Question 23
Domain 3: Infrastructure, Network, and Workload SecurityA SaaS provider needs to ensure that one tenant cannot access another tenant's data through application vulnerabilities. Which control is MOST effective for this requirement?
Correct answer: B
Explanation
Row-level security enforces access at the data layer so queries return only records tied to the current tenant, preventing cross-tenant exposure even if an application flaw exists. Tenant context validation ensures the application binds each request to the authenticated tenant, matching the principle of least privilege by limiting access to "only" that tenant's data.
Why each option is right or wrong
A. Relying on tenants to implement their own access controls
B. Implementing row-level security and tenant context validation
Row-level security is the strongest control here because it enforces tenant isolation in the database itself, so even if an application bug alters a query, the DBMS still filters results by the tenant identifier before returning rows. Tenant context validation is the companion control that ensures each request is bound to the authenticated tenant context, preventing a user from switching context and querying another tenant’s records through an application vulnerability.
C. Sharing database connections across all tenants for efficiency
D. Disabling logging to prevent information disclosure