileged Access Management (PAM).
• D. Capture network traffic for the network interface.

Correct answer: A

Explanation

Implementing a dedicated management network for the hypervisor is crucial as it helps to isolate management traffic from other types of traffic, reducing the risk of unauthorized access. While TACACS+ and PAM contribute to authentication and password security, they do not specifically address the segmentation of management interfaces. Capturing network traffic is useful for monitoring but does not enhance the security of the management network itself.