What is the purpose of cross-domain data sharing controls, and name one risk if misconfigured?

• A. To disable sharing across domains; risk: isolation.
• B. To increase data replication across domains; risk: latency.
• C. To provide audit logging only; risk: performance impact.
• D. To securely share information across security domains; risk: data leakage or confidentiality breaches.

Answer: (D)

Cross-domain data sharing controls exist to securely share information between different security domains. They enforce who can access data, what can be viewed or used, and under what conditions the data can cross boundaries, using policy-based filters, data labeling, and inspection or mediation devices to prevent unauthorized disclosure. When these controls are misconfigured, the most significant risk is data leakage or confidentiality breaches, such as overly permissive data flows, inadequate sanitization, or insufficient auditing. The other options miss the essential purpose of enabling secure, governed sharing across domains or focus only on aspects (like disabling sharing, replication, or logging) that don’t by themselves ensure proper protection.