Key Concepts
Review these important points before starting the quiz
Lifecycle-aware security: Validated configurations remain consistent during upgrades and lifecycle operations
Principle of Least Privilege: Users have only permissions necessary for their role, reducing risk
Centralized certificate management: Ensures trust consistency and prevents lifecycle failures
Centralized password rotation: Controlled rotation of service credentials reduces compromise risk
Microsegmentation limits lateral movement: Enforces least-privilege communication within the data center
Policy-driven enforcement: Ensures repeatable, auditable compliance across the fleet
Enterprise IdP integration: Centralizes authentication, authorization, and auditing across platform
Application security is separate: Application code vulnerabilities are outside platform security scope
Audit logs enable compliance: Provide evidence for investigations, audits, and regulatory validation
Security is embedded and lifecycle-aware: Not added after deployment, enforced consistently throughout lifecycle
Manual security is error-prone: Automation and policy enforcement reduce human error
Consistent trust across components: Certificate management prevents mismatched trust relationships
Defense in Depth is architectural: Multiple layers of security controls throughout the stack
Security is not optional: Embedded into VCF design principles from the start