What is the best security policy for a data center housing network elements?

• A. Only rely on physical security.
• B. Network elements must be hardened with user IDs and strong passwords, and regular security tests and audits should be performed.
• C. Disable all monitoring.
• D. Network elements should use shared passwords.

Answer: (B)

Hardening network elements with unique user IDs and strong passwords, plus regular security tests and audits, is the best approach because it combines solid authentication with ongoing verification. Relying only on physical security leaves gaps; even with guarded facilities, devices can be accessed if credentials are weak or misconfigurations exist. Unique credentials ensure accountability and make stolen passwords far less useful, while strong passwords deter brute-force attempts. Regular tests and audits—vulnerability scans, configuration reviews, and penetration tests—reveal weaknesses and verify that defenses stay effective as systems evolve. Disabling monitoring removes the crucial visibility needed to detect breaches and misconfigurations, and using shared passwords eliminates accountability and enables unauthorized access. This combination provides strong access controls along with continual assessment and the ability to detect and respond to issues.