2 Fundamentals of Security: Zero Trust

Question 1

demands verification for every device, user, and transaction within the
network, regardless of its origin

Answer 1

Zero Trust

Question 2

To create a zero trust architecture, we need to use two different planes

Answer 2

Control
Data

Question 3

Refers to the overarching framework and set of components responsible for defining, managing, and enforcing the policies related to user and system access within an organization

Answer 3

Control Plane

Question 4

Control Plane typically encompasses several key elements

Answer 4

Adaptive Identity
Threat Scope Reduction
Policy Driven Access Control
Secured Zones

Question 5

Relies on real-time validation that takes into account the user’s behavior, device, location, and more

Answer 5

Adaptive Identity

Question 6

Limits the users’ access to only what they need for their work tasks because this reduces the network’s potential attack surface

Answer 6

Threat Scope Reduction

Question 7

Focused on minimizing the “blast radius” that could occur in the event of a breach

Answer 7

Threat Scope Reduction

Question 8

Entails developing, managing, and enforcing user access policies based on their roles and responsibilities

Answer 8

Policy Driven Access Control

Question 9

Isolated environments within a network that are designed to house sensitive data

Answer 9

Secured Zones

Question 10

Ensures the policies are properly executed

Answer 10

Data plane

Question 11

Data plane consists of the following

Answer 11

Subject/system
policy engine
policy admin
policy enforcement point

Question 12

Refers to the individual or entity attempting to gain access

Answer 12

Subject/system

Question 13

■ Cross-references the access request with its predefined policies

Answer 13

Policy Engineering

Question 14

Used to establish and manage the access policies

Answer 14

Policy Admin

Question 15

Where the decision to grant or deny access is actually
execute

Answer 15

Policy Enforcement Point