A cloud security architect is designing a multi-tenant SaaS application. Which TWO isolation mechanisms should be implemented to prevent data leakage between tenants?
Network isolation prevents unauthorized access between tenants.
Why this answer
Network isolation (e.g., VLANs, VPCs) and storage isolation (e.g., separate databases or encryption per tenant) are key. Data encryption at rest protects data but not isolation between tenants. Identity federation and API rate limiting are not isolation mechanisms.