What is the defining characteristic of restrictive access control?

Restrictive access control is defined by its principle of allowing no traffic by default, making it a security measure that prioritizes restrictions over permissions. This approach is commonly referred to as "deny all, allow some," meaning that the system or network blocks all access or traffic initially and only permits specific access that has been explicitly defined. Such a strategy is essential for enhancing security as it minimizes the risk of unauthorized access since no communication is allowed unless explicitly authorized.

This characteristic supports a robust security posture, as it requires thorough planning and documentation of access rules. Only trusted users or predefined applications will gain access once permissions are carefully configured. This method is particularly useful in environments where sensitive data protection is paramount, ensuring that potential vulnerabilities are minimized from the outset.