You are discussing a security control for a production system where stronger protections could also increase the chance of blocking legitimate traffic or causing service disruption. You need to explain the trade-offs clearly so the team can make a decision that fits the business and risk posture.
How would you explain trade-offs between security and availability?