Introduction to ZTA - Introduction Flashcards
What does ZTA stand for?
Zero Trust Architecture
Which technology developments put increasing pressure on networks and security measures of organizations?
Developments leading to distributed environments like cloud computing, edge computing and IoT
What is a primary strategy for organizations adopting new technologies?
Organizations increasingly adopt new technologies through cloud services.
What has increased the complexity of networks and service architectures?
The creation of a distributed environment through the integration of on-premises IT services with public cloud services, sensors, and actuators
What technological advancements have influenced organizations to adopt distributed environments?
Cloud computing, edge computing, IoT
Which social behavior trend has contributed to the need for distributed environments in organizations?
Increased requests for mobility
What is a significant challenge organizations face regarding data protection?
Data residing in virtual environments outside physical control
Why are traditional security architectures becoming ineffective?
Traditional security architectures focus on securing the physical network perimeter - which does no longer exist in a distributed environment
What is the core principle of the ZT concept?
Never trust, always verify
How does ZTA approach the design of architectures?
From the inside out versus outside in
Fill in the blank: ZTA creates virtual _______ and grants access to resources inside of that enclave.
enclaves
True or False: ZTA is only applicable to government organizations.
False
What does the evolution of social behavior in organizations emphasize?
Mobility
What are some of the (distributed) entities that need to be connected in modern networks?
- Remote offices
- Remote workers
- Contractors
- Smart objects
Who first coined the term Zero Trust (ZT)?
John Kindervag around 2010
John Kindervag was a principal analyst at Forrester.
What is the central concept behind Zero Trust according to Kindervag?
All network traffic is untrusted
Requests to access data or resources should be verified at each step.
Which organizations previously researched the concept of Zero Trust before Kindervag?
- Jericho Forum at the Open Group
- U.S Defense Information Systems Agency (DISA)
- Department of Defense (DOD)
What was the earliest concept of Zero Trust based on?
Data-centric network design leveraging microsegmentation.
What does microsegmentation aim to achieve in the context of Zero Trust?
Limit lateral movement of attackers.
What significant development in 2013 was related to Zero Trust?
Initiation of Cloud Security Alliance’s Software-Defined Perimeter (SDP) concept.
What is the primary goal of the Software-Defined Perimeter (SDP)?
Create an invisible perimeter requiring positive identification of network connections.
What was the motivation behind Google’s implementation of Zero Trust for its employees in 2014?
The recognition that traditional perimeter security was no longer sufficient.
What is the name of Google’s model that shifted access controls from the perimeter to individual devices and users?
BeyondCorp.
What does the BeyondCorp model allow users to do?
Work securely from any untrusted network.
Which report published in 2018 extended the original Zero Trust model?
Zero Trust eXtended (ZTX) Ecosystem report.
What does the Zero Trust eXtended (ZTX) Ecosystem report encompass?
The original model was extended beyond its network focus to encompass today’s ever-expanding attack surface.
When did NIST announce the final publication of Special Publication (SP) 800-207?
August 2020.
What does Special Publication (SP) 800-207 discuss?
Core logical components of Zero Trust Architecture.
True or False: The Zero Trust model is static and does not evolve.
False.
