1.2 Zero trust

Question 1

Zero trust

Answer 1

-nothing is trusted
•covers every device, process, and person
•everything must be verified

-multi factor authentication, encryption, system permission, additional firewalls, etc

Question 2

Planes of operation

Answer 2

-data plane
-control plane

Question 3

Data plane

Answer 3

-process planes, packets, and network data

-processing, forwarding, trunking, encrypting, NAT

Question 4

Control plane

Answer 4

-manages the actions of the data plane
-define policies and roles
-determines how packets should be forwarded
-routing tables, session tables, NAT tables

Question 5

Policy decision point

Answer 5

-process for making an authentication decision

Question 6

Policy engine

Answer 6

-evaluates each access decision based on policy and other sources

-grant, deny, revoke

Question 7

Policy administrator

Answer 7

-communicates with the policy enforcement point
- generates access tokens or credentials
-tells the PEP to allow or disallow access address
-make the authentication stronger if needed

Question 8

Threat scope reduction

Answer 8

-decrease the number of possible entry points

Question 9

Policy driven access control

Answer 9

-combine the adaptive identity with a predefined set of rules