Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security + (SY0-701) > Section 2.16 Zero Trust > Flashcards

Section 2.16 Zero Trust Flashcards

1
Q

What is it and what is the goal? TSR & UDT

Zero Trust

A

Demands verification for every device, user and transaction regardless of its origin

The goal is to achiecve Threat Scope Reduction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

To create a zero trust architecture we must use 2 planes.

Control Plane vs Data Plane

A

Control Plane: The communication used to control and configure a network take place on the Control Plane

Data Plane: The communications used by end users and software to communicate with eachother take place on the Data Plane. The Data Plane contains all of the systems that carry out the work of the organisation

Seperating the control and data plane reduces the likelhood of an attacker being able to reconfigure the network by accessing the control plane

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

2 key elements

Control plane elements

A
  1. Policy Engine: Decides whether to grant access to a resource for a given subject. The Policy Engine uses enterprise policy to grant, deny or revoke access to the resource
  2. Policy Administator: Responsible for communicating the desicion made by the Policy Engine to the tools on the network that enforce the desicions, known as the Policy Enforcement Point
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

4 elements

Data Plane elements

SSEP

A

Data Plane contains all of the systems that carry out the work of the organisation. The core elements are…

  1. Subject: User who wants to access a reosurce
  2. Sytem: The system used by the user to access the resource
  3. Enterprise Resource: User wants to access a file, server or service
  4. Policy Enforcement Point: Determines whether to allow access - this is the only system that crosses both the control and data plane as it must recieve the instructions from the Policy Administrator to enforce it on the data plane
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Policy Desicion Point

A

Together Policy Engine and Policy Administator are known as Policy Desicion Point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Secure Access Service Edge (SASE)

A

Closely realted to Zero Trust that brings together networking and security functions - delivers them as an integrated cloud service.

Adds more security measures such as Intrustion Prevention Systems and Data Loss Prevention etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security + (SY0-701) (238 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions