Which policy provides maximum security by blocking all services, only enabling safe/necessary services and logging all activity?

• A. Promiscuous Policy
• B. Permissive Policy
• C. Prudent Policy
• D. Paranoid Policy

Answer: (C)

Blocking all services by default and only enabling those that are known to be safe or necessary, while logging every action, represents a deny-by-default, least-privilege approach to security. This prudent stance minimizes the attack surface and creates an auditable trail for monitoring and incident response, delivering strong protection without sacrificing essential functionality. The term in use here captures that careful balance between restricting access and allowing required services. Promiscuous would permit everything, increasing risk; permissive would still allow many nonessential services; paranoid suggests extreme caution that can hinder usability while not inherently describing the enablement of only safe services with full logging.