IP address access control is considered part of the network layer because it restricts access to the instance based on IP address ranges.
Here's why:
Network Layer Functionality: IP address filtering operates at the network level by controlling which IP addresses are allowed to connect to the ServiceNow instance. This is similar to firewall rules that control network traffic.
Application Layer Implementation: While the filtering might be implemented within the ServiceNow application (application layer), the underlying functionality is related to network access control.
Why not the other options?
A. It performs data tokenization and substitution for security: This is a data security technique, not related to network layer access control.
B. It uses encryption to protect data at rest in the ServiceNow instance: This is a data security measure, not network access control.
D. It manages user authentication to the ServiceNow platform: Authentication is a separate security layer (usually application layer) that verifies user identities.
[Reference: Network security fundamentals, ServiceNow security documentation, , , ]
Submit