Difficulty: Easy
Correct Answer: All of the above.
Explanation:
Introduction / Context:Client/server security spans facilities, processes, and technology. A robust posture layers controls from the data center to the code deployment pipeline and endpoint hardening.
Given Data / Assumptions:
Concept / Approach:
Security includes physical safeguards (access badges, CCTV, locked racks), process controls (change management, approvals, versioning), and technical measures across all systems (patching, least privilege, encryption in transit/at rest, monitoring). Effective programs address all these areas, not just one.
Step-by-Step Solution:
Establish physical controls to protect hardware and facilities.Implement change control to prevent unauthorized or risky deployments.Apply system-wide hardening, identity management, and monitoring.Verification / Alternative check:
Audit frameworks (e.g., ISO 27001, SOC 2) require controls spanning physical, administrative, and technical domains.
Why Other Options Are Wrong:
Each single option is necessary but insufficient alone; comprehensive security requires all.
Common Pitfalls:
Focusing only on firewalls while neglecting change control or physical access; weak patch management on clients.
Final Answer:
All of the above.
Discussion & Comments