The concept of limiting the routes that can be taken between a workstation and a computer
resource on a network is called:

A.
Path limitation

B.
A trusted path

C.
An enforced path

D.
A security perimeter

Explanation:
Individuals are authorized access to resources on a network through specific paths and the enforced
path prohibits the user from accessing a resource through a different route than is authorized to that
particular user. This prevents the individual from having unauthorized access to sensitive
information in areas off limits to that individual. Examples of controls to implement an enforced
path include establishing virtual private networks (VPNs) for specific groups within an organization,
using firewalls with access control lists, restricting user menu options, and providing specific phone
numbers or dedicated lines for remote access. Answer a is a distracter. Answer c, security perimeter,
refers to the boundary where security controls are in effect to protect assets. This is a general
definition and can apply to physical and technical (logical) access controls. In physical security, a
fence may define the security perimeter. In technical access control, a security perimeter can be
defined in terms of a Trusted Computing Base (TCB). A TCB is the total combination of protection
mechanisms within a computer system. These mechanisms include the firmware, hardware, and
software that enforce the system security policy. The security perimeter is the boundary that
separates the TCB from the remainder of the system. In answer “A trusted path” a trusted path is a
path that exists to permit the user to access the TCB without being compromised by other processes
or users.