General Security Concepts: Examining The Principle of Zero Trust Flashcards
What is the Zero trust model?
The Zero Trust model is built on the principles of Never Trust, Always Verify approach to modern security, and it assumes no user or device should be inherently trusted.
NIST SP-800-207 = Zero Trust (ZT) provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege, per-request access decisions in information systems and services should a network be viewed as compromised.
What are the two types of Data Flow?
North-to-south: Data moves from the internal network to the external network, often involving communications from inside an organization’s infrastructure to the internet or external servers.
East-to-west: Data moves between devices or systems within the same network or security zone, highlighting internal communication of threats. This also is known as lateral movement.
What is the control plane?
In networking, the control plane manages and directs the configuration and behavior of networking devices, making high-level decisions about how data traffic is forwarded and controlled within a network.
To implement Zero Trust in the control plane, you must have?
Adaptive identity: Is constantly evaluating and adjusting how users are identified and how privileges and access are determined.
Threat scope reduction: Minimizes an organization’s potential attack surface and vulnerabilities.
Policy-driven access control: Governs and restricts user access to resources based on predefined rules and conditions, ensuring compliance with security policies and minimizing potential risks.
A policy administrator: Is responsible for establishing or shutting down the communication path between a subject and a resource, using commands to relevant Policy Enforcement Points (PEPs).
A policy engine: Is responsible for the ultimate decision to grant access to a resource for a given subject.
What is the data plane?
In networking, the data plane is responsible for handling the actual forwarding and routing of data packets within a network, facilitating the movement of information between devices.
To implement Zero Trust in the data plane, you must have?
Implicit trust zones: Network segments where communication and data transfer are assumed to be secure. These should be reduced.
Subjects: End users, applications, and other non-human entities that request information from resources.
System (NIST SP 800-34): A discrete set of resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.
PEPs: Responsible for enabling, monitoring, and terminating connections between subject and resources. erminating connections between subject and resources. (policy enforcement point)