A company has deployed a fully operational, private PaaS service. The service catalog links to an
orchestration engine that builds servers automatically.
What is the primary reason the IT security risk team is proposing the use of strong authentication
for all service catalog users?
A.
Because the catalog is used to define resource pools, an unauthorized user could impact the
production systems.
B.
Because the catalog is used to define service contracts, an unauthorized user could adjust
service level agreements.
C.
Because the catalog triggers orchestration actions, an unauthorized user can trigger a denial of
service attack.
D.
Because the catalog is responsible for the authentication of users who manage the CMDB, they
must be strongly authenticated.